Zscaler Security Research Blog

ID: dcb31053-0a55-5fcd-ba0e-975cdae7dce8

STIX ID: identity--dcb31053-0a55-5fcd-ba0e-975cdae7dce8

Feed Type: skeleton

Earliest post: 2025-04-02

Latest post: 2026-02-26

The Zscaler Security Research Blog shares expert threat research, analysis of emerging attacks, and insights on secure cloud and network defense to help security teams stay ahead of modern threats.

Exclude posts that do not describe a security incident

Classification

Min Pub Date

01/01/2020

Max Pub Date

06/04/2026

Title	Date Published ↓	Describes Incident	Visible
OpenClaw Skill Distributes Remcos & GhostLoader	2026-05-05	True	True
Tropic Trooper: AdaptixC2 + Custom Beacon	2026-04-22	True	True
Payouts King Takes Aim at the Ransomware Throne	2026-04-16	True	True
In-Memory Loader Drops ScreenConnect	2026-04-09	True	True
China-nexus Group Targets Arabian Gulf Region	2026-04-09	True	True
Supply Chain Attacks Surge in March 2026	2026-04-03	True	True
Anthropic Claude Code Leak	2026-04-01	True	True
Latest Xloader Obfuscation Code & C2 Protocol	2026-03-31	True	True
CVE-2026-20131: Analysis of FMC RCE	2026-03-24	True	True
Technical Analysis of SnappyClient	2026-03-18	True	True
China-nexus Group Targets Persian Gulf Region	2026-03-12	True	True
Middle East Conflict Fuels Cyber Attacks	2026-03-06	True	True
Dust Specter APT Targets Gov’t Officials in Iraq	2026-03-04	True	True
APT37 Adds New Tools For Air-Gapped Networks	2026-02-26	True	True
Mobile, IoT, and OT Risks Converge in the Public Sector	2026-02-11	True	True
GuLoader Obfuscation Analysis	2026-02-09	True	True
Technical Analysis of Marco Stealer	2026-02-05	True	True
Operation Neusploit: APT28 Uses CVE-2026-21509	2026-02-03	True	True
SHEETCREEP, FIREPOWER, and MAILCREEP Analysis	2026-01-27	True	True
GOGITTER, GITSHELLPAD, and GOSHELL Analysis	2026-01-27	True	True
Shai-Hulud V2 Poses Risk to NPM Supply Chain	2026-01-12	True	True
Malicious NPM Packages Deliver NodeCordRAT	2026-01-07	True	True
Qakbot Attacks Increasing due to Evolving Threats	2025-12-30	True	True
HijackLoader	2025-12-30	True	True
CryptNet Ransomware	2025-12-30	True	True
New HijackLoader Evasion Tactics	2025-12-30	True	True
Agniane Stealer	2025-12-30	True	True
Tracking 15 Years of Qakbot Development	2025-12-30	True	True
TOITOIN Trojan: A New Multi-Stage Attack Targeting LATAM	2025-12-30	True	True
ThreatLabz	2025-12-30	True	True
ThreatLabz	2025-12-30	True	True
Steal-It Campaign	2025-12-30	True	True
CVE-2023-3519	2025-12-30	True	True
Windows Notifications	2025-12-30	True	True
QakBot Stealer from Newly Registered Domains	2025-12-30	True	True
APT36's Updated Arsenal	2025-12-30	True	True
Nokoyawa Ransomware: Rust or Bust	2025-12-30	True	True
Nevada Ransomware, Nokoyawa Variant	2025-12-30	True	True
Back in Black... Basta	2025-12-30	True	True
Coverage Advisory for MOVEit	2025-12-30	True	True
Pikabot Updates	2025-12-30	True	True
HijackLoader Updates	2025-12-30	True	True
Hibernating Qakbot	2025-12-30	True	True
BlindEagle Deploys Caminho and DCRAT	2025-12-16	True	True
React2Shell RCE Vulnerability (CVE-2025-55182)	2025-12-15	True	True
Technical Analysis of the BlackForce Phishing Kit	2025-12-11	True	True
Technical Analysis of Matanbuchus 3.0	2025-12-02	True	True
CVE-2025-50165: Windows Graphics Component Flaw	2025-12-01	True	True
In-Depth Analysis: Water Gamayun APT Multi-Stage Attack Uncovered	2025-11-25	True	True
Zscaler Discovers Vulnerability in Keras Models Allowing Arbitrary File Access and SSRF (CVE-2025-12058)	2025-11-04	True	True