WhoisXML API

#HoneyMyte’s updated #CoolClient backdoor now ships with browser data stealers and scripts for espionage.​ Thanks to @kaspersky for the CoolClient #IoCs → we expanded 4 IoCs and uncovered 66 new artifacts: 57 email-connected domains, 1 malicious IP, 5 IP-connected Download the full CoolClient DNS threat report → main.whoisxmlapi.com/threat-reports… ​ #MustangPanda #ThreatIntelligence #Cybersecurity #DNSintel

We’re excited to have Alex Ronquillo, VP at WhoisXML API, at #BSidesSD 🚀 For us, #BSides is all about community, sharing ideas, and learning together. Catch Alex there to talk evolving signals & infrastructure intelligence in modern threat detection. 👉 Meet us: #Form-CTA" target="_blank" rel="nofollow noopener">join.whoisxmlapi.com/upcoming-recen… @BsidesSD @SecurityBSides #cybersecurity #threatintelligence #infosec

20 hours from disclosure to global exploitation. We’ll walk through how the #React2Shell campaign unfolded, and what defenders should be hunting for, at our private offsite on-demand briefing during #RSAC2026. Request your invitation → join.whoisxmlapi.com/whoisxmlapi-rs… @OneRSAC #ThreatIntel #CyberSecurity #RSAC

February 2026 Domain Activity Highlights Are Here: whoisxmlapi.com/blog/february-… We analyzed 8.7M+ newly registered domains, uncovering key trends in registrars, TLDs & #IoCs. Stay ahead with our insights! #domaintrends #threatintel #domainintel #cybersecurity #infosec #datasecurity #technews

WhoisXML API is heading to #BSides San Diego! 🎉 Looking forward to connecting with the #BSides community and exchanging ideas on #threatintelligence and detection. If you’re attending, let’s connect: #Form-CTA" target="_blank" rel="nofollow noopener">join.whoisxmlapi.com/upcoming-recen… @BsidesSD @SecurityBSides #BsidesSD #cybersecurity #infosec

Before defenders see the alert, the signals are already there. For those in San Francisco during #RSAC2026, we’re hosting a private offsite on-demand briefing on turning global telemetry into actionable detection. @OneRSAC Request your invitation → join.whoisxmlapi.com/whoisxmlapi-rs… #RSAC #ThreatIntelligence #CyberSecurity #DetectionEngineering

🔍 Map Connected Domain Infrastructure with Reverse IP API. Get instant free access: reverse-ip.whoisxmlapi.com/lookup Uncover all domains resolving to a specific #IP, revealing shared infrastructure, dedicated setups, or malicious networks in seconds. #WHOIS #DomainIntel #cybersecurity

@OneRSAC is always a great moment for the #cybersecurity community to share what they’re seeing in the wild, and we’re excited to continue those conversations at our on-demand briefings at The Marker. Join us for technical deep dives into how emerging campaigns are uncovered and analyzed. Request your invitation: join.whoisxmlapi.com/whoisxmlapi-rs… Location: The Astor, The Marker, Union Square, 501 Geary Street, San Francisco, CA 94102 View on Map: maps.app.goo.gl/jGC3Dgzs7H8w9B… #RSAC2026 #RSAC #ThreatIntelligence #InfoSec #React2Shell #ILOVEPOOP

Malware families like #SocGholish, #CoinMiner, and #AgentTesla rely on persistent DNS infrastructure to scale attacks. Our researchers expanded 46 @CISecurity #IoCs into 1,360+ DNS-linked artifacts, revealing domains, IPs, and infrastructure behind Q4 2025’s top #malware. 👉 Download the full threat report to uncover the DNS infrastructure behind the Top 10 Malware of Q4 2025: main.whoisxmlapi.com/threat-reports… #TopMalware2025 #ThreatIntelligence #MalwareAnalysis #CyberThreats #DNSintel #CyberSecurity #Infosec #CTI #SOC

#DarkSpectre shows how trusted browser extensions can become long-running attack infrastructure. Our analysis expanded the campaign from 20 #IoCs to 8,852 possibly related artifacts. Dive into the expanded set of possibly connected indicators and infrastructure → circleid.com/posts/divulgin… #BrowserSecurity #ThreatIntelligence #Cybersecurity #MalwareAnalysis #ZoomStealer #ShadyPanda #InfoSec #Malware

We’re proud to co-sponsor the #ICANN85 Outreach & Networking Reception in Mumbai on 10 March. As the @ICANN community gathers ahead of the next round of new gTLDs, we’re looking forward to conversations on domain governance, #DNS security, and abuse mitigation. If you’re attending, let’s connect: #Form-CTA" target="_blank" rel="nofollow noopener">join.whoisxmlapi.com/upcoming-recen… #DomainNames #InternetGovernance #DomainSecurity

#React2Shell isn’t just a headline, it’s a live access path attackers are folding into real campaigns. Our team at WhoisXML API continues to see activity targeting exposed React Server Components and related infrastructure. Appreciate how @ravielakshmanan at @TheHackersNews breaks down where exploitation stands now and why closing React2Shell gaps is still a priority for defenders. 👉 React2Shell coverage on The Hacker News: thehackernews.com/2025/12/react2… #ILOVEPOOP #threatintelligence #CyberSecurity #CVE

Excited for #RSAC2026, always one of the best weeks in security! If you’ll be in San Francisco, let’s meet and compare notes. We’re looking forward to talking DNS & IP threat trends, attribution challenges, and what teams are seeing on the ground. Grab time here: join.whoisxmlapi.com/whoisxmlapi-rs… @OneRSAC #RSAC #ThreatIntelligence #InfoSec #CyberSecurity

Salesforce supply chain #ransomware named #1 ransomware attack of 2025. Huge thanks to @AlienVault and @Seqrite for the 39 IoCs! Building on their research, we uncovered 8,318 new artifacts: 1 domain flagged 76 days early, 1,722 victim IPs, and 405 email-connected domains. Want to know more? Download Report: main.whoisxmlapi.com/threat-reports… #Salesforce #Ransomware #ThreatIntel

1 week to go until #ICANN85 in Mumbai, and we’re excited! 🎉 Ching Chiao will represent WhoisXML API at the At-Large Plenary session on “Progressing the DNS Abuse Mitigation Agenda,” covering GNSO PDP updates, DGA-based threats & next #DNSabuse policy gaps. 👉 Attending? Let’s connect: #Form-CTA" target="_blank" rel="nofollow noopener">join.whoisxmlapi.com/upcoming-recen… #ICANN #DomainNames #InternetGovernance #DomainSecurity

Did you know that 7 of the domains identified as #IoCs for the #SilverFox attack leveraging #ValleyRAT were deemed likely to turn malicious up to 339 days by First Watch, even before they were publicly reported? 👉 Know more here: circleid.com/posts/dns-spot… #ThreatIntelligence #DNSintel #CyberSecurity #Infosec #APT

🚨 New domains using your brand? Track domains containing your keywords as they’re registered, updated, or dropped with Brand Alert Lookup. Detect phishing, impersonation & typosquatting early. 🔗 Try it free: brand-alert.whoisxmlapi.com/lookup #BrandProtection #CyberSecurity #DomainMonitoring #PhishingDetection #ThreatIntelligence #DNSIntelligence #Typosquatting #Infosec

We’re excited that WhoisXML API will be at #ICANN85 in Mumbai 🇮🇳 Ching Chiao, Head of APAC & Corporate Development, will represent WXA as we join the @ICANN community for a week of dialogue, collaboration, and conversations around the future of the #DNS ecosystem. We’re also proud to co-sponsor the ICANN85 networking reception on 10 March. 👉 Attending? Let’s connect: #Form-CTA" target="_blank" rel="nofollow noopener">join.whoisxmlapi.com/upcoming-recen… #ICANN #DomainNames #InternetGovernance #DomainSecurity

#QakBot named a Top Threat for 2026! @Trellix uncovered 144 #IoC, building on which we found 14,432 new artifacts: 11k+ email-connected domains, 60 weaponized IPs, and 8 domains malicious from day one. Download the full QakBot IoC analysis → main.whoisxmlapi.com/threat-reports… #Malware #ThreatIntelligence #trojan #Cybersecurity

The countdown to #RSAC2026 is on! 🚀 Our team is heading to San Francisco to connect with the global #cybersecurity community. Meet our experts, explore new research, or just say hi! Book a session: join.whoisxmlapi.com/whoisxmlapi-rs… @OneRSAC #RSAC #ThreatIntelligence #InfoSec #CIO