08 Jul 2026
Executive Summary The arrest and extradition of an alleged Scattered Spider member drew attention for more than the charges themselves. The most revealing detail appeared inside the court documents: Microsoft telemetry associated with a Global Device Identifier, or GDID, helped investigators connect online activity to a specific Windows installation. According to the complaint, Microsoft records […]
24 Jun 2026
Executive Summary LoaderClient is a Minecraft-based malware loader linked to the WeedHack Malware-as-a-Service campaign. It is distributed as a malicious Minecraft Fabric mod and is designed to steal Minecraft session data, including display name, account UUID, and live Microsoft OAuth access tokens. What makes LoaderClient especially notable is its command and control architecture. Instead of […]
09 Jun 2026
Overview The enterprise threat landscape in 2026 has been reshaped by the rapid ascent of “The Gentlemen” — a Ransomware-as-a-Service (RaaS) operation tracked by Microsoft Threat Intelligence as Storm-2697 and by other security research firms under the alias LARVA-368. Since its emergence in mid-2025, this financially motivated syndicate has scaled faster than any other ransomware group on record, […]
Discover the latest articles and insights on Dark Atlas