Unmasking Lawxsz: Attributing the Developer Behind Valkyrie and Prysmax Stealers
TL;DR This is Part 2 of our investigation into Lawxsz, an Argentinian threat actor behind the Valkyrie, Prysmax, and Packit…
Researches, News, and more
DeXpose Blog
Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure
TL;DR In early 2026, a threat actor using the alias Quellostanco ran a campaign against Egyptian targets: airlines, an aluminium…
Threat Actors | The Complete Cybersecurity Guide to Who They Are, How They Operate, and How to Track Them
Every data breach has a story. And at the center of that story is a threat actor. The term gets…
Chinese Smishing Campaign | How a Large-Scale Phishing Kit Is Targeting 80+ Brands Across 20 Countries
TL;DR We have been tracking a large-scale Chinese smishing campaign targeting multiple regions and industries with primary focus on telecom…
Inside Valkyrie Stealer: Capabilities, Evasion Techniques, and Operator Profile
What Is Valkyrie Stealer? Valkyrie Stealer is a C++ infostealer designed to collect credentials, system information, browser data, messaging-app sessions,…
Threat Actor Profile: APT27
Who is APT27? APT27 — also known as Emissary Panda, Iron Tiger, and LuckyMouse — is a Chinese state-sponsored cyber-espionage…
Threat Actor Profile: Mustang Panda
Mustang Panda is a highly persistent and adaptive Chinese state-linked cyber espionage group operational since at least 2012. Known by…
