[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVG-_42Xn8QsciNguw9CZFbtZzOGX6AdNSHNLySwRE0g":3},{"article":4,"iocs":37},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":11,"published_at":13,"ingested_at":14,"relevance_score":15,"entities":16,"category_id":20,"category":21,"article_tags":24},"f6475e43-cecb-465e-a3e9-ee84659de707","🎉 New DFIR Lab is live: ClickFix → RomComRAT → Domain Compromise (Private Case #35646)\n\nStep int...","new-dfir-lab-is-live-clickfix-romcomrat-domain-compromise-private-case-35646-ste-ae7fcd","🎉 New DFIR Lab is live: ClickFix → RomComRAT → Domain Compromise (Private Case #35646)\n\nStep into a nine-day espionage operation and investigate it end-to-end. It starts with a user falling for a deceptive fake CAPTCHA lure, escalates through custom RomComRAT implants for","A new DFIR lab simulates a nine-day espionage operation. The scenario begins with a user falling for a fake CAPTCHA, leading to the deployment of custom RomComRAT implants and ultimately a domain compromise.","New DFIR lab simulates a 9-day espionage operation involving ClickFix, RomComRAT, and domain compromise.",null,"https:\u002F\u002Fx.com\u002FTheDFIRReport\u002Fstatus\u002F2057446794825433100","2026-05-21T13:01:56+00:00","2026-05-21T14:00:07.766444+00:00",7,[17],{"name":18,"type":19},"ClickFix","campaign","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":20,"icon":11,"name":22,"slug":23},"Threat Intelligence","threat-intelligence",[25,30,35],{"category":26},{"id":27,"icon":11,"name":28,"slug":29},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":31},{"id":32,"icon":11,"name":33,"slug":34},"c5eccf7c-abbc-4bd3-bbed-e6da5cba8e73","Incident Response","incident-response",{"category":36},{"id":20,"icon":11,"name":22,"slug":23},[38],{"type":29,"value":39,"context":40},"RomComRAT","Custom implant used in the simulated espionage operation"]