https://cocomelonc.github.io/malware/2026/03/05/malware-cryptography-44.html next one from my blog.

Today, we will move away from classical encryption and use pure #mathematics. We are going to use the Discrete Fourier Transform (DFT) to turn our #shellcode into #frequency noise.

You might wonder: is this just a “academic” trick, or does it have real-world applications in high-end cyber espionage?

While we don’t often see a pure DFT loop in every commodity #malware, the philosophy behind it is a hallmark of sophisticated #APT groups. Here is why this idea is more “real” than it looks.

twitter/X

#hacking #cybersecurity #programming #research #maldev #book #threatintel #purpleteam #ethicalhacking #math

My pet project (draft) was selected to be presented at DEFCON Singapore 2026, which will take place from April 28 to April 30, 2026.
#hacking #malware #threatintel #programming #research

Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow
#hacking #apt #malware #threatintel #research #report #cats

https://cocomelonc.github.io/linux/2026/03/12/linux-hacking-10.html next one. #APT groups and #HiddenWasp using this mechanism to hide #malware from #detection
X/twitter
#hacking #cybersecurity #research #linux #programming #threatintel #purpleteam #redteam #blueteam #maldev #malwareanalysis #book

Eid Mubarak 💝
https://cocomelonc.github.io/macos/2026/03/19/mac-malware-persistence-5.html next one from my blog, classic trick. Used by #Lazarus #APT and #osx.flashback #botnet in the wild
X/Twitter
#hacking #malware #cybersecurity #threatintel #research #programming #macos #ethicalhacking #purpleteam #book #malwareanalysis #maldev

Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets

Malware development trick 40: Stealing data via legit Telegram API. Simple C example.

Mobile malware development trick 1. Abuse Telegram Bot API. Simple Android (Java/Kotlin) stealer example.

MacOS hacking part 1: stealing data via legit Telegram API. Simple C example

#malware #hacking #threatintel #redteam #blueteam #report #research #FBI #iran #APT

https://cocomelonc.github.io/macos/2026/03/20/mac-malware-persistence-6.html next one from my blog.

The #macOS-specific variant of the technique used by #HiddenWasp and #Skidmap #malware.

X/Twitter

#hacking #cybersecurity #threatintel #maldev #malwareanalysis #redteam #blueteam #research #persistence #book

in the near future there will be a lot of posts about concepts and practical examples from the Mac malware dev series (tricks, techniques, persistence).
Maybe I need to reissue new PDF book only for Mac Malware 😈
#malware #hacking #research #macos #book #cybersecurity #redteam

It's sad, but the little angel who inspired the title of this book has passed away after a long journey of treatment ❤️
#book #research #hacking #charity

#classic IBM Thinkpad T43
#retro #computer #pc #hacking #programming

https://cocomelonc.github.io/macos/2026/03/29/mac-malware-persistence-7.html next one from #macOS #malware #persistence series. This trick was first documented by Patrick Wardle
enjoy!
X/Twitter
#hacking #programming #research #book #apple #maldev #cybersecurity #threatintel #malwareanalysis #redteam #blueteam #purpleteam

macOS ClickFix Campaign Targets Claude Code Users with AMOS Stealer and Backdoor Access

ANY.RUN analysts identified a macOS-specific ClickFix campaign targeting users of AI tools such as Claude Code, Grok, n8n, NotebookLM, Gemini CLI, OpenClaw, and Cursor

#hacking #malware #stealer #research #anyrun

By the way, the coolest thing is that ANY.RUN announced a Sandbox for macOS! ❤️
#hacking #malware #sandbox #anyrun #threatintel #research #programming #malwareanalysis #blueteam

https://cocomelonc.github.io/macos/2026/04/01/malware-mac-13.html next one from my blog.

The C code only uses standard libraries and sysctl. enjoy!

twitter/X

#hacking #malware #research #book #threatintel #virustotal #apt #maldev #malwareanalysis #purpleteam

https://cocomelonc.github.io/macos/2026/04/02/mac-malware-persistence-8.html next one on my blog.
This post is quick observation of classic trick.

X/Twitter

#malware #hacking #threatintel #research #persistence #macos #purpleteam #redteam #blueteam #apt #book

https://cocomelonc.github.io/macos/2026/04/02/mac-malware-persistence-9.html another classic #macos #malware #persistence trick. enjoy!

twitter/X

#hacking #maldev #cybersecurity #research #threatintel #apt #book #redteam #blueteam #purpleteam

Russian cyber actor #apt28 exploit vulnerable routers to hijack DNS, enabling adversary‑in‑the‑middle #attacks and theft of #passwords and #authentication #tokens.
#hacking #malware #threatintel #apt #research

https://cocomelonc.github.io/android/2026/04/12/malware-android-3.html next one from my blog. Thanks to ANY.RUN for the API! ♥️
twitter/X
#hacking #malware #android #stealer #apt #maldev #malwareanalysis #threatintel #research #cybersecurity #purpleteam #redteam #blueteam #programming #book #telegram

This event is FREE, especially for anyone who wants to learn, connect, and build confidence in threat modeling without barriers. And we are conveniently located just four bus stops away from DEFCON SG

28-30 April 2026 - DEFCON Singapore
28 April 2026 Threat Modelling SG Community event
6-9 May 2026 BSides Luxembourg
22-23 May 2026 Bsides Prishtina
#conferences #research #malware #threatintel #cybersecurity #book

DEFCON Singapore DEMO LABS my demos:

Tuesday at 10:00 for 45 minutes, at Demo Labs Track 1
Wednesday at 15:00 for 45 minutes, at Demo Labs Track 1
Thursday at 13:00 for 45 minutes, at Demo Labs Track 2
peekaboo - still under development