📃Title: [Ransomware] Unconfirmed: THL PRO**** MAN******* SDN* BHD*
📅Date: 2026-06-18
🔗References: https://www.ransomware.live/id/VEhMIFBST0pFQ1QgTUFOQUdFTUVOVCBTRE4uIEJIRC5AcWlsaW4=

🔖Rectifyq Taxonomies:
Relevancy: 🔴 Highly Relevant
Category: 💥 Data Breach
- TA-category="Ransomware"

🔖MISP Galaxies:
- target-information="Malaysia"
- sector="Business Services"
- ransomware="Qilin"
mitre-attack-pattern=[]

MISP event uuid: 33ac9a5c-438c-41fe-8d33-117f0ba8dc5e

📃Title: [Ransomware] Unconfirmed: mli******** UPD******** DAT* DUM* 10G*
📅Date: 2026-06-19
🔗References: https://www.ransomware.live/id/bWxpdC5jb20ubXkgVVBEQVRFLUZVTEwgREFUQSBEVU1QIDEwR0JAc3Rvcm1vdXM=

🔖Rectifyq Taxonomies:
Relevancy: 🔴 Highly Relevant
Category: 💥 Data Breach
- TA-category="Ransomware"

🔖MISP Galaxies:
- target-information="Malaysia"
- sector="Public Sector"
- ransomware="stormous"
mitre-attack-pattern=[]

MISP event uuid: b0f890ec-80ba-4072-98d8-68d21c5d3ae3

📃Title: [Ransomware] Unconfirmed: SGS Mal*****
📅Date: 2026-06-18
🔗References: https://www.ransomware.live/id/U0dTIE1hbGF5c2lhQHRoZWdlbnRsZW1lbg==

🔖Rectifyq Taxonomies:
Relevancy: 🔴 Highly Relevant
Category: 💥 Data Breach
- TA-category="Ransomware"

🔖MISP Galaxies:
- target-information="Malaysia"
- sector="Business Services"
- ransomware="the gentlemen"
mitre-attack-pattern=[]

MISP event uuid: e6de9568-7c3f-4928-82f0-9032c5256af9

📃Title: Targeted espionage against Cambodian government entities
📅Date: 2026-06-10
🔗References:
https://www.acronis.com/en/tru/posts/behind-khmer-shadow-targeted-espionage-against-cambodian-government-entities/

🔖Rectifyq Taxonomies:
Relevancy: ⚫ Not Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• topic="geopolitical"
• target="targeted"
• no-samples-in="MalwareBazaar"
• samples-found-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• target-information="Cambodia"
• producer="8545fbf3-a246-4938-96a9-85a24651ebde"
• sector="Government, Administration"
mitre-attack-pattern=['T1053.005', 'T1071.004', 'T1036.005', 'T1204.002', 'T1497.001', 'T1566.001', 'T1106', 'T1140', 'T1055', 'T1562.002', 'T1055.012', 'T1027', 'T1573.002', 'T1134', 'T1027.002', 'T1071.001', 'T1574.002', 'T1055.001']

MISP event uuid: a95dd958-71be-430e-b83e-eeb6eaa34c3e

📃Title: From external espionage to domestic targeting
📅Date: 2026-06-11
🔗References:
https://www.welivesecurity.com/en/eset-research/oceanlotus-external-espionage-domestic-targeting/

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="from-original-src"
• mitre-att&ck="from-OTX"
• sub-category="TA-profile"
• TA-category="APT"
• target="broad-based"
• samples-found-in="MalwareBazaar"
• samples-found-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="ESET"
• threat-actor="APT32"
• country="vietnam"
mitre-attack-pattern=['T1553.002', 'T1082', 'T1190', 'T1036', 'T1055', 'T1021', 'T1059', 'T1204', 'T1041', 'T1027', 'T1573', 'T1195.002', 'T1570', 'T1071.001', 'T1574.002', 'T1105']

MISP event uuid: 9707a436-2783-4260-9a91-00590fb630a2

📃Title: Sniper's Nest: From Brand Impersonation to Browser Hijacking and CPA Fraud
📅Date: 2026-06-11
🔗References:
https://www.group-ib.com/blog/inside-sniperdz-phaas-ecosystem/

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="tool-profile"
• target="broad-based"
• TA-category="Cybercrime"
• sub-category="infra-profile"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Group-IB"
• target-information="Algeria"
mitre-attack-pattern=[]

MISP event uuid: 7a3ded92-0934-49f2-956c-0623538fbdb6

📃Title: Cyber-Enabled Maritime Sanctions Evasion
📅Date: 2026-06-11
🔗References:
https://www.recordedfuture.com/research/media_12cb79eec13b6af7520af3c1ae6768c0f4b25e945.gif?width=1200&format=pjpg&optimize=medium
https://www.recordedfuture.com/research/cyber-maritime-sanctions-evasion

🔖Rectifyq Taxonomies:
Relevancy: 🔴 Highly Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="infra-profile"
• sub-category="campaign-analysis"
• topic="geopolitical"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Recorded Future"
mitre-attack-pattern=[]

MISP event uuid: 64d4b916-e459-44a4-80d0-636de8f9c850

📃Title: Threat Actors Target FIFA World Cup 2026
📅Date: 2026-06-11
🔗References:
https://www.cloudsek.com/blog/chinese-origin-threat-actors-target-fifa-world-cup-2026

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• TA-category="Cybercrime"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="CloudSEK"
• country="china"
mitre-attack-pattern=['T1557', 'T1583', 'T1539', 'T1114', 'T1566.002', 'T1586.002', 'T1583.001', 'T1589', 'T1185', 'T1557.001', 'T1589.002', 'T1584', 'T1586', 'T1590', 'T1566', 'T1110', 'T1078', 'T1589.001', 'T1598', 'T1590.001']

MISP event uuid: 1bbbb25e-72ad-415c-b7ef-5710bea4bb60

📃Title: Threat Actors Weaponize AI Hype to Deliver AsyncRAT
📅Date: 2026-06-11
🔗References:
https://www.fortinet.com/blog/threat-research/threat-actors-weaponize-ai-hype-to-deliver-asyncrat

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="malware-analysis"
• sub-category="campaign-analysis"
• topic="ai"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Fortinet"
• malpedia="AsyncRAT"
mitre-attack-pattern=['T1053.005', 'T1113', 'T1218.011', 'T1573.001', 'T1082', 'T1106', 'T1140', 'T1112', 'T1497', 'T1204', 'T1059.001', 'T1566', 'T1562.001', 'T1055.012', 'T1027', 'T1059.003', 'T1070.004', 'T1071.001', 'T1059.005']

MISP event uuid: a72101e4-904d-4526-b9e3-6e902513f24b

📃Title: How Lookalike Domains Exploit Human Judgment
📅Date: 2026-06-11
🔗References:
https://www.infoblox.com/blog/security/human-judgment-hacks-how-lookalike-domains-work/

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• sub-category="report"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Infoblox"
mitre-attack-pattern=['T1583', 'T1071.004', 'T1204.002', 'T1566.002', 'T1598.003', 'T1071', 'T1586.002', 'T1583.001', 'T1589', 'T1589.002', 'T1584', 'T1586', 'T1598.002', 'T1204', 'T1590', 'T1566', 'T1598', 'T1590.001', 'T1204.001', 'T1584.001']

MISP event uuid: 833736e2-fc4c-4f68-ab29-b048c427c6ee

📃Title: Affidavit in Support of Application for Criminal Complaint
📅Date: 2026-06-09
🔗References:
https://cyberscoop.com/wp-content/uploads/sites/3/2026/06/11-1.pdf

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="TA-profile"
• sub-category="report"
• target="broad-based"
• topic="geopolitical"
• TA-category="APT"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• target-information="United States"
• threat-actor="Void Blizzard"
mitre-attack-pattern=['T1133', 'T1114', 'T1071', 'T1562', 'T1567', 'T1589', 'T1185', 'T1090', 'T1020', 'T1588.001', 'T1070', 'T1586', 'T1590', 'T1048', 'T1588.002', 'T1566', 'T1078', 'T1573', 'T1598', 'T1213']

MISP event uuid: 48a8d13e-0e7e-4d6f-8807-d4d9761dc8b5

📃Title: Defending the Digital Pitch: World Cup 2026 Cyber Threats
📅Date: 2026-06-11
🔗References:
https://www.cyberproof.com/blog/defending-the-digital-pitch-world-cup-2026-cyber-threats/

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
mitre-attack-pattern=['T1557', 'T1583', 'T1539', 'T1566.002', 'T1190', 'T1583.001', 'T1589', 'T1185', 'T1588.001', 'T1586', 'T1528', 'T1204', 'T1199', 'T1566', 'T1110', 'T1078', 'T1499', 'T1598', 'T1189', 'T1498']

MISP event uuid: 1708688e-6ab1-4949-83be-1fe8e61d59e3

📃Title: World Cup 2026 Mobile Targeted Phishing: The Global Social Engineering Threat
📅Date: 2026-06-11
🔗References:
https://zimperium.com/blog/world-cup-2026-mobile-targeted-phishing-the-global-social-engineering-threat?hs_amp=true

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• topic="mobile-attack"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Zimperium"
mitre-attack-pattern=['T1539', 'T1114', 'T1566.002', 'T1598.003', 'T1566.001', 'T1586.002', 'T1608.001', 'T1583.001', 'T1589', 'T1185', 'T1056.003', 'T1589.002', 'T1608.005', 'T1528', 'T1566', 'T1056', 'T1589.001', 'T1598', 'T1204.001']

MISP event uuid: 2d22208a-0035-4f4c-8dfd-a7b056feab82

📃Title: Targets Education Sector with Oracle PeopleSoft Exploit
📅Date: 2026-06-11
🔗References:
https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• TA-category="Cybercrime"
• target="broad-based"
• mitre-att&ck="none-from-src"
• no-samples-in="MalwareBazaar"
• samples-found-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• producer="Mandiant"
• target-information="United States"
• sector="Education"
• threat-actor="ShinyHunters"
mitre-attack-pattern=['T1560.001', 'T1110.001', 'T1133', 'T1069', 'T1114', 'T1036.005', 'T1021.004', 'T1190', 'T1491', 'T1505.003', 'T1083', 'T1552.001', 'T1041', 'T1059.004', 'T1078', 'T1027', 'T1486', 'T1573.002', 'T1071.001', 'T1018']

MISP event uuid: 612a10dd-f897-4556-ab31-f50a1b128318

📃Title: UNC1151/Ghostwriter phishing campaign targeting Gmail accounts
📅Date: 2026-06-12
🔗References:
https://cert.pl/en/posts/2026/06/UNC1151-gmail-campaign/

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: ⚔ Threat
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• TA-category="APT"
• target="broad-based"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
• target-information="Poland"
• threat-actor="Ghostwriter"
mitre-attack-pattern=['T1566']

MISP event uuid: 5c1e7285-f735-49d8-9fcf-ef31d47b10ae

📃Title: How to defend ARM64 cloud infrastructure
📅Date: 2026-06-11
🔗References:
https://www.reversinglabs.com/blog/defend-cloud-infrastructure-itscape

🔖Rectifyq Taxonomies:
Relevancy: 🔵 Potentially Relevant
Category: 💉 Vulnerability
• mitre-att&ck="none-from-src"
• mitre-att&ck="from-OTX"
• sub-category="campaign-analysis"
• sub-category="critical-vuln"
• target="broad-based"
• topic="cloud"
• no-samples-in="MalwareBazaar"
• no-samples-in="Tria.ge"
• action-taken="VT-comment"

🔖MISP Galaxies:
mitre-attack-pattern=['T1592', 'T1082', 'T1005', 'T1611', 'T1610', 'T1548', 'T1059', 'T1609', 'T1204', 'T1068']

MISP event uuid: b91d23b7-24fc-4cac-87d6-d5dc6b6bfd67