IOC Radar
TLP:WHITE1 IOC

Cyber Conflict Briefing Q4 2025

DC
DCSO CyTec Blog
Published February 13, 2026Original Report

Threat Actors

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYAPT28APT31Lazarus GroupINFRASTRUCTUREunknownCAPABILITYCl0pGh0st RATMedusaVICTIMunknown
Adversary(5)
Infrastructure
Capability(4)
Victim

Attack Flow10 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1566
1/10
Phishing
ActionPhishing for employees
Actors are suspected of using spearphishing campaigns targeting recruitment and hiring processes, potentially involving fake remote employees.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2025-10035
exfiltrationexploitintel-blog
Medium
54
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
CVE
CVE1Actors5Malware4REPORTCyber Conflict Briefing Q4APT28APT31Lazarus GroupNoName057Salt TyphoonCl0pGh0st RATMedusaRhadamanthys
scroll to zoom · drag to pan · click IOC to open