Threat Intelligence Report

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit [infrastructure hosting Notepad++]

📅 February 3, 2026 📰 www.rapid7.com 🔍 0 CVE(s) referenced

Lotus Blossom’s latest campaign demonstrates a leap in sophistication, combining a custom backdoor (Chrysalis), advanced obfuscation, and novel use of Microsoft Warbird to deliver persistent, stealthy access and commodity malware via high-profile software supply chain compromise.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle