nfury — Live Investigation Report

APT1-era intrusion. httppump C2 at 192.168.1.5/ads/. Attacker account vibranium. Full disk + memory pipeline. 15 confirmed, 4 refuted. 16 minutes. $14.

Open full screen



SANS FIND EVIL! Hackathon 2026  ·  Custom MCP Server + Multi-Agent Adversarial Pipeline  ·  MIT License