# OSINT Post — @thehackernews msg 8636

*Thursday, March 19, 2026 at 7:17 PM UTC — Hamer Intelligence Services Desk*

**Posted**: 2026-03-19T19:17:53.000Z (2mo ago)
**Fetched**: 2026-03-21T21:32:24.232Z (2mo ago)
**Views**: 6
**Media**: photo
**Link**: https://t.me/thehackernews/8636
**Permalink**: https://hamerintel.com/data/posts/2467.md
**Source**: https://hamerintel.com/sources

---

Speagle malware is abusing Cobra DocGuard to quietly steal data. It sends exfiltration through a legitimate DocGuard server, blending into normal traffic and avoiding detection.It only runs on systems with DocGuard installed, signaling targeted espionage activity.🔗 How it hides, steals, and wipes traces → https://thehackernews.com/2026/03/speagle-malware-hijacks-cobra-docguard.html