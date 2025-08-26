DUBAI, DUBAI, UNITED ARAB EMIRATES, August 26, 2025 /EINPresswire / -- ANY , a leading provider of interactive malware analysis and threat intelligence, has released its August 2025 threat roundup, exposing three major attacks targeting enterprises and critical industries worldwide.

Phishing kits and stealers dominated the month with new tactics to bypass defenses and overwhelm analysts, but the research team showed how these campaigns can be safely uncovered before causing costly business damage.

Tycoon2FA: A 7-Stage Phishing Attack Built to Beat Defenses

ANY uncovered Tycoon2FA's new multi-stage campaign; a seven-step chain of CAPTCHAs, button-hold checks, and validation screens to stay hidden from automated tools. Unlike mass phishing kits, it targets government, military, and financial institutions, with 26% of observed cases hitting the banking sector.

Rhadamanthys Stealer via ClickFix

Attackers combined ClickFix flows with Rhadamanthys Stealer, a C++ malware designed for large-scale data theft. Delivered through MSI payloads running in memory, it uses anti-VM checks, TLS anomalies, and PNG steganography to stay under the radar.

Salty2FA: A New PhaaS Linked to Storm-1575

Experts also exposed Salty2FA, a Phishing-as-a-Service kit capable of bypassing nearly all MFA methods. Already active in finance, energy, telecom, healthcare, and government, it poses severe risks where one compromised account can disrupt entire operations.

For full technical details, live analyses, IOCs, and guidance on faster detection, visit the ANY blog .

About ANY

ANY helps more than 15,000 organizations worldwide, from banking and healthcare to telecom, retail, and technology, strengthen cybersecurity operations and respond to threats with confidence.

Solutions include the Interactive Sandbox for live malware analysis, Threat Intelligence Lookup for IOC enrichment, and TI Feeds that deliver high-fidelity data directly into SOC workflows.

Built for speed and clarity, ANY gives teams the visibility they need to uncover hidden attacks, cut investigation time, and stop intrusions earlier.

