Home

Blog

Jun 2025

Threat Hunting Blog

Threat Hunting Blog

Threat Hunting Blog

Check out our latest threat hunting articles, tips and stories

Check out our latest threat hunting articles, tips and stories

Check out our latest threat hunting articles, tips and stories

Threat Hunting at Scale: Explore 10.6B URLs to Find Payloads, C2s, and Exposed Assets with URLx
Jun 26, 2025

Threat Hunting Across 10.6B URLs: Find Payloads, C2s, and Exposed Assets with URLx

Explore 10.6B structured URLs with URLx. Find malware payloads, C2 paths, phishing campaigns, and exposed assets, fast.

Threat Research

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability
Jun 25, 2025

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability

Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.

Product News

Cobalt Strike PowerShell Loader Found on Chinese and Russian Infrastructure
Jun 19, 2025

Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure

Our threat hunters uncovered a PowerShell loader hosted by Chinese and Russian providers, linked to active Cobalt Strike infrastructure.

Threat Research

Fast and Curious: Red Teaming, Race Cars, and Hunt.io with Justin Elze
Jun 17, 2025

Fast and Curious: From Red Teams to Race Cars A Conversation with TrustedSec CTO Justin Elze

TrustedSec CTO Justin Elze shares red teaming insights, offensive tooling tips, and how he uses Hunt.io and AttackCapture™, plus his passion for race car data.

Threat Research

Introducing Hunt 2.2: AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more
Jun 12, 2025

Introducing Hunt 2.2 AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more

Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.

Product News

Paste.ee Abuse Uncovered: XWorm & AsyncRAT Infrastructure
Jun 5, 2025

Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure

See how attackers abuse paste.ee to deliver XWorm and AsyncRAT, using obfuscated scripts and globally distributed C2 infrastructure.

Threat Research

Threat Hunting at Scale: Explore 10.6B URLs to Find Payloads, C2s, and Exposed Assets with URLx
Jun 26, 2025

Threat Hunting Across 10.6B URLs: Find Payloads, C2s, and Exposed Assets with URLx

Explore 10.6B structured URLs with URLx. Find malware payloads, C2 paths, phishing campaigns, and exposed assets, fast.

Threat Research

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability
Jun 25, 2025

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability

Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.

Product News

Cobalt Strike PowerShell Loader Found on Chinese and Russian Infrastructure
Jun 19, 2025

Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure

Our threat hunters uncovered a PowerShell loader hosted by Chinese and Russian providers, linked to active Cobalt Strike infrastructure.

Threat Research

Fast and Curious: Red Teaming, Race Cars, and Hunt.io with Justin Elze
Jun 17, 2025

Fast and Curious: From Red Teams to Race Cars A Conversation with TrustedSec CTO Justin Elze

TrustedSec CTO Justin Elze shares red teaming insights, offensive tooling tips, and how he uses Hunt.io and AttackCapture™, plus his passion for race car data.

Threat Research

Introducing Hunt 2.2: AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more
Jun 12, 2025

Introducing Hunt 2.2 AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more

Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.

Product News

Paste.ee Abuse Uncovered: XWorm & AsyncRAT Infrastructure
Jun 5, 2025

Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure

See how attackers abuse paste.ee to deliver XWorm and AsyncRAT, using obfuscated scripts and globally distributed C2 infrastructure.

Threat Research

Threat Hunting at Scale: Explore 10.6B URLs to Find Payloads, C2s, and Exposed Assets with URLx
Jun 26, 2025

Threat Hunting Across 10.6B URLs: Find Payloads, C2s, and Exposed Assets with URLx

Explore 10.6B structured URLs with URLx. Find malware payloads, C2 paths, phishing campaigns, and exposed assets, fast.

Threat Research

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability
Jun 25, 2025

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability

Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.

Product News

Cobalt Strike PowerShell Loader Found on Chinese and Russian Infrastructure
Jun 19, 2025

Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure

Our threat hunters uncovered a PowerShell loader hosted by Chinese and Russian providers, linked to active Cobalt Strike infrastructure.

Threat Research

Fast and Curious: Red Teaming, Race Cars, and Hunt.io with Justin Elze
Jun 17, 2025

Fast and Curious: From Red Teams to Race Cars A Conversation with TrustedSec CTO Justin Elze

TrustedSec CTO Justin Elze shares red teaming insights, offensive tooling tips, and how he uses Hunt.io and AttackCapture™, plus his passion for race car data.

Threat Research

Introducing Hunt 2.2: AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more
Jun 12, 2025

Introducing Hunt 2.2 AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more

Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.

Product News

Paste.ee Abuse Uncovered: XWorm & AsyncRAT Infrastructure
Jun 5, 2025

Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure

See how attackers abuse paste.ee to deliver XWorm and AsyncRAT, using obfuscated scripts and globally distributed C2 infrastructure.

Threat Research

Threat Hunting at Scale: Explore 10.6B URLs to Find Payloads, C2s, and Exposed Assets with URLx
Jun 26, 2025

Threat Hunting Across 10.6B URLs: Find Payloads, C2s, and Exposed Assets with URLx

Explore 10.6B structured URLs with URLx. Find malware payloads, C2 paths, phishing campaigns, and exposed assets, fast.

Threat Research

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability
Jun 25, 2025

Announcing Hunt 2.3: Improved Threat Hunting Experience & SSO Availability

Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.

Product News

Cobalt Strike PowerShell Loader Found on Chinese and Russian Infrastructure
Jun 19, 2025

Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure

Our threat hunters uncovered a PowerShell loader hosted by Chinese and Russian providers, linked to active Cobalt Strike infrastructure.

Threat Research

Fast and Curious: Red Teaming, Race Cars, and Hunt.io with Justin Elze
Jun 17, 2025

Fast and Curious: From Red Teams to Race Cars A Conversation with TrustedSec CTO Justin Elze

TrustedSec CTO Justin Elze shares red teaming insights, offensive tooling tips, and how he uses Hunt.io and AttackCapture™, plus his passion for race car data.

Threat Research

Introducing Hunt 2.2: AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more
Jun 12, 2025

Introducing Hunt 2.2 AttackCapture™ Zip Extraction, Smarter SQL, IP History Consolidation, and more

Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.

Product News

Paste.ee Abuse Uncovered: XWorm & AsyncRAT Infrastructure
Jun 5, 2025

Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure

See how attackers abuse paste.ee to deliver XWorm and AsyncRAT, using obfuscated scripts and globally distributed C2 infrastructure.

Threat Research

Page 1 / 10

Previous
Next

Categories :

Categories :

Categories :

All
Threat Research
Product News
All
Threat Research
Product News

Archives :

Archives :

Archives :

Jul 2025

3

Jul 2025

3

Jul 2025

3

Jun 2025

6

Jun 2025

6

Jun 2025

6

May 2025

5

May 2025

5

May 2025

5

Apr 2025

7

Apr 2025

7

Apr 2025

7

Mar 2025

7

Mar 2025

7

Mar 2025

7

Feb 2025

7

Feb 2025

7

Feb 2025

7

Jan 2025

7

Jan 2025

7

Jan 2025

7

Dec 2024

5

Dec 2024

5

Dec 2024

5

Nov 2024

6

Nov 2024

6

Nov 2024

6

Oct 2024

9

Oct 2024

9

Oct 2024

9

Sep 2024

4

Sep 2024

4

Sep 2024

4

Aug 2024

4

Aug 2024

4

Aug 2024

4

Jul 2024

5

Jul 2024

5

Jul 2024

5

Jun 2024

7

Jun 2024

7

Jun 2024

7

May 2024

4

May 2024

4

May 2024

4

Apr 2024

4

Apr 2024

4

Apr 2024

4

Mar 2024

5

Mar 2024

5

Mar 2024

5

Feb 2024

5

Feb 2024

5

Feb 2024

5

Jan 2024

3

Jan 2024

3

Jan 2024

3

Nov 2023

1

Nov 2023

1

Nov 2023

1

Oct 2023

3

Oct 2023

3

Oct 2023

3

Sep 2023

3

Sep 2023

3

Sep 2023

3

Aug 2023

2

Aug 2023

2

Aug 2023

2

Get biweekly intelligence to hunt adversaries before they strike.

Threat Hunting Blog: Latest Threat Intelligence Research

Threat Hunting Platform

Products

Web Interface

Feeds

Enrichment API

Features

AttackCapture™

HuntSQL™

C2 Detection

IOC Hunter

Phishing Infrastructure

Resources

Blog

Change Log

Support Docs

Integrations

Malware Families

Glossary

Company

About Us

Use Cases

Testimonials

OEM Partners

Contact Us

Latest News

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Jul 17, 2025

Announcing Hunt 2.4 Smarter Data and Better Views

Announcing Hunt 2.4 Smarter Data and Better Views

Jul 15, 2025

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Jul 8, 2025

©2025

Hunt Intelligence, Inc.

Terms & Conditions

|

Privacy Policy

Get biweekly intelligence to hunt adversaries before they strike.

Threat Hunting Blog: Latest Threat Intelligence Research

Threat Hunting Platform

Products

Web Interface

Feeds

Enrichment API

Features

AttackCapture™

HuntSQL™

C2 Detection

IOC Hunter

Phishing Infrastructure

Resources

Blog

Change Log

Support Docs

Integrations

Malware Families

Glossary

Company

About Us

Use Cases

Testimonials

OEM Partners

Contact Us

Latest News

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Jul 17, 2025

Announcing Hunt 2.4 Smarter Data and Better Views

Announcing Hunt 2.4 Smarter Data and Better Views

Jul 15, 2025

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Jul 8, 2025

©2025

Hunt Intelligence, Inc.

Terms & Conditions

|

Privacy Policy

Get biweekly intelligence to hunt adversaries before they strike.

Threat Hunting Blog: Latest Threat Intelligence Research

Threat Hunting Platform

Products

Web Interface

Feeds

Enrichment API

Features

AttackCapture™

HuntSQL™

C2 Detection

IOC Hunter

Phishing Infrastructure

Resources

Blog

Change Log

Support Docs

Integrations

Malware Families

Glossary

Company

About Us

Use Cases

Testimonials

OEM Partners

Contact Us

Latest News

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Widespread gov.br Subdomain Abuse: 630k+ URLs Leveraged for Black Hat SEO Redirects

Jul 17, 2025

Announcing Hunt 2.4 Smarter Data and Better Views

Announcing Hunt 2.4 Smarter Data and Better Views

Jul 15, 2025

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Eggs, Alerts, and Adversaries: Talking with Jose Hernandez from Splunk

Jul 8, 2025

©2025

Hunt Intelligence, Inc.

Terms & Conditions

|

Privacy Policy