Inlay

Trusted sites are favorites for the baddies as command-and-control and exfiltration destinations, because they think you can't block them or observe them. That's exactly what this attack expects. discourse.ifin.netwo... #ThreatIntel #ThreatIntelligence #IFIN

Last Updated: 2026-06-18 What’s Happening Malvertising of AI tooling to direct users to geoshitties (my nickname of free subdomain web hosting) Gitlab[.]io (typically used to host a projects documentation) making it a high-regret block for IT users. In this article shared Claude chats were being utilized, making it abuse of a Living off a Trusted Site (LOTS). Actions Link to the article’s IOCs to hunt or block in your organization. https://documents.trendmicro.com/assets/txt/Indicators%2...