Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Recently, JUMPSEC’s DART (Detection and Response Team) detected a phishing email targeting a client environment. The email, written in Thai and containing a MediaFire download link, was identified as suspicious by an incident responder and we kicked off an investigation. Since then, we have established infrastructure to track the threat actor, analysed the novel payload in detail, and identified several IoCs below.

As 2026 rolls on, our capacity to prompt ourselves silly appears to be limitless. We’ve already seen the financial, legal, and reputational damage to Deloitte as they partly refunded the Australian government for a 237-page audit report containing LLM-generated hallucinations like fabricated academic references, fake footnotes, and a false quote attributed to a judge.