اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
Malware News
رفتن به کانال در Telegram
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ... Partner channel: @cveNotify For ads: https://telega.io/c/malwr
نمایش بیشتر📈 تحلیل کانال تلگرام Malware News
کانال Malware News (@malwr) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 14 825 مشترک است و جایگاه 8 704 را در دسته فناوری و برنامهها و رتبه 2 561 را در منطقه الولايات المتحدة الأمريكية دارد.
📊 شاخصهای مخاطب و پویایی
از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 14 825 مشترک جذب کرده است.
بر اساس آخرین دادهها در تاریخ 26 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر 664 و در ۲۴ ساعت گذشته برابر 31 بوده و همچنان دسترسی گستردهای حفظ شده است.
- وضعیت تأیید: تأیید نشده
- نرخ تعامل (ER): میانگین تعامل مخاطب 4.27% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً 2.37% واکنش نسبت به کل مشترکان کسب میکند.
- دسترسی پستها: هر پست به طور میانگین 633 بازدید دریافت میکند. در اولین روز معمولاً 351 بازدید جمعآوری میشود.
- واکنشها و تعامل: مخاطبان بهطور فعال حمایت میکنند؛ میانگین واکنش به هر پست 1 است.
- علایق موضوعی: محتوا بر موضوعات کلیدی مانند threat, kernel, cve-2025, actor, attack تمرکز دارد.
📝 توضیح و سیاست محتوایی
نویسنده این فضا را محل بیان دیدگاههای شخصی توصیف میکند:
“The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
For ads: https://telega.io/c/malwr”
به لطف بهروزرسانیهای پرتکرار (آخرین داده در تاریخ 27 ژوئن, 2026)، کانال همواره بهروز و دارای دسترسی بالاست. تحلیلها نشان میدهد مخاطبان بهطور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامهها تبدیل کردهاند.
14 825
مشترکین
+3124 ساعت
+1977 روز
+66430 روز
آرشیو پست ها
14 825
heavener: This is what happens when you can't afford EDR licenses
A modular engine that runs real vendor detection logic from reverse-engineered EDR components against live or replayed Windows telemetry.
https://blog.otterpwn.com/projects/heavener
🎖@malwr
14 825
andreicscs/HoneyWire: HoneyWire: The Open-Source, Unlimited Deception Platform. Turn any Linux machine into an enterprise-grade canary in 60 seconds.
https://github.com/andreicscs/HoneyWire
HoneyWire is a lightweight, Distributed High-Signal Security Early-Warning System Builder, designed for internal networks. It leverages its architecture and UX to make it incredibly easy to build a new Cyber Canary server or deploy HoneyWires on existing ones. Using deception technology, it replaces the "magnifying glass" approach of traditional SIEMs which often drown analysts in false positives by surveilling legitimate traffic with a High-Fidelity Tripwire model.🎖@malwr
14 825
orloxgr/ClamShield: Windows security UI for ClamAV/YARA with real-time shield, scheduled scans, SecuriteInfo/SaneSecurity signatures, DNS protection, quarantine, VirusTotal checks, and auto-updates.
https://github.com/orloxgr/ClamShield
🎖@malwr
14 825
Harnessing the Power of Cobalt Strike Profiles for EDR Evasion – Part 3 | White Knight Labs
This blog post is a continuation of the previous entry “Harnessing the Power of Cobalt Strike Profiles for EDR Evasion“ and its follow-up, Part 2. Following
https://whiteknightlabs.com/2026/06/15/harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion-part-3/
🎖@malwr
14 825
The Latest Addition to Turla’s Intelligence Gathering Apparatus | Google Cloud Blog
Analysis of a backdoor, STOCKSTAY, that has been continually developed and deployed by the Russia-linked threat actor Turla.
https://cloud.google.com/blog/topics/threat-intelligence/stockstay-turla-intelligence-gathering/
🎖@malwr
14 825
Luma - the official Frida GUI
Luma, the official Frida GUI. Interactive dynamic instrumentation for macOS, Windows, and Linux.
https://luma.frida.re/
🎖@malwr
14 825
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C infrastructure and exfiltrate stolen data
https://www.welivesecurity.com/en/eset-research/gamaredon-2025-leveraging-tunnels-workers-dead-drops-new-alliances/
https://web-assets.esetstatic.com/wls/en/papers/white-papers/gamaredon-in-2025.pdf
🎖@malwr
14 825
Evaluating Mexico’s New Cybersecurity Plan
Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA World Cup and beyond
https://www.recordedfuture.com/research/mexico-new-cybersecurity-plan-evaluation
https://assets.recordedfuture.com/insikt-report-pdfs/2026/cta-2026-0625.pdf
🎖@malwr
14 825
1689er/exclusion-auditor: Read-only NGAV/EDR exclusion risk and hygiene auditor (CrowdStrike-first, vendor-agnostic).
https://github.com/1689er/exclusion-auditor
🎖@malwr
14 825
Ping32 RMM and ValleyRAT
Fareed Radzi recently blogged about a malware campaign observed earlier in June by Kasperskys GReAT team. The malware campaign embedded malicious code in VBScripts, which were distributed through WhatsApp DMs. The VBScript then dropped the legitimate Remote Monitoring and Management (RMM) tool Manag...
https://www.netresec.com/?page=Blog&month=2026-06&post=Ping32-RMM-and-ValleyRAT
🎖@malwr
14 825
Introduction to COM usage by Windows threats
Component Object Model (COM) is a fundamental Windows technology used by legitimate applications for object activation, inter-process communication, automation and language-independent component reuse. Those same qualities make it useful to threat actors.
https://blog.talosintelligence.com/introduction-to-com-usage-by-windows-threats/
🎖@malwr
14 825
Hackmosphere/DefenderBypass: A guide to learning antivirus evasion
https://github.com/hackmosphere/DefenderBypass
🎖@malwr
14 825
ESET takes part in Operation Endgame to disrupt Amadey and Stealc
ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, infrastructure tracking, and affiliate-level insights.
https://www.welivesecurity.com/en/eset-research/eset-takes-part-operation-endgame-disrupt-amadey-stealc/
🎖@malwr
14 825
X-3306/Project-Onyx: Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advanced evasion techniques against modern EDR systems. It shifts away from traditional signature-based obfuscation towards behavioral camouflage and strict environmental keying.
https://github.com/X-3306/Project-Onyx
🎖@malwr
14 825
macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
DPRK-linked implant embeds 38 fabricated system messages that spoof an LLM triage harness, hiding a credential stealer and Telegram C2 underneath.
https://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/
🎖@malwr
14 825
VECT: Ransomware by design, Wiper by accident
https://research.checkpoint.com/2026/vect-ransomware-by-design-wiper-by-accident/
🎖@malwr
14 825
MemNixFS/MemNixFS: Linux Memory Forensics Framework That Transforms Memory Dumps Into a Navigable Filesystem
https://github.com/MemNixFS/MemNixFS
🎖@malwr
14 825
Build your own vulnerability harness
We break down the technical architecture behind our multi-stage vulnerability discovery harness and automated triage loop. Learn how we manage state controls, squash false positives through adversarial review, and route around LLM context limits.
https://blog.cloudflare.com/build-your-own-vulnerability-harness/
🎖@malwr
