Look up signals and intelligence for any entity
30d signal volume
A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware. This type of attack leverages trusted development infrastructure to distribute malicious code to multiple downstream users and organizations.
Campaign targets Chinese-speaking individuals using a trojanized SumatraPDF reader to deploy AdaptixC2 Beacon and facilitate remote access through Microsoft VS Code tunnels. Zscaler ThreatLabz attributed the campaign with high confidence to Tropic Trooper, a known APT group.
Cybersecurity researchers have discovered malicious apps on the Apple App Store impersonating cryptocurrency wallets to steal recovery phrases and private keys since fall 2025. These apps redirect users to spoofed App Store pages that distribute trojanized versions of legitimate wallets, according to Kaspersky research.