Log inSign up
ANY.RUN
5,226 posts
user avatar
ANY.RUN
@anyrun_app
Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: login.any.run/register/?utm_…
any.run/?utm_source=x&…
Joined February 2017
191
Following
33.2K
Followers

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    ANY.RUN
    @anyrun_app
    Jun 16
    🚀 BIG NEWS: Full URL triage now takes a single click. Domain data, dynamic DOM changes, hidden scripts — all visible under Browser Data tab. No more slow investigations. Just see & decide to escalate or close the alert. Try ultra-fast phishing analysis: any.run/cybersecurity-…
    2.1K
  • user avatar
    ANY.RUN
    @anyrun_app
    Nov 25, 2024
    🚨ALERT: Potential ZERO-DAY, Attackers Use Corrupted Files to Evade Detection 🧵 (1/3) ⚠️ The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your inbox The #ANYRUN team
    96K
  • user avatar
    ANY.RUN
    @anyrun_app
    Apr 24, 2025
    🚨 Important: False positive from MS Defender XDR has led to 1,700+ sensitive docs being shared publicly via #ANYRUN alone. A couple of hours ago we saw a sudden inflow of Adobe Acrobat Cloud links being uploaded to ANYRUN's sandbox. After research, we've discovered that
    113K
  • user avatar
    ANY.RUN
    @anyrun_app
    Jul 20, 2024
    ⚠ As expected, the incident with #CrowdStrike has been exploited to distribute malware. 🎯 In our example, an archive containing #Hijackloader, which delivers #Remcos to the infected system, is downloaded into the system under the guise of a #hotfix. 💢 The name of the ZIP
    77K
  • user avatar
    ANY.RUN
    @anyrun_app
    Oct 23, 2025
    🚨 #LOLBin abuse remains one of the hardest techniques for SOC teams to detect. Attackers hijack trusted Windows tools to execute malicious activities while blending into legitimate processes. 👨‍💻 See example of a typical attack: app.any.run/tasks/02dd6096… 📖 Read the breakdown of
    27K
  • user avatar
    ANY.RUN
    @anyrun_app
    Dec 27, 2023
    🎅 Ho, ho, ho! Santa's got a surprise for you #Linux is coming to ANYRUN! 🎁 Get ready to execute #malware, interact with uploaded files, and gather IOCs on #Ubuntu 22.04.2 🚀 Stay tuned for the official launch soon. For now, check out Linux task samples: ➡️
    55K
  • user avatar
    ANY.RUN
    @anyrun_app
    May 16, 2018
    Now you can open malicious link in the default browser at ANY.RUN without downloading HTML files. Very useful for researching exploits. And it is already available on FREE plans! #RigEK example: app.any.run/tasks/768af0f8…
  • user avatar
    ANY.RUN
    @anyrun_app
    Sep 25, 2018
    We have mapped our signatures to @MITREattack. It will help you to better understand tactics and techniques used by attackers, to learn about different phases of malicious work, as well as, to better classify our signatures under the common standard for you.
  • user avatar
    ANY.RUN
    @anyrun_app
    Jul 17, 2025
    🚨 #DeerStealer Delivered via Obfuscated .LNK and #LOLBin Abuse. A new phishing campaign delivers #malware through a fake PDF shortcut (Report.lnk) that leverages mshta.exe for script execution, which is a known LOLBin technique (MITRE T1218.005). ⚠️ The attack begins with an
    48K
  • user avatar
    ANY.RUN
    @anyrun_app
    Feb 21, 2018
    We have developed new useful feature "Fake Net". It intercepts HTTP requests and returns 404 error, forcing malware to reveal its C2 links #Emotet cases: Default: app.any.run/tasks/9d11f097… With "Fake Net" feature: app.any.run/tasks/28cd16bd… In the second one, you can see all 5 URL's
    Analysis http://www.abbigliamentotomasini.it/RECHNUNG-83237/ Malicious activity - Interactive...
    From app.any.run
  • user avatar
    ANY.RUN
    @anyrun_app
    Oct 2, 2018
    New feature for you, guys! The process graph is a schematic visualization of all phases of malicious activity. It has a convenient format for a report or presentation. You can point it into your blog or share it. The graph will be included in the text report of our system.
  • user avatar
    ANY.RUN
    @anyrun_app
    Dec 8, 2022
    I guess we have jumped the gun to fire those guys #ChatGPT #FormBook #OpenAI
  • user avatar
    ANY.RUN
    @anyrun_app
    Feb 28, 2024
    ⚠️ Please beware of a new threat ⚠️ We have observed a mass attack on users between February 23, 2024, and the present moment. ⚙️ Treat Details: - The initial vector is an email with a ZIP attachment and the question, "I sent a material your side last day, have you able to get
    58K
  • user avatar
    ANY.RUN
    @anyrun_app
    Sep 1, 2025
    🚨 WinRAR CVE-2025-8088: The invisible persistence SOCs can’t afford to miss Attackers are abusing Alternate Data Streams (ADS) to perform path traversal during archive extraction. By appending colon symbol (:) in file names, they sneak hidden objects into system folders
    19K