Security research, threat analysis, and decentralized intelligence insights from our research team.
Your security tools might have missed this one. DDoSAgent is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThat email attachment your coworker just opened? It's copying every password they've ever saved. Right now. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreIt's open-source on GitHub. It's also on thousands of infected machines right now, giving attackers full remote control. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Cobalt Strike is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThat 'free software' download just exfiltrated every password, cookie, and autofill entry on your machine in under 5 seconds. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreOpen-source. Free. And in the hands of thousands of attackers who use it to watch your every move through your own webcam. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreFor $58 on a hacking forum, anyone can buy full remote control of your computer. Camera, keyboard, files — everything. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreIt doesn't steal your data — it opens the door for everything else. Ransomware, stealers, miners. This loader delivers them all. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreAn attacker is reading your keystrokes, watching your screen, and downloading your files. The RAT that infected you cost $25. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreSomeone on your team opened an Excel file 10 minutes ago. Their browser passwords, email credentials, and keystrokes are already being sent to a server in Eastern Europe. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour home router might be attacking websites right now and you'd never know. Millions are already compromised. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. PhantomStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. XoriumStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. GuLoader is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. RustyStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Gafgyt is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. LimeRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. ValleyRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThat email attachment your coworker just opened? It's copying every password they've ever saved. Right now. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreAn attacker is reading your keystrokes, watching your screen, and downloading your files. The RAT that infected you cost $25. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. CountLoader is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. ConnectWise is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour home router might be attacking websites right now and you'd never know. Millions are already compromised. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreOpen-source. Free. And in the hands of thousands of attackers who use it to watch your every move through your own webcam. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Smoke Loader is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThat 'free software' download just exfiltrated every password, cookie, and autofill entry on your machine in under 5 seconds. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreIt doesn't steal your data — it opens the door for everything else. Ransomware, stealers, miners. This loader delivers them all. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. WeedHack is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreSomeone on your team opened an Excel file 10 minutes ago. Their browser passwords, email credentials, and keystrokes are already being sent to a server in Eastern Europe. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. RustyStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreFor $58 on a hacking forum, anyone can buy full remote control of your computer. Camera, keyboard, files — everything. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. SnappyClient is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour CPU is at 100% and your electric bill spiked. Someone is mining crypto on your machine and keeping the profit. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreBuilt in 2013. Still infecting machines in 2026. This RAT refuses to die because it still works. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. ConnectWise is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Gafgyt is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. DarkComet is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Socks5Systemz is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour home router might be attacking websites right now and you'd never know. Millions are already compromised. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreAttackers drained $292M in rsETH from Kelp DAO via a LayerZero bridge exploit, triggering $9B in outflows from Aave. Plain-English breakdown of how the bridge was broken and what it means if you hold any yield-bearing wrapper token.
Read MoreYour security tools might have missed this one. ValleyRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Gh0stRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThat 'free software' download just exfiltrated every password, cookie, and autofill entry on your machine in under 5 seconds. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreFor $58 on a hacking forum, anyone can buy full remote control of your computer. Camera, keyboard, files — everything. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. DattoRMM is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. SantaStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. DiscordRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Smoke Loader is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. RatonRAT is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYou downloaded one file. In the background, it silently installed three more programs you never asked for. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. SalatStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. RustyStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour home router might be attacking websites right now and you'd never know. Millions are already compromised. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. Expiro is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. CVE-2026-39337 is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreOpen-source. Free. And in the hands of thousands of attackers who use it to watch your every move through your own webcam. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreYour security tools might have missed this one. ACRStealer is actively targeting networks right now — here's what you need to know before it hits yours. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreWhat CVE-2026-34208 is, how it works, and how to defend against it. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreA commodity stealer hiding in phishing attachments. Here's the full picture. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreWhat Supply Chain Attack is, how it works, and how to defend against it. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreAn info-stealer that doubles as a loader. Full breakdown inside. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreWhat ConnectWise is, how it works, and how to defend against it. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreA modular RAT that's been around for years and keeps evolving. Latest tricks inside. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThe most prolific credential stealer of the year. Here's how to catch it. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreCryptojacking malware quietly burning your electricity and CPU. Here's how to detect it. Full IOCs, attack chain, and defensive guidance from ThreatChain Research.
Read MoreThreatChain's weekly roundup of the cybersecurity landscape. Critical CVEs, emerging malware trends, and what to patch this week.
Read MoreThreatChain's weekly roundup of the cybersecurity landscape. Critical CVEs, emerging malware trends, and what to patch this week.
Read MoreIn-depth analysis of the Mirai malware family from the ThreatChain research team. Full IOCs, attack chain breakdown, and defensive recommendations.
Read MoreIn-depth analysis of the OffLoader malware family from the ThreatChain research team. Full IOCs, attack chain breakdown, and defensive recommendations.
Read MoreA new wave of Mirai-based malware is actively compromising routers, cameras, and DVRs worldwide. Fresh samples uploaded to MalwareBazaar today target ARM and x86 IoT devices via CVE-2024-6047 command injection in GeoVision hardware. Full IOCs, attack chain analysis, and defensive recommendations inside.
Read MoreDownloaded a suspicious file? Before you open it, here is exactly how to check whether it is malicious using free hash-based detection, VirusTotal, and ThreatChain's decentralized threat database of 2.6 million known threats.
Read MoreBefore you send crypto to any address, learn how to verify it is legitimate. We cover wallet scam tactics, red flags to spot, and how to use ThreatChain's database of 2,530 known scam wallets to protect yourself.
Read MoreFrom the Bybit breach to the Radiant Capital exploit, we break down the largest crypto hacks of 2025-2026, explain how each happened in plain language, and show you how to check if your funds were affected.
Read MoreThreat intelligence is how organizations stay ahead of attackers. This guide explains the four types, where data comes from, and why decentralized community-driven platforms like ThreatChain are changing the game.
Read MoreSecurity researchers can now earn real crypto by submitting threat intelligence. Learn how the $THREAT token works, what you earn per submission, and how to become a validator staking 10K tokens.
Read More