ANY.RUN

ANY.RUN research identified a large-scale data leak event triggered by a false positive in Microsoft Defender XDR. The security platform incorrectly flagged benign files as malicious, leading to their automatic submission to ANY.RUN's public...

Script-based malware is malicious software written in scripting languages like JavaScript, Python, PowerShell, or VBScript. Unlike traditional malware that relies on compiled executables, script-based malware leverages scripts that execute as human-readable code interpreted at...

In Cybersecurity indicators, three powerful tools Indicators of Compromise (IOCs), Indicators of Behavior (IOBs), and Indicators of Attack (IOAs) are helping organizations detect threats early and respond more effectively. These indicators offer crucial insights into...

Linux cyber threats are less widespread than Windows ones yet it can make them even more dangerous. Underestimated and under-anticipated, they stab endpoints and networks in the back, bringing operational disruption and financial loss. It’s...

A new wave of phishing emails is sweeping across Latin America, and once again, Grandoreiro is behind it. This banking trojan is no newcomer; it's been active for years, evolving steadily into a more...

ANY.RUN's Threat Intelligence (TI) Feeds have established themselves as a valuable resource for cybersecurity professionals seeking fresh and unique indicators of compromise (IOCs). This continuously updated stream of threat intelligence leverages data from over...

You might think that catching malware is all about spotting shady files on your system. But what if there’s no file to find and the entire attack happens in the background, without leaving a...

Threat hunting isn’t just a job — it’s an adventure. There’s a thrill in proactively chasing down adversaries who think they’ve outsmarted your defenses. It’s this blend of challenge, creativity, and impact that makes...

March 2025 saw a sharp uptick in cyber threats that put both individual users and organizations at risk. From banking apps weaponized to steal personal data, to trusted domains abused for redirecting users to...

Tycoon is back with a new phishing trick! The threat group has updated its tactics, using PDF lures and clever redirects to steal credentials. Victims are tricked into clicking a fake company policy notice,...