[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
Virus Bulletin posts on X about $4704t, $zs, whatsapp, targets the most. They currently have XXXXXX followers and XXX posts still getting attention that total XXXXX engagements in the last XX hours.
Social category influence technology brands XXX% stocks XXXX%
Social topic influence $4704t #9, $zs #63, whatsapp 1.55%, targets 0.78%, asia 0.78%, dove 0.78%, shell 0.78%, rce 0.78%, agencies 0.78%, defence XXXX%
Top accounts mentioned or mentioned by @lindseyod123 @gleeda @johnhammond @wbmmfq @amazon @gendigitalinc @softwareclean @fortinet @totalavcom @jspchc @philofishal @dineshdina04 @darkreading @txhaflaire @cyb3rjerry @jershmagersh @theoneawesomo @russianpanda9xx @rebensk @objective_see
Top assets mentioned Zscaler Inc (ZS) Microsoft Corp. (MSFT)
Top posts by engagements in the last XX hours
"Seqrite Threat Research reports Spanish language judicial notification lures targeting Colombian users using SVG HTA VBS and PowerShell stages to download and decode a loader ending with AsyncRAT injected into a legitimate Windows process"
X Link @virusbtn 2025-10-14T08:19Z 60.6K followers, 3750 engagements
"Zscaler ThreatLabz details the latest tactics and tools used by APT37 (ScarCruft/Ruby Sleet/Velvet Chollima) a DPRK-aligned threat actor active since 2012 that targets South Korean individuals connected to the regime or involved in human rights activism"
X Link @virusbtn 2025-09-09T09:04Z 60.6K followers, 2606 engagements
"Trend Micro's Nick Dai & Pierre Lee look into the TAOTH campaign targeting users across Eastern Asia which leveraged an abandoned Sogou Zhuyin IME update server & spear-phishing operations to deliver malware families such as TOSHIS C6DOOR DESFY & GTELAM"
X Link @virusbtn 2025-08-29T10:00Z 60.6K followers, 5390 engagements
"Trend Micro researchers identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed the malware establishes persistence and hijacks the compromised WhatsApp account to send copies of itself to the victims contacts"
X Link @virusbtn 2025-10-03T09:27Z 60.6K followers, 3130 engagements
"Trend Micro's Dove Chiu & Lucien Chuang uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352 allowing remote code execution and rootkit deployment on unprotected devices"
X Link @virusbtn 2025-10-16T08:43Z 60.6K followers, XXX engagements
"FortiGuard Labs details a Stealit campaign that shifts from Electron installers to the Node.js Single Executable Application feature while still posing as game and VPN installers"
X Link @virusbtn 2025-10-13T09:13Z 60.6K followers, 9292 engagements
"In early 2025 Threat Detection & Research reported PolarEdge exploiting CVE-2023-20118 to gain RCE and drop a web shell on routers. A follow-up blog post provides an in-depth technical analysis of the undocumented TLS-based implant"
X Link @virusbtn 2025-10-15T09:35Z 60.6K followers, 2614 engagements
"FortiGuard Labs details the Confucius group shifting from document stealers like WooperStealer to Python-based backdoors such as AnonDoor with spear phishing & weaponised documents hitting South Asian government agencies & defence contractors"
X Link @virusbtn 2025-10-06T09:26Z 60.6K followers, 1734 engagements
"FortiGuard Labs analyses Chaos ransomware which resurfaced in 2025 with a new C++ variant. The analysis provides a walkthrough of its execution flow encryption and clipboard hijacking for cryptocurrency with comparisons to earlier .NET builds"
X Link @virusbtn 2025-10-09T08:40Z 60.6K followers, 3185 engagements
"Trend Micro details the Gentlemen ransomware group showing advanced tooling to bypass enterprise endpoint protections. TTPs include driver abuse GPO manipulation custom anti-AV utilities privileged account compromise and exfiltration"
X Link @virusbtn 2025-09-10T10:46Z 60.6K followers, 2156 engagements
"Cyble Research and Intelligence Labs observes Android campaigns posing as Indian Regional Transport Office apps spreading via WhatsApp & SMS to GitHub-hosted APKs & compromised sites then using phishing pages to collect banking credentials & UPI PINs"
X Link @virusbtn 2025-10-15T08:48Z 60.6K followers, 1676 engagements
"Microsoft Threat Intelligence confirms that Storm 1175 known for deploying Medusa ransomware and exploiting public-facing applications is actively exploiting the CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability"
X Link @virusbtn 2025-10-07T09:44Z 60.6K followers, 1996 engagements
"Zscaler ThreatLabz identifies a campaign active since early May 2025 targeting Chinese-speaking users that delivers ValleyRAT FatalRAT & the newly named kkRAT. The blog details the attack chain and kkRATs features network protocol commands & plugins"
X Link @virusbtn 2025-09-11T10:38Z 60.6K followers, 2767 engagements
"ThreatLabz discovered a multi-stage ClickFix campaign likely affiliated with the Russia-linked APT group COLDRIVER targeting members of Russian civil society. The campaign led to a new downloader BAITSWITCH & a new PowerShell-based backdoor SIMPLEFIX"
X Link @virusbtn 2025-10-01T08:00Z 60.6K followers, 6415 engagements
"Trend Micro researchers examine the past TTPs used by UNC3886 to get a good understanding of the threat group and enhance the overall defensive posture against similar tactics"
X Link @virusbtn 2025-08-11T09:39Z 60.6K followers, 3577 engagements
"The Resecurity HUNTER Team warns of a mass exploitation of CVE-2025-61882 in Oracle E-Business Suite enabling remote code execution. Several victims received extortion emails from Cl0p in late September 2025"
X Link @virusbtn 2025-10-07T09:42Z 60.6K followers, 3265 engagements
"Trend Micro details EvilAI which disguises itself as productivity/AI apps and is signed to appear legitimate. Infections span Europe the Americas and AMEA hitting manufacturing government and healthcare sectors"
X Link @virusbtn 2025-09-12T10:42Z 60.6K followers, 2145 engagements
"Zscaler's ThreatLabz tracks SmokeLoaders return with new 2025-alpha and 2025 builds after the May 2024 Operation Endgame takedown. The builds fix performance-impacting bugs and update artifacts to evade static and behaviour-based detection"
X Link @virusbtn 2025-09-16T15:29Z 60.6K followers, 3326 engagements
"Threat Research details AdaptixC2 a lightweight open-source C2 with multi-protocol communication advanced evasion and BOF-based extensibility confirming XXX active servers in the wild"
X Link @virusbtn 2025-10-10T08:48Z 60.6K followers, 14.4K engagements