Malware News

前往频道在 Telegram

The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ... Partner channel: @cveNotify For ads: https://telega.io/c/malwr

显示更多

美国2 561 技术与应用8 704...

📈 Telegram 频道 Malware News 的分析概览

频道 Malware News (@malwr) 英语语言赛道中的是活跃参与者。目前社区聚集了 14 825 名订阅者，在 技术与应用 类别中位列第 8 704，并在美国地区排名第 2 561 位。

📊 受众指标与增长动态

自 невідомо 创建以来，项目保持高速增长，吸引了 14 825 名订阅者。

根据 26 六月, 2026 的最新数据，频道保持稳定运转。过去 30 天订阅人数变化为 664，过去 24 小时变化为 31，整体触达仍然可观。

认证状态： 未认证
互动率 (ER)： 平均受众互动率为 4.27%。内容发布后 24 小时内通常能获得 2.37% 的反应，占订阅者总量。
帖子覆盖： 每篇帖子平均可获得 633 次浏览，首日通常累积 351 次浏览。
互动与反馈： 受众积极参与，单帖平均反应数为 1。
主题关注点： 内容集中在 threat, kernel, cve-2025, actor, attack 等核心主题上。

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台：
“The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ... Partner channel: @cveNotify For ads: https://telega.io/c/malwr”

凭借高频更新（最新数据采集于 27 六月, 2026），频道始终保持新鲜度与高覆盖。分析显示受众积极互动，使其成为 技术与应用 类别中的关键影响点。

14 825

订阅者

+3124 小时

+1977 天

+66430 天

633

帖子浏览量

~ 35124 小时

~ 44148 小时

4.27%

参与率

~ 5

每日帖子数

Ads index

beta

帖子存档

14 825

heavener: This is what happens when you can't afford EDR licenses A modular engine that runs real vendor detection logic from reverse-engineered EDR components against live or replayed Windows telemetry. https://blog.otterpwn.com/projects/heavener 🎖@malwr

14 825

andreicscs/HoneyWire: HoneyWire: The Open-Source, Unlimited Deception Platform. Turn any Linux machine into an enterprise-grade canary in 60 seconds. https://github.com/andreicscs/HoneyWire

HoneyWire is a lightweight, Distributed High-Signal Security Early-Warning System Builder, designed for internal networks. It leverages its architecture and UX to make it incredibly easy to build a new Cyber Canary server or deploy HoneyWires on existing ones. Using deception technology, it replaces the "magnifying glass" approach of traditional SIEMs which often drown analysts in false positives by surveilling legitimate traffic with a High-Fidelity Tripwire model.

🎖@malwr

14 825

orloxgr/ClamShield: Windows security UI for ClamAV/YARA with real-time shield, scheduled scans, SecuriteInfo/SaneSecurity signatures, DNS protection, quarantine, VirusTotal checks, and auto-updates. https://github.com/orloxgr/ClamShield 🎖@malwr

14 825

Harnessing the Power of Cobalt Strike Profiles for EDR Evasion – Part 3 | White Knight Labs This blog post is a continuation of the previous entry “Harnessing the Power of Cobalt Strike Profiles for EDR Evasion“ and its follow-up, Part 2. Following https://whiteknightlabs.com/2026/06/15/harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion-part-3/ 🎖@malwr

14 825

The Latest Addition to Turla’s Intelligence Gathering Apparatus | Google Cloud Blog Analysis of a backdoor, STOCKSTAY, that has been continually developed and deployed by the Russia-linked threat actor Turla. https://cloud.google.com/blog/topics/threat-intelligence/stockstay-turla-intelligence-gathering/ 🎖@malwr

14 825

Luma - the official Frida GUI Luma, the official Frida GUI. Interactive dynamic instrumentation for macOS, Windows, and Linux. https://luma.frida.re/ 🎖@malwr

14 825

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C infrastructure and exfiltrate stolen data https://www.welivesecurity.com/en/eset-research/gamaredon-2025-leveraging-tunnels-workers-dead-drops-new-alliances/ https://web-assets.esetstatic.com/wls/en/papers/white-papers/gamaredon-in-2025.pdf 🎖@malwr

14 825

Evaluating Mexico’s New Cybersecurity Plan Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA World Cup and beyond https://www.recordedfuture.com/research/mexico-new-cybersecurity-plan-evaluation https://assets.recordedfuture.com/insikt-report-pdfs/2026/cta-2026-0625.pdf 🎖@malwr

14 825

1689er/exclusion-auditor: Read-only NGAV/EDR exclusion risk and hygiene auditor (CrowdStrike-first, vendor-agnostic). https://github.com/1689er/exclusion-auditor 🎖@malwr

14 825

Ping32 RMM and ValleyRAT Fareed Radzi recently blogged about a malware campaign observed earlier in June by Kasperskys GReAT team. The malware campaign embedded malicious code in VBScripts, which were distributed through WhatsApp DMs. The VBScript then dropped the legitimate Remote Monitoring and Management (RMM) tool Manag... https://www.netresec.com/?page=Blog&month=2026-06&post=Ping32-RMM-and-ValleyRAT 🎖@malwr

14 825

Introduction to COM usage by Windows threats Component Object Model (COM) is a fundamental Windows technology used by legitimate applications for object activation, inter-process communication, automation and language-independent component reuse. Those same qualities make it useful to threat actors. https://blog.talosintelligence.com/introduction-to-com-usage-by-windows-threats/ 🎖@malwr

14 825

Hackmosphere/DefenderBypass: A guide to learning antivirus evasion https://github.com/hackmosphere/DefenderBypass 🎖@malwr

14 825

ESET takes part in Operation Endgame to disrupt Amadey and Stealc ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, infrastructure tracking, and affiliate-level insights. https://www.welivesecurity.com/en/eset-research/eset-takes-part-operation-endgame-disrupt-amadey-stealc/ 🎖@malwr

14 825

https://www.welivesecurity.com/en/eset-research/eset-takes-part-operation-endgame-disrupt-amadey-stealc/

14 825

coder/code-server: VS Code in the browser https://github.com/coder/code-server 🎖@malwr

14 825

X-3306/Project-Onyx: Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advanced evasion techniques against modern EDR systems. It shifts away from traditional signature-based obfuscation towards behavioral camouflage and strict environmental keying. https://github.com/X-3306/Project-Onyx 🎖@malwr

14 825

macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox DPRK-linked implant embeds 38 fabricated system messages that spoof an LLM triage harness, hiding a credential stealer and Telegram C2 underneath. https://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/ 🎖@malwr

14 825

VECT: Ransomware by design, Wiper by accident https://research.checkpoint.com/2026/vect-ransomware-by-design-wiper-by-accident/ 🎖@malwr

14 825

MemNixFS/MemNixFS: Linux Memory Forensics Framework That Transforms Memory Dumps Into a Navigable Filesystem https://github.com/MemNixFS/MemNixFS 🎖@malwr

14 825

Build your own vulnerability harness We break down the technical architecture behind our multi-stage vulnerability discovery harness and automated triage loop. Learn how we manage state controls, squash false positives through adversarial review, and route around LLM context limits. https://blog.cloudflare.com/build-your-own-vulnerability-harness/ 🎖@malwr