ALL POSTS

Key Findings A new campaign is leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. The malicious repositories, often themed as development utilities or OSINT tools, contain code responsible for silently downloading and executing a remote HTA file. PyStoreRAT is a modular, multi-stage implant that can execute various payloads, including an information stealer known as Rhadamanthys.

Key Findings Operation Endgame, a global law enforcement operation, has taken down the core systems of three major online crime groups, including the Rhadamanthys infostealer, the VenomRAT remote control tool, and the Elysium botnet. The operation was coordinated by Europol and Eurojust, with the participation of law enforcement and judicial authorities from 11 countries, including Australia, Belgium, Canada, Denmark, France, Germany, Greece, Lithuania, the Netherlands, the U