Threat research notebook
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
291 lab recordsA new macOS malware campaign is targeting users through social engineering, masquerading as legitimate Cloudflare security verification. The Odyssey Stealer represents a significant escalation in Mac-targeted cybercrime, combining deceptive web pages with AppleScript-based data...
For Minecraft Gamers: MaxCoffe masquerading as a Minecraft performance enhancer! MaksStealer is an information-stealing trojan targeting...
What is Almoristics Application? Almoristics Application is not a normal Windows component. Users usually investigate it...
Fake account verification scams push users to confirm passwords, codes, payment details, or identity data through...
The "0.31 BTC Xprobit ELON31 Promo code" promising 0.31 BTC is a scam, designed to deceive users into depositing funds they cannot withdraw. Xprobit.com,...
“Someone Entered Correct Password For Your Account” is a phishing email scam. The message pretends to be a security alert and says someone used...
PE32 Ransomware is a recently discovered malware strain that encrypts your files and asks for payment to unlock them. Victims can recognize the files...
What is AggregatorHost.exe in Task Manager? AggregatorHost.exe, sometimes searched as Microsoft Aggregator Host, is usually a legitimate Windows background process when it runs from...
Remember when we used to worry about viruses that just crashed your computer? Those were simpler times. In 2025, cybercriminals prefer to steal your...
Virus:Win32/Expiro is a serious Microsoft Defender detection because Expiro is a file-infector family. Unlike a simple PUA alert, Expiro can infect executable files and...
Slopsquatting is a new type of cyber threat that takes advantage of mistakes made by AI coding tools, particularly LLMs that can "hallucinate". In...
SnapeDex.com claims to be a cryptocurrency exchange offering free Bitcoin, but there are significant concerns about its legitimacy. However, this site is designed to...
Trojan:Win32/Wacatac is a Defender family name for Windows trojans and droppers. Verify the file, quarantine it, and check startup, scheduled tasks, browsers, and recent...
D0glun Ransomware: Technical Analysis and Protection Guide D0glun ransomware emerged in January 2025 as a new crypto-ransomware variant with direct links to the Babuk...
GorillaBot is a sophisticated botnet malware that has been making headlines for its aggressive DDoS attacks. Building on the infamous Mirai botnet framework, this...
Gotexcoin appears to be a fraudulent cryptocurrency platform that lures users with promises of free Bitcoin, specifically 0.31 BTC XLord promo code, often linked...
The FBI Denver Field Office has warned about a growing scam involving free online file converter tools, which appears to be a significant cybersecurity...
HackTool:Win64/GameHack!rfn is a Windows Defender detection for potentially dangerous game cheating software. Beyond their advertised functionality, these tools often contain hidden malicious features that...
$34.6 million in cryptocurrency could be at risk from StilachiRAT, a complex remote access trojan first detected by Microsoft Incident Response in November 2024....
Researchers have discovered a non-obvious tactic in which attackers use steganography. While classic tactics rely on obfuscation and encryption, this method uses plain images...
