Initially flagged as part of the KV-botnet, JDY has evolved into an independent reconnaissance capability following the U.S. government’s takedown of KV in early 2024.
Tag: reconnaissance
AI, Global Security News
Best OSINT Tools for Investigations and Threat Intelligence in 2026
Explore the best OSINT tools for your digital investigations, threat intelligence, reconnaissance, and tracking online activity in 2026.
AI, Global Security News, malware
Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites
Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.
AI, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
How ‘silent probing’ can make your security playbook a liability
For years, cyberattacks followed a familiar pattern: reconnaissance, exploitation, persistence, impact. Defenders built their strategies around that cycle, patching vulnerabilities, monitoring indicators, and working to reduce dwell time. But a quieter shift is underway. Today’s most sophisticated adversaries are using AI to study how organizations defend themselves. They run what we call “silent probing campaigns:”…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Google: state-backed hackers exploit Gemini AI for cyber recon and attacks
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to…