Product
high
threat
MuddyWater Disguises Cyber-Espionage as Chaos Ransomware Attack
2 rules 5 TTPsThe MuddyWater group is disguising its cyber-espionage operations as Chaos ransomware attacks, using Microsoft Teams social engineering for initial access and establishing persistence, likely to complicate attribution and mask their true objectives.
Microsoft Teams +3
MuddyWater
chaos ransomware
cyberespionage
data theft
iranian apt
2r
5t
high
threat
Supply Chain Compromises via Npm, PyPI Packages and Teams Phishing Campaigns
3 rules 3 TTPsThe April 2026 Red Canary Intelligence Insights highlights the axios npm compromise, TeamPCP's LiteLLM compromise via PyPI, and a surge in Microsoft Teams phishing, leading to RAT deployment, credential harvesting, ransomware deployment, or data theft.
axios +4
TeamPCP
supply-chain
phishing
rat
npm
pypi
email-bombing
3r
3t