Threat Intelligence Report

StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader

📅 June 24, 2026 📰 securelist.com 🔍 13 CVE(s) referenced

A previously unknown threat actor is leveraging a sophisticated new loader, SharkLoader, to deploy Cobalt Strike Beacons across a wide range of global organizations by exploiting public-facing application vulnerabilities and employing advanced evasion techniques, in a campaign that blends opportunistic and targeted attacks with suspected Chinese-speaking origins.

vendor

CVE-2024-21762, CVE-2023-46747, CVE-2022-27925, CVE-2016-4437, CVE-2021-36260, CVE-2022-41082, CVE-2022-40684, CVE-2021-27076, CVE-2023-20198, CVE-2023-32315, CVE-2025-55182, CVE-2021-26855, CVE-2024-36401

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle