Articles, Attacks, Hacking, News, Threat Research, , , , ,
Cyber Security Threat Research

Fortinet Threat Research

Fortinet Threat Research.

FortiGuard Labs Threat Research Official blog feed of Fortinet

  • Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign
    on April 17, 2026 at 1:00 pm

    TBK DVRs targeted by Nexcorium: exploiting, persisting, brute-force attacks, and multi-architecture Mirai-style DDoS in a single campaign. From CVE-2024-3721 exploitation to CVE-2017-17215 reuse, this botnet demonstrates how quickly IoT threats continue to evolve.      

  • DPRK-Related Campaigns with LNK and GitHub C2
    on April 2, 2026 at 1:00 pm

    Analysis of DPRK-linked LNK-based attacks using GitHub as covert C2 infrastructure, detailing multi-stage PowerShell execution, persistence mechanisms, and data exfiltration techniques targeting Windows environments.      

  • Cyber Fallout After the Strikes: Signal, Noise, and What Comes Next
    on March 4, 2026 at 5:00 pm

    Following U.S.-Israeli strikes on Iran, FortiGuard Labs has not yet observed large-scale cyber retaliation. However, we observed that regional cyber activity is rising. Organizations should take action to strengthen cyber hygiene, rotate credentials, and reduce exposure.      

  • Unmasking Agent Tesla: A Deep Dive into a Multi-Stage Campaign
    on February 25, 2026 at 2:00 pm

    FortiGuard Labs provides a technical breakdown of a multi-stage Agent Tesla campaign, from phishing and encrypted scripts to in-memory execution, process hollowing, and data exfiltration      

  • Massive Winos 4.0 Campaigns Target Taiwan
    on February 20, 2026 at 2:00 pm

    FortiGuard Labs analyzes Winos 4.0 (ValleyRat) campaigns targeting Taiwan, detailing phishing lures, DLL sideloading, BYOVD abuse, and evolving attacker infrastructure      

  • Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails
    on February 10, 2026 at 2:00 pm

    FortiGuard Labs details a new XWorm RAT campaign using multi-language phishing emails, Excel exploits (CVE-2018-0802), HTA execution, and fileless .NET techniques to gain full remote control of Windows systems      

  • Interlock Ransomware: New Techniques, Same Old Tricks
    on January 29, 2026 at 2:00 pm

    An in-depth analysis of an Interlock ransomware intrusion, detailing new malware tooling, defense evasion techniques, and high-ROI detection strategies.      

  • Unveiling the Weaponized Web Shell EncystPHP
    on January 28, 2026 at 2:00 pm

    FortiGuard Labs analyzes EncystPHP, a stealthy web shell exploiting CVE-2025-64328 in FreePBX environments to enable remote command execution, persistence, and long-term system compromise      

  • Inside a Multi-Stage Windows Malware Campaign
    on January 20, 2026 at 2:00 pm

    FortiGuard Labs analysis of a multi-stage Windows malware campaign that abuses trusted platforms to disable defenses, deploy RATs, and deliver ransomware.      

  • New Remcos Campaign Distributed Through Fake Shipping Document
    on January 14, 2026 at 2:00 pm

    FortiGuard Labs analyzes a phishing campaign delivering a fileless Remcos RAT via malicious Word templates, CVE-2017-11882 exploitation, and in-memory execution.      

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.