OSINT Report — 2026-06-22

Severity	Title	Source
critical	Malicious IP: 218.149.228.175	abuse-ipdb
critical	Malicious IP: 173.255.223.62	abuse-ipdb
critical	Malicious IP: 20.118.217.162	abuse-ipdb
critical	Malicious IP: 89.37.172.146	abuse-ipdb
critical	Malicious IP: 5.61.209.92	abuse-ipdb
critical	Malicious IP: 66.132.172.102	abuse-ipdb
critical	Malicious IP: 185.180.141.47	abuse-ipdb
critical	Malicious IP: 64.89.161.160	abuse-ipdb
critical	Malicious IP: 115.231.78.11	abuse-ipdb
critical	Malicious IP: 182.93.50.90	abuse-ipdb

All Items

Showing 50 items

Severity	Title	Category	Source	Indicators	Tags	Published
critical	Malicious IP: 218.149.228.175	ip-reputation	abuse-ipdb	218.149.228.175		2026-06-22
critical	Malicious IP: 173.255.223.62	ip-reputation	abuse-ipdb	173.255.223.62		2026-06-22
critical	Malicious IP: 20.118.217.162	ip-reputation	abuse-ipdb	20.118.217.162		2026-06-22
critical	Malicious IP: 89.37.172.146	ip-reputation	abuse-ipdb	89.37.172.146		2026-06-22
critical	Malicious IP: 5.61.209.92	ip-reputation	abuse-ipdb	5.61.209.92		2026-06-22
critical	Malicious IP: 66.132.172.102	ip-reputation	abuse-ipdb	66.132.172.102		2026-06-22
critical	Malicious IP: 185.180.141.47	ip-reputation	abuse-ipdb	185.180.141.47		2026-06-22
critical	Malicious IP: 64.89.161.160	ip-reputation	abuse-ipdb	64.89.161.160		2026-06-22
critical	Malicious IP: 115.231.78.11	ip-reputation	abuse-ipdb	115.231.78.11		2026-06-22
critical	Malicious IP: 182.93.50.90	ip-reputation	abuse-ipdb	182.93.50.90		2026-06-22
critical	Malicious IP: 47.251.105.241	ip-reputation	abuse-ipdb	47.251.105.241		2026-06-22
critical	Malicious IP: 82.152.132.24	ip-reputation	abuse-ipdb	82.152.132.24		2026-06-22
critical	Malicious IP: 120.52.12.202	ip-reputation	abuse-ipdb	120.52.12.202		2026-06-22
critical	Malicious IP: 45.148.10.240	ip-reputation	abuse-ipdb	45.148.10.240		2026-06-22
critical	Malicious IP: 91.92.40.4	ip-reputation	abuse-ipdb	91.92.40.4		2026-06-22
critical	Malicious IP: 2.26.231.147	ip-reputation	abuse-ipdb	2.26.231.147		2026-06-22
critical	Malicious IP: 100.29.192.86	ip-reputation	abuse-ipdb	100.29.192.86		2026-06-22
critical	Malicious IP: 185.223.235.10	ip-reputation	abuse-ipdb	185.223.235.10		2026-06-22
critical	Malicious IP: 94.247.172.129	ip-reputation	abuse-ipdb	94.247.172.129		2026-06-22
critical	Malicious IP: 202.165.29.123	ip-reputation	abuse-ipdb	202.165.29.123		2026-06-22
critical	payload_delivery: undefined	threat-intel	threatfox		22June2026, ClearFake, Commandline, macOS, gaea-operations, malware, phishing, scams, stefan-himmelskamp, 21June2026, ClickFix, etherhiding, Polygon, Remus, c2, Stealc, DomainShadowing, Windows, Vidar, central-hub, clickfix-hub, evalusion, merry-florist, NetSupport, unc2190, wordpress-compromise, Fake-Captcha, wordpress-injection, c2-rotation, single-gateway, SilentStealer, XWorm, Amos, AtomicStealer, Cthulhu, stealer, SocGholish, remcos, Mirai, asyncrat, elf, IoT, Mozi, SmartApeSG, xmrig, RAT, hta-polyglot, Loader, msix, TDS, crypter, rundll32, WebDav, CobaltStrike, drb-ra, RemusStealer, FakeCaptcha, powershell, clipboard-hijack, NetSupportRAT, i7sb1k, lockbit, Ransomware, honeylabs, honeypot, Ngioweb, Kongtuke, OffLoader, PureLogsStealer, CloudflareHardwareFingerprinting, amatera, ArcStealer, python-backdoor, winpython, Cloudflare, cracked-games, HijackLoader, Prospero, renengine, telemetry, valleyrat_s2, compromised, WordPress, rmm, quasar, dentons-impersonation, google-drive-abuse, homoglyph, msiexec, NeptuneRAT, ErrTraffic, iran, MuddyWater, stagecomp, StrelaStealer, deerstealer, fingerfix, ironpython, tcp79, FRP, liberium, LiberiumRAT, port, ports, ransomware, botnet, infostealer	2026-06-22
critical	botnet_cc: undefined	threat-intel	threatfox		remcos, CobaltStrike, redirector, Vo1d, c2, erebus-v14, nation-state-hunter, t1055, t1059_003, drb-ra, Vshell, RAT, RemcosRAT, asyncrat, dcrat, Covenant, RapidStealer, ClickFix, evalusion, jarm:1276612955, merry-florist, NetSupport, port:1337, single-gateway, unc2190, QuasarRAT, Havoc, Amos, AtomicStealer, Cthulhu, macOS, xxxblyat, OverlordRAT, AdaptixC2, valleyrat_s2, cs-watermark-391144938, cs-watermark-987654321, Meterpreter, docker-api, Redtail, selfrep, webpot, diicot, miner, junko, DDoS, ssh, xorddos, boyzee, phoenix-c2, postgres, takeover, phoenix, elf, IoT, Mozi, Mirai, Kongtuke, Adaptix, Stealc, Mythic, EyePyramid, Remus, t1071_001, cs-watermark-1873433027, cs-watermark-1580103824, eval, lua, redis, config, rce, SmartApeSG, xmrig, hta-polyglot, Loader, msix, ValleyRAT, RatonRAT, Vidar, Dropper, fileless, NetSupportRAT, BianLian, cs-watermark-1234567890, Viper, DarkVNC, kimsuky, erebus-v15, t1573_002, Ngioweb, AddType, Digitalocean, FakeCaptcha, mtls, nginx, one-check.lol, powershell, TLS1.3, mesh, meshagent, China, Telecom, TernDoor, UAT-9244, cve-2024-4577, rotator, monero, payload-host, pool, module-load, Muhstik, cron, nc, XWorm, DanBot, poshc2, i7sb1k, payload, Sh, sliver, honeypot, python-backdoor, winpython, cs-watermark-666666666, EvilGinx, EvilGoPhish, kimwolf, Sheet Rat, SheetRAT, Deimos, ConnectWise, rmm, ScreenConnect, powershell-loader, RC4, ContagiousInterview, DPRK, FakeInterview, NanoCore, msiexec, PureLogStealer, PureLogsStealer, BruteRatel, Amadey, ViriBack, 23b404, CHAOS, NFS, etherhiding, iran, mois, MuddyWater, tsundere, FRP, relay, blockchain-C2, EtherRat, FakeGit, LuaJIT, Polygon, SmartLoader, manual-override, t1573_001, t1059_001, t1105, fingerfix, ironpython, tcp79, smokeloader, COLDRIVER, SPICA, apt, phishing, botnet, infostealer	2026-06-22
high	data_x86_64	malware	malware-bazaar	a558714eb3c35a8f…, d825cbe08ea10150…	elf, Mirai, botnet	2026-06-22
high	sora.arm7	malware	malware-bazaar	4121a0bfb7059830…, 807c73039d6f413d…	elf, Mirai, upx-dec, botnet	2026-06-22
high	sora.arm5	malware	malware-bazaar	b92abe3dde271635…, 4108ab76360876c3…	elf, Mirai, upx-dec, botnet	2026-06-22
high	sora.arm7	malware	malware-bazaar	d0345ab1663c0153…, 992a89dd9d5edcca…	elf, Mirai, upx, botnet	2026-06-22
high	sora.arm5	malware	malware-bazaar	ce0b3137383e4112…, 356a1243d88a22d8…	elf, upx	2026-06-22
high	data_x86	malware	malware-bazaar	0238e06a1ac58756…, 0bcc0ba9cec4a658…	elf, Mirai, botnet	2026-06-22
high	data_mipsel	malware	malware-bazaar	3b11d33e8f3ca263…, e887f45934e73f72…	elf, Mirai, botnet	2026-06-22
high	sora.sh4	malware	malware-bazaar	3585bbb1adae6cca…, caee427aa16d2ec1…	elf, Mirai, botnet	2026-06-22
high	data_mips	malware	malware-bazaar	9a73e54c5aaf4ae3…, 340c04ab6937d66e…	elf, Gafgyt, Mirai, botnet	2026-06-22
high	k.php	malware	malware-bazaar	f197de37ab531b3d…, e66f444d93ca51f3…	sh	2026-06-22
high	sora.m68k	malware	malware-bazaar	639015f49fe00afa…, cf1d682e438d6a4a…	elf, Mirai, botnet	2026-06-22
high	data_arm7	malware	malware-bazaar	c03210e941c3de90…, 44e38bcd5b2a92cb…	elf, Mirai, botnet	2026-06-22
high	data_mips-uclibc	malware	malware-bazaar	a3cb43a29e0f181f…, a4f2c59ced19e9a2…	elf, Mirai, botnet	2026-06-22
high	data_powerpc	malware	malware-bazaar	9bbed06deb57b262…, a8aaa95c71829fa1…	elf, Mirai, botnet	2026-06-22
high	sora.mips	malware	malware-bazaar	84bf32c6c5852dcf…, 74e71ccc947d8971…	elf, Mirai, upx-dec, botnet	2026-06-22
high	sora.mips	malware	malware-bazaar	84a09f4fdf90abd5…, 6c54dc573e8fdb22…	elf, Mirai, upx, botnet	2026-06-22
high	sora.x86	malware	malware-bazaar	fcc9249b4f188e5a…, 6b406c155f39aaaa…	elf, Mirai, botnet	2026-06-22
high	ok	malware	malware-bazaar	2ec11059183fff0a…, 873970375886a32a…	Mirai, sh, botnet	2026-06-22
high	file	malware	malware-bazaar	c6473b0fc4ebd18a…, 41dced704c3d94e4…	54e64e, dropped-by-Amadey, exe	2026-06-22
high	sora.arm6	malware	malware-bazaar	5ea5fd6006918909…, c3c863ec3c05591b…	elf, Mirai, upx-dec, botnet	2026-06-22
high	sora.arm6	malware	malware-bazaar	0d4ecc9f1c7e94da…, c49410048280d504…	elf, Mirai, upx, botnet	2026-06-22
high	loader.zip	malware	malware-bazaar	2c5260360de10f21…, 818f02e595eb7faa…	bun, exe, NWHStealer, stealer, zip	2026-06-22
high	YimMenuV2.dll	malware	malware-bazaar	967e1665f6935556…, 51a41100fbe14088…	dll, exe, GameHack, Riskware	2026-06-22
high	Requirement.vbs	malware	malware-bazaar	3898a662f25925b6…, 862ce69fbc11bac8…	vbs	2026-06-22
high	SynInstallerV2.exe	malware	malware-bazaar	0b8cae277bf0e3f0…, 72cc8e3d5bb03a4e…	downloader, exe, loader, SalatStealer	2026-06-22
high	rDirectricesdepol__ticasparaempleados_2026_pdf.exe	malware	malware-bazaar	e9b9e9b3ba47548c…, b0e14b749d6ea74e…	exe, GuLoader, signed	2026-06-22
medium	payload: undefined	threat-intel	threatfox		ContagiousInterview, akira, elf, Ransomware, note, ransomnote, ClickFix, crypter, rundll32, WebDav, hta-polyglot, Loader, msix, IoT, Mozi, China, CrowDoor, FamousSparrow, Telecom, TernDoor, TropicTrooper, UAT-9244, malicious, Kongtuke, python-backdoor, winpython, Sheet Rat, SheetRAT, powershell-loader, RC4, Dropper, fake-document, logmein-resolve, rmm, vbs, discord-c2, golang, infostealer, vileransomware, Downloader, iran, mois, MuddyWater, stagecomp, fingerfix, ironpython, tcp79, ransomware, botnet	2026-06-21
unknown	The systemd 261 release brings a software TPM, new OS installer	news	general-news			2026-06-21

OSINT Threat Intelligence Report

Total Items

By Source

By Category

Fetch Errors

Top 10 Highlights

All Items

cisa-kev	2
cisa-advisories	16
vendor-blogs	214
malware-bazaar	26
abuse-ipdb	20
threatfox	3
otx	30
general-news	97

vulnerability	2
advisory	217
malware	26
ip-reputation	20
threat-intel	33
news	97