Malware News
前往频道在 Telegram
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ... Partner channel: @cveNotify For ads: https://telega.io/c/malwr
显示更多📈 Telegram 频道 Malware News 的分析概览
频道 Malware News (@malwr) 英语 语言赛道中的 是活跃参与者。目前社区聚集了 14 903 名订阅者,在 技术与应用 类别中位列第 8 651,并在 美国 地区排名第 2 551 位。
📊 受众指标与增长动态
自 невідомо 创建以来,项目保持高速增长,吸引了 14 903 名订阅者。
根据 30 六月, 2026 的最新数据,频道保持稳定运转。过去 30 天订阅人数变化为 672,过去 24 小时变化为 28,整体触达仍然可观。
- 认证状态: 未认证
- 互动率 (ER): 平均受众互动率为 4.46%。内容发布后 24 小时内通常能获得 2.46% 的反应,占订阅者总量。
- 帖子覆盖: 每篇帖子平均可获得 665 次浏览,首日通常累积 366 次浏览。
- 互动与反馈: 受众积极参与,单帖平均反应数为 1。
- 主题关注点: 内容集中在 threat, kernel, cve-2025, actor, attack 等核心主题上。
📝 描述与内容策略
作者将该频道定位为表达主观观点的平台:
“The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
For ads: https://telega.io/c/malwr”
凭借高频更新(最新数据采集于 01 七月, 2026),频道始终保持新鲜度与高覆盖。分析显示受众积极互动,使其成为 技术与应用 类别中的关键影响点。
14 903
订阅者
+2824 小时
+1737 天
+67230 天
数据加载中...
吸引订阅者
七月 '26
七月 '26
+5
在0个频道中
六月 '26
+700
在0个频道中
Get PRO
五月 '26
+637
在0个频道中
Get PRO
四月 '26
+476
在1个频道中
Get PRO
三月 '26
+257
在0个频道中
Get PRO
二月 '26
+324
在1个频道中
Get PRO
一月 '26
+348
在0个频道中
Get PRO
十二月 '25
+397
在0个频道中
Get PRO
十一月 '25
+412
在0个频道中
Get PRO
十月 '25
+188
在0个频道中
Get PRO
九月 '25
+95
在2个频道中
Get PRO
八月 '25
+45
在0个频道中
Get PRO
七月 '25
+51
在0个频道中
Get PRO
六月 '25
+46
在1个频道中
Get PRO
五月 '25
+31
在1个频道中
Get PRO
四月 '25
+56
在0个频道中
Get PRO
三月 '25
+22
在0个频道中
Get PRO
二月 '25
+36
在0个频道中
Get PRO
一月 '25
+34
在1个频道中
Get PRO
十二月 '24
+457
在0个频道中
Get PRO
十一月 '24
+1 858
在3个频道中
Get PRO
十月 '24
+980
在0个频道中
Get PRO
九月 '24
+1 070
在1个频道中
Get PRO
八月 '24
+957
在2个频道中
Get PRO
七月 '24
+611
在1个频道中
Get PRO
六月 '24
+483
在0个频道中
Get PRO
五月 '24
+637
在0个频道中
Get PRO
四月 '24
+640
在1个频道中
Get PRO
三月 '24
+806
在2个频道中
Get PRO
二月 '24
+521
在1个频道中
Get PRO
一月 '24
+293
在0个频道中
Get PRO
十二月 '23
+361
在2个频道中
Get PRO
十一月 '23
+85
在2个频道中
Get PRO
十月 '23
+86
在1个频道中
Get PRO
九月 '23
+97
在0个频道中
Get PRO
八月 '23
+85
在0个频道中
Get PRO
七月 '23
+63
在0个频道中
Get PRO
六月 '23
+77
在0个频道中
Get PRO
五月 '23
+65
在0个频道中
Get PRO
四月 '23
+75
在0个频道中
Get PRO
三月 '23
+75
在0个频道中
Get PRO
二月 '23
+38
在0个频道中
Get PRO
一月 '23
+63
在0个频道中
Get PRO
十二月 '22
+99
在0个频道中
Get PRO
十一月 '22
+70
在0个频道中
Get PRO
十月 '22
+101
在0个频道中
Get PRO
九月 '22
+165
在0个频道中
Get PRO
八月 '22
+986
在0个频道中
Get PRO
七月 '22
+27
在0个频道中
Get PRO
六月 '22
+31
在0个频道中
Get PRO
五月 '22
+63
在0个频道中
Get PRO
四月 '22
+72
在0个频道中
Get PRO
三月 '22
+74
在0个频道中
Get PRO
二月 '22
+43
在0个频道中
Get PRO
一月 '22
+112
在0个频道中
Get PRO
十二月 '21
+99
在0个频道中
Get PRO
十一月 '21
+42
在0个频道中
Get PRO
十月 '21
+34
在0个频道中
Get PRO
九月 '21
+36
在0个频道中
Get PRO
八月 '21
+48
在0个频道中
Get PRO
七月 '21
+95
在0个频道中
Get PRO
六月 '21
+77
在0个频道中
Get PRO
五月 '21
+11
在0个频道中
Get PRO
四月 '21
+39
在0个频道中
Get PRO
三月 '21
+28
在0个频道中
Get PRO
二月 '21
+40
在0个频道中
Get PRO
一月 '21
+54
在0个频道中
Get PRO
十二月 '20
+938
在0个频道中
| 日期 | 订阅者增长 | 提及 | 频道 | |
| 01 七月 | +5 |
频道帖子
TuncorReUnion/TLAC-MODERN-LOCAL-ANTI-CHEAT-REUNIONED: This Anti-Cheat is local server based and fully open source. it's user space
https://github.com/TuncorReUnion/TLAC-MODERN-LOCAL-ANTI-CHEAT-REUNIONED
🎖@malwr
| 2 | Chaelsoo/Hollow
https://github.com/Chaelsoo/Hollow
hollow is a shellcode loader generator. You give it a raw shellcode binary and a profile, and it spits out a compiled Windows PE loader with your shellcode encrypted inside.
🎖@malwr | 243 |
| 3 | Mustang Panda targets India's government and energy sectors with ZOHOMURK and MINIRECON
Acronis Threat Research Unit (TRU) has been tracking two concurrent campaigns orchestrated by Mustang Panda targeting Indian government entities, delivering new malware implants and abusing Zoho WorkDrive, a legitimate cloud storage platform commonly used in the Indian government sector.
https://www.acronis.com/en/tru/posts/mustang-panda-targets-indias-government-and-energy-sectors/
🎖@malwr | 331 |
| 4 | TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry
In this blog entry, TrendAI™ Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com, detailing the victims, attack techniques used, and characteristics of the malware involved.
https://www.trendmicro.com/en_us/research/26/f/tonresolver.html
🎖@malwr | 271 |
| 5 | Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037)
Welcome back to another watchTowr Labs blog post.
This time, we're looking at Progress Kemp LoadMaster, a load balancer that sits at the edge of a lot of enterprise networks. Edge appliances have a habit of becoming the way in rather than the thing keeping people out, and CVE-
https://labs.watchtowr.com/enterprise-tech-in-shell-out-progress-kemp-loadmaster-uninitialized-heap-to-pre-auth-rce-cve-2026-8037/
🎖@malwr | 261 |
| 6 | Anatomy of a WHQL-Signed Windows Filtering Platform (WFP) Kernel-Resident Network Backdoor - Nextron Systems
https://www.nextron-systems.com/2026/06/26/anatomy-of-a-whql-signed-windows-filtering-platform-wfp-kernel-resident-network-backdoor/
🎖@malwr | 250 |
| 7 | Adham504/iocforge: An advanced, production-ready Threat Intelligence utility that extracts Indicators of Compromise (IoCs) from many file formats, removes false positives, enriches them with live Threat Intelligence APIs, and produces rich JSON / CSV / HTML / summary reports.
https://github.com/Adham504/iocforge
🎖@malwr | 440 |
| 8 | dantiicu/wine-nx: Experimental Wine runtime for Nintendo Switch: AArch64 Windows PE loading, Horizon/libnx integration, win32u USER/GDI bring-up, software framebuffer display, touch input, and early Notepad GUI support.
https://github.com/dantiicu/wine-nx
🎖@malwr | 472 |
| 9 | zenniskayy2k4/xAI-in-Malware-Detection: An AI-Powered Malware Detection Framework with MCP Integration
https://github.com/zenniskayy2k4/xAI-in-Malware-Detection
🎖@malwr | 503 |
| 10 | manikandantn68/window-persistence-Privilege-Escalation: A complete hands-on reference of 46 Windows persistence techniques used by real-world APT groups. Each technique includes MITRE ATT&CK TTP mapping, known threat actor attribution, attack commands, verification steps, and cleanup — organized from No-Admin to Admin level. Built for red teamers, malware analysts, and cybersecurity learners.
https://github.com/manikandantn68/window-persistence-Privilege-Escalation
🎖@malwr | 447 |
| 11 | Ethan-Andrews/Exploitarium-Detections: KQL detection rules for Microsoft Sentinel and Defender XDR covering the bikini/exploitarium anonymous disclosure — a personal research archive of 15 distinct vulnerability targets across 109 tracked files, released without vendor notification on June 23, 2026.
https://github.com/Ethan-Andrews/Exploitarium-Detections
🎖@malwr | 404 |
| 12 | diabloidyobane/BlindSpot: Reverse engineering a manually-mapped commercial cheat DLL in The Division 2. Documents the pe-sieve enumeration Blindspot (MEM_PRIVATE + header wiping). Anti-cheat safe — read-only Windows APIs only, no debugger, no injection. Pure Python. Includes the reconstructed PE, IDA database, scripts, and an academic paper of the workflow.
https://github.com/diabloidyobane/BlindSpot
🎖@malwr | 506 |
| 13 | Dissecting Apple's Sparse Image Format (ASIF) | schamper.dev
At WWDC 2025, Apple announced macOS 26 Tahoe. One of the new features in macOS Tahoe is a new disk image format: ASIF. Designed for use with virtual machines (its documentation lives under the Virtualization framework), ASIF takes a lot of inspiration from existing virtual disk formats. Practically, that means it’s another sparse virtual disk format, and functions very similar to sparse VMDK, VHDX or QCOW2 files (for the uninitiated, it allow you to store a large disk, or file, in a smaller, “sparse” manner).
https://schamper.dev/dissecting-apples-sparse-image-format-asif/
🎖@malwr | 504 |
| 14 | licitrasimone/CrystalSliver: Crystal Palace Evasion kit for Sliver
https://github.com/licitrasimone/CrystalSliver
🎖@malwr | 504 |
| 15 | 28Zaaky/khaos-c2: KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.
https://github.com/28Zaaky/khaos-c2
🎖@malwr | 505 |
| 16 | diabloidyobane/DriverScope: Static BYOVD hunting pipeline for Windows kernel drivers. Imports + IOCTL dispatch extraction (Capstone), cross-references LOLDrivers/MS Blocklist/KDU/VirusTotal, surfaces novel zero-day candidates. C++ comm-header generator for runtime validation. Pairs with Claude for triage.
https://github.com/diabloidyobane/DriverScope
🎖@malwr | 525 |
| 17 | heavener: This is what happens when you can't afford EDR licenses
A modular engine that runs real vendor detection logic from reverse-engineered EDR components against live or replayed Windows telemetry.
https://blog.otterpwn.com/projects/heavener
🎖@malwr | 581 |
| 18 | andreicscs/HoneyWire: HoneyWire: The Open-Source, Unlimited Deception Platform. Turn any Linux machine into an enterprise-grade canary in 60 seconds.
https://github.com/andreicscs/HoneyWire
HoneyWire is a lightweight, Distributed High-Signal Security Early-Warning System Builder, designed for internal networks. It leverages its architecture and UX to make it incredibly easy to build a new Cyber Canary server or deploy HoneyWires on existing ones. Using deception technology, it replaces the "magnifying glass" approach of traditional SIEMs which often drown analysts in false positives by surveilling legitimate traffic with a High-Fidelity Tripwire model.
🎖@malwr | 714 |
| 19 | orloxgr/ClamShield: Windows security UI for ClamAV/YARA with real-time shield, scheduled scans, SecuriteInfo/SaneSecurity signatures, DNS protection, quarantine, VirusTotal checks, and auto-updates.
https://github.com/orloxgr/ClamShield
🎖@malwr | 598 |
| 20 | Harnessing the Power of Cobalt Strike Profiles for EDR Evasion – Part 3 | White Knight Labs
This blog post is a continuation of the previous entry “Harnessing the Power of Cobalt Strike Profiles for EDR Evasion“ and its follow-up, Part 2. Following
https://whiteknightlabs.com/2026/06/15/harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion-part-3/
🎖@malwr | 554 |
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
