Daniel Cuthbert
It was off the back of the recent regreSSHion (CVE-2024-6387) p0c code that my spidey senses went into overdrive and resulted in @v1ad_o and I tearing apart a pretty sweet rootkit targeting TI/sec researchers https://santandersecurityresearch.github.io/blog/sshing_the_masses