Jun 11, 2026
C2 Hosts: 28
Sliver
According to VK9 Seecurity, Sliver is a Command and Control (C2) system made for penetration testers, red teams, and advanced persistent threats. It generates implants (slivers) that can run on virtually every architecture out there, and securely manage these connections through a central server. Sliver supports multiple callback protocols including DNS, TCP, and HTTP(S) to make egress simple, even when those pesky blue teams block your domains. You can even have multiple operators (players) simultaneously commanding your sliver army.
C2 Infrastructure
Hosting/VPS 93%
ISP/Residential 7%
Last 7 days
Jun 10, 2026
C2 Hosts: 1
| Date | C2 Hosts |
|---|---|
| Jun 11, 2026 | 28 |
| Jun 10, 2026 | 1 |
Further Reading
Supposed Grasshopper: operators impersonate Israeli government and private companies to deploy open-source malware opens in a new tab
Analysis of malicious infrastructure targeting Israeli entities via payloads delivered through compromised WordPress sites in 2023.
harfanglab.io
UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell | Sysdig opens in a new tab
After a year under the radar, the Sysdig Threat Research Team identified a new campaign from Chinese state-sponsored threat actor UNC5174.
sysdig.com
Operation Oxidový: Sophisticated Malware Campaign Targets Czech Officials Using NATO-Themed Decoys | Seqrite opens in a new tab
Seqrite Labs APT-Team has recently found a campaign targeting the Czech Republic. The campaign targets government and military officials with multiple lures aimed at the relationship between NATO a...
seqrite.com
Botnet C&C | Botnet Threat Update January to June 2025 | Report opens in a new tab
spamhaus.org
Botnet C&C | Botnet Threat Update July to December 2025 | Report opens in a new tab
spamhaus.org
Assessing Offensive Security Tools: A Team Cymru Case Study opens in a new tab
Explore our in-depth case study on assessing common offensive security tools, perfect for technology companies seeking to bolster their defense strategies.
team-cymru.com
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach opens in a new tab
Volexity frequently works with individuals and organizations heavily targeted by sophisticated, motivated, and well-equipped threat actors from around the world. Some of these individuals or organi...
volexity.com