#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

Update: 2025-06-24

Description

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

A new malware strain known as OtterCookie, developed by the North Korean APT group Lazarus, has been dissected in a detailed technical analysis by offensive security expert Mauro Eldritch.
Attackers are currently exploiting a critical vulnerability in the Langflow platform — an open-source Python-based web app used to build AI workflows and agents — to deliver a new botnet called Flodrix.
A new campaign from an emerging threat group named Water Curse is targeting the software supply chain by leveraging GitHub repositories that masquerade as legitimate security tools.
The threat actor known as Scattered Spider, also tracked as UNC3944 by Google and Mandiant, has apparently shifted its operational focus from the retail sector to the US insurance industry, according to a new alert from Google’s Threat Intelligence Group.

Comments

In Channel

#243 - Defender Fridays: Detection prioritization via the BloodHound attack graph with Jared Atkinson, CTO at SpecterOps

2025-08-2933:16

#242 - Building human & AI synergy with Peter Ruta, Founder / CEO of Arcanna.ai

2025-08-2731:40

#241 - Intel Chat:Apache ActiveMQ, Elastic EDR vulnerability, kernel-level EDR killers & PipeMagic

2025-08-2636:40

#240 - Defender Fridays: Remote Management Tool Abuse with Ezra Woods, Security Engineer at Grand Canyon Education

2025-08-2329:05

#239 - Intel Chat: Scattered Spider or ShinyHunters, Linux kernel’s eBPF subsystem, MAPP & BlackSuit ransomware group

2025-08-1938:03

#238 - Defender Fridays: Building trusted ecosystems for incident response with Dr. Mike Saylor, CEO of Blackswan Cybersecurity

2025-08-1531:25

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA grant funding

2025-08-1142:37

#236 - Defender Fridays: Explore the Challenges of Securing AI Adoption with Jeremy Snyder, Founder and CEO of FireTail.ai

2025-08-0830:15

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA cyber grant funding

2025-08-0639:35

#234 - Defender Fridays: Autonomous SOC, AI for cybersecurity, and security automation with Filip Stojkovski, Staff Security Engineer at Snyk

2025-08-0229:17

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

2025-07-3137:13

#232 - Defender Fridays: AI scarping and internal threat with Lera Leonteva, Founder of Leo AI

2025-07-2531:13

#231 - Intel Chat: CISCO CVE 10/10, Matanbuchus, Cambodian takedown & Overstep

2025-07-2228:17

#230 - Defender Fridays: Cyberphysical protection for high value assets with Lennart Koopman, Founder of

2025-07-1830:56

#229 - Intel Chat: IntelBroker, Hunters International, Brazilian insider, Ruckus Networks & Patch Tuesday

2025-07-1735:32

#228 - Defender Fridays: Building detection and response processes that scale with Ryan Cox, Senior Security Engineer at Revinate

2025-07-1128:52

#227 - Intel Chat: Sudo, browser vulns, Medusa & Cloudflare blocks AI

2025-07-0831:44

#225 - Defender Fridays: EDR, DFIR & endpoint triage with Brian Carrier, CEO of Sleauth Kit Labs

2025-06-2731:00

#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

2025-06-2431:45

#223 - Defender Fridays: Maintaining the human touch in security operations with Hayden Covington, SOC SecOps Lead at BHIS

2025-06-2030:48

00:00

#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

#box-pro-ellipsis-175674041106938{-webkit-line-clamp:2;}#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider