SURXRAT is sold through a Telegram channel, with two licensing tiers: a Reseller Plan for a one-time payment of $200,000 and a Partner Plan for $500,000.
UnsolicitedBooker, a China-aligned threat actor active since at least March 2023, has deployed two distinct backdoors, LuciDoor and MarsSnake, in recent cyberattacks.
Financially motivated threat operation GrayCharlie, which overlaps with SmartApeSG, has leveraged compromised WordPress sites belonging to U.S. law firms to deploy the NetSupport RAT, Stealc, and SectopRAT payloads as part of a supply chain attack campaign, reports GBHackers News.
Organizations in Western and Central Europe have been targeted by Russian state-backed threat operation APT28 with webhook-based macro malware as part of the Operation MacroMaze attack campaign that ran between September 2025 and January 2026, The Hacker News reports.
