Threat Intelligence Report

GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack

📅 March 1, 2026 📰 www.recordedfuture.com 🔍 0 CVE(s) referenced

GrayCharlie, an evolving threat actor targeting US organizations, compromises WordPress sites to deliver NetSupport RAT and infostealers via fake browser updates and ClickFix lures, leveraging extensive infrastructure and occasionally exploiting supply-chain vulnerabilities.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle