
Squiblydoo
2.1K posts

Squiblydoo
@SquiblydooBlog
Creator of Debloat and https://t.co/tIYqmw6pxt Support: https://t.co/l9kCPRoD2y Join the Debloat/CertGraveyard discord: https://t.co/ZcWIqa6ZA9





One of the related, FUD on VT samples is a Mac sample seen with name "werkbit_installer.dmg", signed using the name "Emil Grigorov"... 🤷♂️







"TRADECONSULT AS" signed file coming from government website hxxps://camaraparaguacu.sp.gov.br/doc/xH6jrEMlLp protected with .NET Reactor, drops NodeJS application 💯 app.any.run/tasks/65c36154… virustotal.com/gui/file/8b3f0…



➡️ New report out today by Jake, Dino, Ahmed Farouk, @MittenSec, @angelo_violetti, and @r3nzsec. From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira 🔎 A user searching for ManageEngine OpManager was led to a fake download site and installed a trojanized MSI. 🐝 That install launched BumbleBee, which brought in AdaptixC2 and gave the threat actor a foothold in the network. 🔐 From there, the actor created privileged accounts, moved to domain controllers and backup servers, dumped credentials, and exfiltrated data. 💥 The intrusion ended with Akira ransomware across the root domain, followed by a return two days later to encrypt a child domain. thedfirreport.com/2026/06/29/fro…



















