Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Deep Dive: Kroll's Analysis of the GARUDA C2 Malware

Kroll identified a cross-platform malware framework, dubbed GARUDA C2, that uses public code-hosting platforms like GitHub for staging, redundancy and command distribution across Windows, macOS and Linux. Analysis links the campaign to an India-based operator supported by Hindi-language development artifacts, build logs, infrastructure indicators and evidence suggesting use of a locally hosted large language model (LLM) to accelerate malware development.

Beyond Static Identity: Why Adaptive Behavioral Trust Is Now Essential

Enterprise security is confronting an identity problem that has outgrown the tools designed to contain it. For years, the operating model was straightforward, to authenticate users at the gate, grant access and monitor known risks. However, today AI is increasingly interwoven with business practices, making that model no longer fit for purpose.