SpiderLabs Blog

Pwning Malware with Ninjas and Unicorns

February 16, 2026 | Cade Wriglesworth

How ClickFix Opens the Door to Stealthy StealC Information Stealer

February 12, 2026 | Rodel Mendrez

This analysis examines a complete attack chain targeting Windows systems ...

Stealerium Unmasked: Inside a Multi-Lure, Multi-Stage Stealer Campaign

February 11, 2026 | Bernard Bautista

In this investigation, we tracked a malware spam campaign that ultimately ...

Notepad-Plus Fuss: Notepad++ Supply Chain Attack Analysis

February 10, 2026 | King Orande

LevelBlue SpiderLabs’ Cyber Threat Intelligence Team investigated the ongoing ...

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 3

February 05, 2026 | Alexander Sevtsov, Chen Aviani

In the first two parts of our LockBit 5.0 series, we provided a comprehensive ...

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 2

February 04, 2026 | Mark Tsipershtein, Evgeny Ananin, Nikita Kazymirskyi

In the first part of our LockBit 5.0 series, where we analyzed 19 samples of ...

LockBit 5.0 Introduces New Features: ChaCha20 Encryption, Stealthy Installation, and Anti-Analysis to Target Windows, Linux, and ESXi Environments

January 30, 2026 | SpiderLabs Researcher

The prolific LockBit ransomware-as-a-service (RaaS) group shows its dedication ...

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 1

January 30, 2026 | Mark Tsipershtein, Evgeny Ananin, Nikita Kazymirskyi

This three-part blog series presents an analysis of 19 samples of a ...

Threat Intelligence News from LevelBlue SpiderLabs January 2026

January 06, 2026

January 2026

Why Do Criminals Love Phishing-as-a-Service Platforms?

September 23, 2024 | Rodel Mendrez

Phishing-as-a-Service (PaaS) platforms have become the go-to tool for ...

Hypervisor Development in Rust for Security Researchers (Part 1)

September 06, 2024

In the ever-evolving field of information security, curiosity and continuous ...

Mac systems turned into proxy exit nodes by AdLoad

August 10, 2023 | Fernando Martinez

AdLoad malware is still infecting Mac systems years after its first appearance ...

PRISM attacks fly under the radar

August 23, 2021 | Fernando Dominguez

LevelBlue SpiderLabs has recently discovered a cluster of Linux ELF executables ...

Experiencing a security breach?

Experiencing a security breach?

Pwning Malware with Ninjas and Unicorns

Stay Informed

How ClickFix Opens the Door to Stealthy StealC Information Stealer

Stealerium Unmasked: Inside a Multi-Lure, Multi-Stage Stealer Campaign

Notepad-Plus Fuss: Notepad++ Supply Chain Attack Analysis

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 3

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 2

LockBit 5.0 Introduces New Features: ChaCha20 Encryption, Stealthy Installation, and Anti-Analysis to Target Windows, Linux, and ESXi Environments

19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware’s Newest Leaked Samples: Part 1

Threat Intelligence News from LevelBlue SpiderLabs January 2026

Why Do Criminals Love Phishing-as-a-Service Platforms?

Hypervisor Development in Rust for Security Researchers (Part 1)

Mac systems turned into proxy exit nodes by AdLoad

PRISM attacks fly under the radar

Automated Padding Oracle Attacks With PadBuster

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.