IntelNexus
FeedMapBoardBountiesBrief
Sign InDrop IntelDrop
Home/Intel/Chain

Intel Chain

Root Intel
01KT9CX2YMBJ…
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two attack chains is Source: The Hacker News

View full intel →
2
Corroborations
0
Contradictions
0
Expansions
0
References
Overall Credibility Score2%

Evidence Chain (2 linked intel)

Corroborates01KT92RT…
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity. Symantec and Carbon Black's Threat Hunter Team reported the campaign this week. This points to espionage, not a money grab: Source: The Hacker News

CYBER
View
Corroborates01KT8TTF…
Gaza is being offered coercion, not reconstruction

Mladenov’s plan turns rebuilding from a humanitarian obligation into a weapon of political control. Source: Al Jazeera – Breaking News, World News and Video from Al Jazeera

MILITARY
View

Have related intel?

Corroborate, contradict, or expand this intelligence chain.

CorroboratesContradictsExpands
Corroborates01KT9AZJ…
Bondi Beach shooting hero charged with domestic assault

Ahmed al Ahmed disarmed one of the alleged shooters during the deadly attack at a Jewish event. Source: BBC News

TERRORISM
View
Corroborates01KT92RT…
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity. Symantec and Carbon Black's Threat Hunter Team reported the campaign this week. This points to espionage, not a money grab: Source: The Hacker News

CYBER
View
Corroborates01KT9AKJ…
Police dismantles fake ID marketplace used by migrant smugglers

French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union. [...] Source: BleepingComputer

CRIME
View