Discover Hunt.io's 2024 highlights: major product launches, innovations like AttackCapture™, C2 Feed, and Hunt SQL, and a look ahead to 2025.

Our latest analysis uncovers domains linked to the Oyster backdoor, revealing suspected Vanilla Tempest infrastructure and offering insights into server configuration patterns.

Learn how the 'Million OK!!!' HTTP response previously linked to Kimsuky has reappeared on new IPs and domains. This update provides the latest insights into evolving infrastructure, helping defenders stay informed on potential North Korean threat activity.

Discover how the MoqHao campaign leveraging iCloud and VK employs cross-platform tactics to steal credentials and distribute malicious APKs.

Uncover the infrastructure and learn how a unique watermark led to the discovery of Cobalt Strike 4.10 team servers impersonating well-known brands.

Learn how threat actors leverage open directories to deliver XWorm malware disguised as popular software, providing insight into their tactics.

Explore how DarkPeony's consistent use of certificates reveals ongoing infrastructure activity, indicating consistent operations across different regions.

Discover XenoRAT’s adoption of Excel XLL files and Confuser’s tactical shift from its usual methods, with our insights on adapting to evolving malware techniques.

Sliver C2 and Ligolo-ng join forces in a campaign likely targeting Y Combinator, revealing tactics and infrastructure aimed at the accelerator's network. Learn more.