Executive Summary LoaderClient is a Minecraft-based malware loader linked to the WeedHack Malware-as-a-Service campaign. It is distributed as a malicious Minecraft Fabric mod and is designed to steal Minecraft session data, including display name, account UUID, and live Microsoft OAuth access tokens. What makes LoaderClient especially notable is its command and control architecture. Instead of […]

Overview The enterprise threat landscape in 2026 has been reshaped by the rapid ascent of “The Gentlemen” — a Ransomware-as-a-Service (RaaS) operation tracked by Microsoft Threat Intelligence as Storm-2697 and by other security research firms under the alias LARVA-368. Since its emergence in mid-2025, this financially motivated syndicate has scaled faster than any other ransomware group on record, […]

Modern supply chain intrusions are attacks that compromise trusted software development systems, including CI/CD pipelines, package registries, GitHub repositories, developer tools, and cloud environments. Instead of attacking one organization directly, threat actors abuse trusted dependencies, automation workflows, and stolen developer credentials to spread across entire software ecosystems. TeamPcP History TeamPCP (also tracked as PCPcat, DeadCatx3, […]