Protos Labs
@protoslabs_io
Followers
5
Following
0
Media
2
Statuses
21
Pioneering proactive cyber defense with Agentic AI. We help enterprises quantify cyber risk and manage autonomous threat intelligence. #Cybersecurity #AI
Singapore
Joined July 2025
đ§ KONNI APT is targeting developers with an AI-generated PowerShell backdoor, delivered via Discord lures. Breakdown of the campaign: https://t.co/pDSqEfSR6x Analysis with the help of Protos AI.
protoslabs.io
Discover how the KONNI APT group used an AI-developed PowerShell backdoor to target developers in Jan 2026. Read our full threat analysis and IOCs today.
0
0
0
â ď¸ Ink Dragon is a PRC-aligned espionage cluster targeting governments & telecoms via misconfigured IIS/SharePoint servers, turning them into covert relay nodes. Latest analysis outlines SHADOWPAD & FINALDRAFT C2 insights with the help of Protos AI âĄď¸
protoslabs.io
INK DRAGON (PRC-aligned) uses SHADOWPAD and FINALDRAFT for covert cloud C2 via Microsoft Graph. Review critical IOCs and high-priority mitigation strategies.
0
0
0
Notepad++ vuln roundup: CVE-2025-49144 is a confirmed installer LPE (uncontrolled search path) that can reach SYSTEM if a malicious exe sits in the installer working dir. CVE-2025-56383 has a PoC, but default-install impact is disputed. Read more: https://t.co/gkAZdYkDhq
protoslabs.io
Expert analysis of critical Notepad++ CVEs: LPE (49144) and DLL Hijacking (56383). Includes MITRE ATT&CK mapping and patching guidance. Review the threat report now.
0
0
0
⥠Threat intel alert: Shanya (aka VX Crypt) is gaining traction among ransomware gangs as a commercial crypter/packer-as-a-service, offering advanced stealth and EDR bypass capabilities. Critical priority for defenders to watch. With help from Protos AI:
protoslabs.io
Deep dive into Shanya PaaS, the crypter used by Akira and Qilin to deploy EDR-killing drivers. Review TTPs, IOCs, and critical mitigation guidance now.
1
0
0
â ď¸ React2Shell (CVE-2025-55182) is a critical unauth RCE in React Server Components affecting React 19.x & Next.js 15/16 (App Router + RSC). Public PoCs + active scanning = patch now. Deep dive (with the help of Protos AI): https://t.co/fLoZs1OZZf
#React2Shell
protoslabs.io
Critical RCE flaw CVE-2025-55182 (React2Shell) affects React/Next.js RSC. Review TTPs, IoCs, and patch immediately to stop active exploitation.
0
0
0
â ď¸ Aisuru botnet â between 300âŻk and 4âŻM IoT devices hijacked â has delivered up to 29.7âŻTbps / 14.1âŻBpps DDoS blasts in 2025. Now also rented as residentialâproxy service. Critical alert. Read deeper (with the help of Protos AI): https://t.co/F64mDAs76A
#Aisuru #Botnet
protoslabs.io
Critical threat intelligence on the Aisuru botnet, responsible for record 29.7 Tbps DDoS attacks. Review TTPs, IOCs, and essential mitigation steps now.
0
1
1
â ď¸ New Android banking trojan âSturnusâ combines overlays, Accessibility abuse & VNC-like remote control to steal credentials and drive real-time fraud on mobile devices, with the help of Protos AI. Full threat intel report: https://t.co/Jngr75sLPs
#AndroidMalware
protoslabs.io
Sturnus is a dangerous Android banking trojan using VNC remote control and Accessibility abuse for real-time fraud. Get urgent IOCs and mitigation steps now.
0
0
0
â ď¸ GTIG exposed a multi-year APT24 âBADAUDIOâ campaign abusing a Taiwanese marketing supplier & ~1,000 domains to deliver an obfuscated DLL downloader and AES-encrypted payloads, with the help of Protos AI. Full report & IOCs:
protoslabs.io
GTIG exposed the multi-year APT24 BADAUDIO espionage campaign compromising 1,000 domains via supply chain. Review high-risk IOCs and mitigation strategies.
0
0
1
đ Supply chain alert: The âIndonesianFoodsâ npm worm has flooded the ecosystem with an estimated 44K+ fake packages over ~2 years, abusing self-replicating scripts and circular deps. Protos Labs, with the help of Protos AI, breaks down the risk:
protoslabs.io
A massive 'IndonesianFoods' worm has flooded the npm registry with 44,000+ fake packages, creating critical supply chain risk. Learn how to mitigate this registry abuse.
0
0
0
đ¤ AI isnât just a target in cyberâit's now an active attacker. GTG-1002 allegedly chained Claude Code to pentest tools via MCP to run large parts of its intrusion workflow. Protos Labs (with the help of Protos AI) maps the TTPs and defender playbook:
protoslabs.io
Anthropic stopped the first AI-orchestrated cyber attack by China-linked GTG-1002 leveraging Claude Code. See how AI automates 90% of cyber ops now.
0
0
0
Heads-up: GhostCall (fake Zoom/Teams) & GhostHire (dev test lures) hit macOS & Windows with staged loaders and C2 backdoors. Key domains: system.updatecheck[.]store, dataupload[.]store. Deep dive (with the help of Protos AI): https://t.co/PwUjIpdJwp
#CryptoSecurity
protoslabs.io
BlueNoroff uses GhostCall and GhostHire to attack crypto firms, leveraging fake meetings and job offers. See the full malware breakdown, IOCs, and defense guidance here.
0
0
0
đąâ ď¸ Coinhako-themed smishing: fake support texts, rotating VoIP/WhatsApp numbers, and wallet-diversion playbooks. Key TTPs, IOCs, and user-safety stepsâexplained with the help of Protos AI: https://t.co/X1Va33iLNs
#smishing
0
0
0
â ď¸ Oracle EBS zero-day (CVE-2025-61882) mass-exploited by the Cl0p extortion ecosystem: data theft + extortion, not encryption. Key TTPs, IOCs, and mitigationsâexplained with the help of Protos AI: https://t.co/cTIgz5gizl
#OracleEBS
protoslabs.io
Cl0p mass exploited Oracle EBS RCE (CVE-2025-61882), stealing data and demanding extortion. Review TTPs, IOCs, and implement critical patches immediately.
0
0
0
OT-ISAC and @protoslabs_io recent strategic partnership will bring AI-based cyber defense tools to critical infrastructure sectors across Asia. https://t.co/bl7t5Jkyo5
inforisktoday.in
From boosting SOC efficiency to automating risk analysis and translating frameworks, security leaders are deploying artificial intelligence to handle routine tasks
0
1
0
â ď¸ New report on âPhantom Taurusâ APT: targeting, TTPs, IOCs, and defender guidanceâgenerated by Protos AI and supervised by our Cyber team. Read more: https://t.co/CyFu85M1e4
#PhantomTaurus #ThreatIntelligence #CyberEspionage #CyberSecurity #APT
protoslabs.io
Phantom Taurus: New Chinese APT targets gov, military & telecom in Africa, ME, Asia with NET-STAR malware. Discover TTPs, IOCs & defense strategies.
0
0
0
ArcaneDoor isnât âpatch & move on.â Protos AI mapped: CVE-2025-20362 â 20333/20363 â root on Cisco ASA/FTD + firmware persistence (RayInitiator â LINE VIPER). Reboots â recovery. Read the playbook đ https://t.co/dKyTjewHeH
#cybersecurity #zeroday #Cisco #ProtosAI
0
0
0
âď¸đ RTX ransomware: passenger-processing outages hit European hubs via a third-party vendor. What happened, TTPs, and a 30-day hardening checklistâexplained with the help of Protos AI. https://t.co/u4sfgyE5af
#ransomware
protoslabs.io
RTX ransomware hit European airports (LHR, BRU, BER) in Sep 2025 via a vendor. Explore critical supply-chain cyber risks & NIS2 implications in this deep dive.
0
0
0
â ď¸ Shai-Hulud: a self-replicating npm worm is stealing creds, adding GitHub Actions, and republishing infected packages (500+ and counting). Get triage steps + IOCs in our deep diveâbuilt with the help of Protos AI. https://t.co/7k2ouFMRnY
#ShaiHulud #npm
protoslabs.io
Shai-Hulud npm worm compromises 500+ packages, stealing credentials & exposing code. Act now to detect & mitigate this critical supply chain threat.
0
1
1
đ Threat Analysis: #MustangPanda is actively targeting Thailand with sophisticated USB worm attacks. We dive into their TTPs & IOCs with the help of Protos AI. https://t.co/Dtwx9wyc1R
#ProtosAI #CyberSecurity #ThreatIntel #cti #protoslabs #cyberrisk
protoslabs.io
Deep Dive: Dire Wolf Ransomware Group. Read full analysis at protoslabs.io
0
0
0
đ¨Threat Analysis: #DireWolf ransomware is ramping up double extortion attacks across 11 countries. We dive into their TTPs & IOCs. https://t.co/Dtwx9wyJRp đ
27 Aug 2025 #ProtosAI #CyberSecurity #ThreatIntel
0
1
0