I was presenting this morning at @reconmtl my RE journey of the ClickOnce technology.. that led to discover a new abuse on it!
If you've missed it, or are interested to learn about this little known feature, the research is also available on @CrowdStrike's blogspot below ☀️
new blog post: shrun, apiwatcher, and argus: three malware analysis tools built with Claude
https://t.co/n4Gd9Icslr
#MalwareAnalysis#ReverseEngineering
We are proud to announce the release of our new flagship course, Advanced Malware Binary Triage (AMBT)! The AMBT course provides a comprehensive overview of advanced techniques implemented by malware authors to bypass detection by security technologies and prevent analysis by reverse engineers. Throughout this course you will learn how to reverse engineer real-world malware variants that implement these techniques and how to implement automation methodologies to address them. This includes advanced red team tools, kernel mode drivers, and prolific crimeware (including loaders and ransomware) used in high profile attacks and takedowns. This version of AMBT uses Binary Ninja for static analysis, dynamic analysis and automation.
New TI report 📷
Chenlun (“Outsider”) is a feature-rich phishing kit using modern web frameworks, verification flows, and anti-bot techniques.
A step up in sophistication across Chinese Phishing-as-a-Service ecosystems.
Full analysis + detections 📷
https://t.co/xCeiZZZ37e
On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads.
This takedown matters beyond the botnet. Glassworm marked a significant shift in the threat landscape that should serve as a wake-up call for every organization that ships or consumes software. Adversaries are no longer just targeting products, they're targeting the developers who build them.
https://t.co/rl9EVrA371
New report: Darcula (“Magic Cat”) is one of the most active phishing frameworks we’re tracking.
From API-driven infra to socket-based comms and fake shop deployments, this kit continues to evolve rapidly.
Breakdown, detections: https://t.co/jnu2zKf8QL
Full report on urlscan Pro
We are super excited to announce our founder Joshua Reynolds @JershMagersh will be providing a 3 hour workshop on recovering C++ symbols and type information with Binary Ninja at REcon 2026!
I’m excited to announce the inaugural CrowdStrike Day Zero 2026 Threat Research Summit, an invite-only event for researchers, defenders, and cost-imposing warriors on the front lines of cyber conflict.
Day Zero will showcase cutting-edge technical work, advanced research into adversaries and technology, and foster the kind of discussion that challenges assumptions and sharpens ideas.
CrowdStrike researchers are already submitting their ideas. The Call for Papers (CFP) is open, and these sessions will be closed-door, with strict information-sharing protocols in place.
Evening kickoff: Aug 30th | Day Zero 2026 Summit: Aug 31st
*Ahead of Fal.Con Vegas | 📍Mandalay Bay, Las Vegas
Register for updates and submit your paper.
https://t.co/28LUhtqEdn
📣#PIVOTcon26 Agenda is here 🤟 We are thrilled to announce the lineup for this year's speaker lineup.
2⃣days and 19 talks from leading #ThreatResearch experts.
The agenda link is in the first comment👇, and the talks and speakers are in the thread.🧵
#CTI#ThreatResearch
1/15
New to #malware analysis? Then you’ll definitely want to check out this deep dive into Babuk #ransomware using #IDAPro—the perfect starting point for beginners looking to sharpen their #reverseengineering skills: https://t.co/MSM6mcTWsT
Thank you @Botconf for the warm welcome and for giving @sud0suw and I the opportunity to share our research on WIZARD SPIDER’s crypters! We had a great time connecting with everyone, hearing amazing ideas, and catching up with both new and familiar faces. Until next time!