Unmasking Lawxsz: Attributing the Developer Behind Valkyrie and Prysmax Stealers
TL;DR This is Part 2 of our investigation into Lawxsz, an Argentinian threat actor behind the Valkyrie, Prysmax, and Packit…
Researches, News, and more
DeXpose Blog
Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure
TL;DR In early 2026, a threat actor using the alias Quellostanco ran a campaign against Egyptian targets: airlines, an aluminium…
Inside Combolists: the Downstream Cybercrime Economy
In the last blog, we examined how combolists are built from the raw sources (breach dumps, infostealer logs, and SQLi…
Chinese Smishing Campaign | How a Large-Scale Phishing Kit Is Targeting 80+ Brands Across 20 Countries
TL;DR We have been tracking a large-scale Chinese smishing campaign targeting multiple regions and industries with primary focus on telecom…
Inside Combolists: How Hackers Build Stolen Credential Data
Digital identity is now one of the easiest entry points into an organization, as data breaches often stem from weak,…
Threat Actor Profile: Mustang Panda
Mustang Panda is a highly persistent and adaptive Chinese state-linked cyber espionage group operational since at least 2012. Known by…
