2026

• 21 Apr Incident Response Report: JetBrains TeamCity — Auth Bypass, Web Shell & Credential Tampering
• 20 Apr Incident Response Report: LFI Escalation — From Directory Traversal to Full System Compromise
• 18 Apr Incident Response Report: RediShell — From Jenkins RCE to Container Escape & Kinsing Miner
• 18 Apr Threat Intelligence Analysis: Lespion — OSINT Investigation of an Insider Threat
• 18 Apr Threat Intelligence Analysis: Yellow RAT — Hunting the Jupyter / Yellow Cockatoo Infostealer
• 17 Apr Incident Response Report: PoisonedCredentials — LLMNR/NBT-NS Poisoning & SMB Relay
• 12 Apr Incident Investigation Report: Poisoned PyTorch — Supply-Chain Compromise to Lynx Ransomware
• 08 Apr Incident Investigation Report: XLMRat — Tracing a Multi-Stage AsyncRAT Delivery Chain
• 08 Apr Incident Investigation Report: GrabThePhisher — Dismantling a DeFi Phishing Kit
• 07 Apr Incident Response Report: Maranhão — Trojanized Game Mod to Node.js Infostealer
• 05 Apr Threat Intel Report: RaaS Unfold — RansomHub, The Ransomware Empire Built on Abandoned Affiliates
• 05 Apr Threat Intel Report: Red Stealer (RedLine) — Unmasking a Commodity Credential Harvester via VirusTotal, MalwareBazaar & ThreatFox
• 05 Apr Threat Intel Report: Oski / Stealc Stealer — Analyzing a Credential-Stealing Trojan via ANY.RUN & VirusTotal
• 01 Apr Malware Analysis Report: XWorm RAT — Static & Dynamic Analysis of an Obfuscated .NET Remote Access Trojan
• 29 Mar Incident Response Report: IIS Server Compromise & AgentTesla Infection
• 29 Mar Incident Response Report: Amadey Trojan (APT-C-36) — Memory Forensics & Malware Loader Analysis
• 22 Mar Incident Response Report: XXE Infiltration — XML External Entity Injection, Credential Theft & Web Shell Deployment
• 22 Mar Incident Response Report: Tomcat Takeover — Directory Brute-Force, Credential Cracking & Reverse Shell Persistence
• 22 Mar Incident Response Report: RetailBreach — Stored XSS, Session Hijacking & Path Traversal on ShopSphere
• 21 Mar Incident Response Report: Web Investigation — SQL Injection, Credential Theft & Web Shell Deployment
• 27 Feb Incident Response Report: WebStrike — Server Compromise & Network Forensics Investigation
• 18 Jan Threat Intelligence Analysis: PhishStrike — Email Phishing & Multi-Stage Malware Investigation
• 16 Jan Incident Investigation Report: Operation 'BRabbit' — Bad Rabbit Ransomware Threat Intelligence

2025

• 19 Dec Forensic Investigation Report: Operation 'Hammered' — Linux Log Analysis
• 13 Dec Forensic Investigation Report: Operation 'Reveal' — Memory Analysis
• 12 Dec Malware Sandbox Comparison — AgentTesla, WannaCry & Pulsar RAT Analysis