Actually, we take it back, France is the current leader is political outrage. But America is a strong contender.

Scott Presler, American conservative political activist, shared details today on social media regarding unusual activity on his Xitter account.

What could it mean?

We've updated our malware builders collection.

It's beautiful. Thank you so much to Cryakl for assembling this MASSIVE collection. We have 545 malware builders!

*Please exercise caution if you decide to experiment with them

https://vx-underground.org/Builders

In these trying times the one thing which remains constant is the value of kitty cat pictures.

Please take a copy of our kitty cat picture collection. It is 159.9GB (111,429 files) of kitty cat pictures.

Economic problems 🤝Kitty cats

https://vx-underground.org/tmp

This collection is from various scraping we've done. Some of the images are doggies, horsies, a few silly pictures of human babies being babies, some other cute animals like foxes and rabbits.

99% are kitty cats

Chat, we've got a problem.

Over 5,000 people are trying to download our kitty cat collection file. It is 159GB.

What is 159GB x 5,000 downloads at the same time? Unironically, we are DDoSing ourselves with cat pictures.

We'll be making a torrent.

This was a joke file — we didn't anticipate literally thousands, upon thousands, of people to actually want to download 110,000+ photos of kitty cats. This was our most popular file ever downloaded, ever. It destroyed our infrastructure.

Our hosting provider TorGuard wondering why our host suddenly received terabytes of traffic within a few minutes and why it's all related to kitty cat photos

Bro is flabbergasted

>Openly share 159GB file of kitty cat pictures
>5,350+ people rush to download the file
>850TB of web traffic flood in
>Cloudflare reports 1,850% increase in web traffic
>everyone_panic.jpeg
>More people try to download the file can't
>People angry, demand cats

We've got lots of stuff to add to vx-underground. We've re-prioritized — unironically highest priority is creating kitty cat 7z torrent.

APT samples and papers:

2024.10.24 - Operation Cobalt Whisper - Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan
2025.01.20 - Operation Hurricane - A brief discussion of the techniques and tactics of the Xinhai Lotus organization in memory
2025.01.21 - Love and hate under war - The GamaCopy uses military-related bait to launch attacks on Russia
2025.01.23 - Mapping Suspected KEYPLUG Infrastructure - TLS Certificates, GhostWolf, and RedGolf APT41 Activity
2025.01.23 - The J-Magic Show - Magic Packets and Where to find them
2025.01.28 - ScatterBrain - Unmasking the Shadow of PoisonPlug's Obfuscator
2025.01.29 - CL-STA-0048 - An Espionage Operation Against High-Value Targets in South Asia
2025.01.29 - Operation Phantom Circuit - North Koreas Global Data Exfiltration Campaign
2025.02.03 - Analysis of malicious HWP cases of APT37 group distributed through K messenger
2025.02.03 - macOS FlexibleFerret - Further Variants of DPRK Malware Family Unearthed
2025.02.07 - Chinese-Speaking Group Manipulates SEO with BadIIS
2025.02.11 - Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
2025.02.12 - 2024 Global APT Research Report
2025.02.12 - Cybercrime - A Multifaceted National Security Threat
2025.02.12 - The BadPilot campaign - Seashell Blizzard subgroup conducts multiyear global access operation
2025.02.12 - UAC-0063 Cyber Espionage Operation Expanding from Central Asia
2025.02.13 - Analyzing DEEP#DRIVE - North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks
2025.02.13 - Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2025.02.13 - RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
2025.02.13 - Stimmen aus Moskau - Russian Influence Operations Target German Elections
2025.02.13 - You've Got Malware - FINALDRAFT Hides in Your Drafts
2025.02.18 - Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection
2025.02.19 - Signals of Trouble - Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
2025.02.20 - Analysis of the APT-C-28 (ScarCruft) organizations attack activities using fileless delivery of RokRat
2025.02.20 - DeceptiveDevelopment targets freelance developers
2025.02.20 - SPAWNCHIMERA Malware - The Chimera Spawning from Ivanti Connect Secure Vulnerability
2025.02.20 - Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
2025.02.20 - Weathering the storm - In the midst of a Typhoon
2025.02.21 - Angry Likho - Old beasts in a new forest
2025.02.23 - The Bybit Incident - When Research Meets Reality
2025.02.24 - Erudite Mogwai Uses Custom Stowaway to Stealthily Advance Online
2025.02.24 - Operation SalmonSlalom - A new attack targeting industrial organizations in APAC
2025.02.25 - Chinese APT Target Royal Thai Police in Malware Campaign
2025.02.26 - RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
2025.02.27 - A case of phishing email attack by Larva-24005 group targeting Japan
2025.02.27 - Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools
2025.02.27 - Squidoor - Suspected Chinese Threat Actor's Backdoor Targets Global Organizations
2025.03.03 - Operation sea elephant - The dying walrus wandering the Indian Ocean
2025.03.04 - Call It What You Want - Threat Actor Delivers Highly Targeted Multistage Polyglot Malware
2025.03.04 - Likely DPRK Network Backstops on GitHub, Targets Companies Globally
2025.03.05 - Silk Typhoon targeting IT supply chain
2025.03.12 - Ghost in the Router - China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
2025.03.12 - Hack The Sandbox - Unveiling the Truth Behind Disappearing Artifacts
2025.03.12 - New Android Spyware by North Korean APT37
2025.03.13 - Analyzing OBSCURE#BAT - Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy Rootkits
2025.03.13 - Detailed Analysis of DocSwap Malware Disguised as Securit

The attached images is from a 1988 malware analysis report from AT&T Bell Labs. The report does a high-level overview of a viral infector targeting UNIX operating systems.

Updates to the Malware Builder collection via Cryakl (may include subvariants)

-A7m3dRat
-CraxsRat
-Gh0stCringe
-HadesRat
-KazyBot
-Nbclass
-PhoenixKeylogger
-PurpleFox

https://vx-underground.org/Builders

In these trying times the one thing which remains constant is the value of kitty cat pictures.

Please take a copy of our kitty cat picture collection. It is 159.9GB (111,429 files) of kitty cat pictures (a torrent!)

Economic problems 🤝Kitty cats

https://vx-underground.org/Torrents