JSAC2026 -Day 2-

JSAC2026 Day 2 presented a series of intelligence briefings that described active threats and forensic techniques: ext4/XFS journal timeline analysis for forensics; the CoGUI phishing kit and FishingMaster PhaaS and phishing admin-panel ecosystems; residential proxy abuse research; RapperBot IoT DDoS botnet operations; a WSUS RCE exploit chain (CVE-2025-59287) with abuse of Velociraptor; Silver Fox malspam campaigns deploying ValleyRAT/VShell; and Qilin ransomware's attack lifecycle, together offering IoCs, TTPs, and defensive recommendations for incident responders and threat hunters.