{"id":21857,"date":"2026-07-01T11:31:25","date_gmt":"2026-07-01T11:31:25","guid":{"rendered":"https:\/\/any.run\/cybersecurity-blog\/?p=21857"},"modified":"2026-07-01T11:46:49","modified_gmt":"2026-07-01T11:46:49","slug":"release-notes-june-2026","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/","title":{"rendered":"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Coverage Updates"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Phishing pages don&#8217;t sit still anymore. They redirect, load scripts, harvest credentials through dynamic forms, and rebuild their DOM after the initial load \u2014 and most URL analysis workflows still only see the finish line, not the race. This June, ANY.RUN closed that gap directly inside the Interactive Sandbox and extended its automation reach with a new integration built for scale.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here&#8217;s what your team can put to work this month: full browser-level visibility for every URL analysis, a no-code path to embed ANY.RUN in Torq playbooks, and over 1,100 new detections across behavior signatures, Suricata rules, and YARA rules.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Product Updates&nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">June&#8217;s releases focus on closing the visibility gap in phishing investigations and giving SOC and MSSP teams a faster route from alert to automated response. The headline update is in-browser data inspection, a new investigation layer in the Interactive Sandbox, alongside a new integration with the Torq AI SOC Platform.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Closing the Phishing Blind Spot with In-Browser Data Inspection<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Modern phishing campaigns rarely stop at a malicious URL. They rely on dynamic content, JavaScript, multi-stage redirects, credential harvesting forms, and browser-based tricks that often remain invisible to traditional analysis methods.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This month, ANY.RUN <a href=\"https:\/\/any.run\/cybersecurity-blog\/in-browser-data-inspection\/\">introduced In-Browser Data Inspection<\/a>, a new capability that captures browser-rendered content during URL analysis, revealing exactly what users would experience when interacting with a suspicious website.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Instead of relying solely on page source or network data, analysts can now inspect:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Fully rendered web pages and dynamic content;\u00a0<\/li>\n\n\n\n<li>Phishing forms and credential collection attempts;\u00a0<\/li>\n\n\n\n<li>Client-side JavaScript execution;\u00a0<\/li>\n\n\n\n<li>Redirect chains and browser behavior;\u00a0<\/li>\n\n\n\n<li>Hidden elements designed to evade detection.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"831\" height=\"1024\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-831x1024.png\" alt=\"\" class=\"wp-image-21895\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-831x1024.png 831w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-243x300.png 243w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-768x946.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-1247x1536.png 1247w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-370x456.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-270x333.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1-740x912.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/unfo1-1662x2048-1.png 1662w\" sizes=\"auto, (max-width: 831px) 100vw, 831px\" \/><figcaption class=\"wp-element-caption\"><em>See all URL details, DOM changes, network requests, and IOCs in one place<\/em>\u00a0<br><\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">For SOC analysts, this means fewer blind spots during phishing investigations and faster validation of suspicious URLs.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For security managers and CISOs, it means higher confidence in phishing detection, quicker incident triage, and better protection against increasingly sophisticated browser-based attacks.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Scaling Triage and Response with the ANY.RUN &amp; Torq Integration<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Alert volume keeps growing faster than SOC headcount, and every alert that lands without context costs an analyst time they don&#8217;t have. ANY.RUN&#8217;s <a href=\"https:\/\/any.run\/cybersecurity-blog\/torq-integration\/\">new integration with the Torq AI SOC Platform<\/a> puts conclusive malware and phishing verdicts directly into the automated workflows teams already build in Torq: no custom code, no months-long rollout.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The integration ships with five ready-to-use <a href=\"https:\/\/torq.io\/hyperagents\/\">Torq HyperAgents<\/a>\u2122 covering two workflow types: case-based templates that pull observables straight from an open Torq case for enrichment, and standalone sandbox workflows that accept a URL or file as input and return a full verdict, IOC list, and report link anywhere in a custom automation chain. Results \u2014 reputation data, threat names, tags, and structured JSON \u2014 land directly in Torq Case Management, ready to branch on.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Teams integrating ANY.RUN into Torq gain:<\/strong>\u00a0<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Faster incident resolution, with an average MTTR reduction of 21 minutes per case.\u00a0<\/li>\n\n\n\n<li>Operational scaling without added headcount, as HyperAgents absorb routine Tier 1 enrichment work.\u00a0<\/li>\n\n\n\n<li>Zero development overhead, with a no-code setup that&#8217;s live in minutes rather than months.\u00a0<\/li>\n\n\n\n<li>Standardized investigation logic, so every alert is checked against the same high-fidelity criteria regardless of analyst experience.\u00a0<\/li>\n\n\n\n<li>Higher ROI on existing tools, as ANY.RUN enriches the SIEM, EDR, and XDR data already flowing into Torq.\u00a0<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"427\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-1024x427.png\" alt=\"\" class=\"wp-image-21898\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-1024x427.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-300x125.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-768x320.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-370x154.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-270x112.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2-740x308.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/image7-2.png 1318w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">ANY.RUN\u2019s Sandbox provides fast case enrichment in Torq<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">The integration is available on ANY.RUN Threat Intelligence and Interactive Sandbox plans with API access, giving SOC and MSSP teams a direct path to scale triage and response without scaling the team itself.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nExperience the latest ANY.RUN capabilities.<br>\n<span class=\"highlight\">Gain deeper browser visibility and accelerate investigations <br><\/span>with Torq-powered automation.\n\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoenterprise#contact-sales\" rel=\"noopener\" target=\"_blank\">\nIntegrate in your SOC<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Threat Coverage Updates<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Keeping pace with evolving malware remains a core priority for our detection team. During June, we significantly expanded threat coverage with:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>1,055 new Suricata rules,<\/li>\n\n\n\n<li>65 new behavior signatures,<\/li>\n\n\n\n<li>14 new YARA rules.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">These additions improve detection across network traffic, behavioral activity, and malware samples, helping analysts identify emerging threats faster while increasing investigation accuracy. The continuous expansion of detection logic also strengthens the quality of intelligence powering ANY.RUN&#8217;s Interactive Sandbox and Threat Intelligence solutions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">New Behavior Signatures<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The 65 new behavior signatures added this month target malware-specific activity helping analysts confirm what a sample actually does inside the sandbox, rather than inferring it from static traits alone. Coverage this month spans commodity stealers and loaders, RATs, and ransomware families active across recent phishing and malvertising campaigns.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Highlighted&nbsp;detections&nbsp;include:&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-group is-layout-grid wp-container-core-group-is-layout-9d260ee2 wp-block-group-is-layout-grid\">\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/24a03e00-b8f1-4557-b1c3-6b473d0990b9\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>SOLARIS<\/strong><\/a>\u00a0(mutex)\u00a0<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/0134f484-cf7b-4446-8375-feca3a52dca8\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">SILENTNET<\/a>\u00a0<\/strong><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/56d64e4d-7797-4122-8d5c-ae313e4d2a09\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">ORACLESPY (YARA rule)<\/a>\u00a0<\/strong><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/839c2d61-4169-416a-953e-93f01bc62654?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>KONG<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/0024567d-04f2-4265-bddf-73f5a1c3755c\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>HIDDENTEARS<\/strong><\/a>\u00a0(mutex)<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/000eb0da-4208-4e07-85a5-d93f906b60c4\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>GLAMOUR (mutex)<\/strong><\/a><strong>\u00a0<\/strong><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/a9d8ecff-7c7d-4a3c-80da-76e70ca8cc26\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>STEALC<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/60773dd2-262f-45f5-8a4e-38f7102bfbb2\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>BLANKGRABBER<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/692b9855-e96e-4d5b-be41-c3e34cbe0c15\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>JUNKLOCKER<\/strong><\/a>\u00a0(mutex)<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/56d64e4d-7797-4122-8d5c-ae313e4d2a09\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">ORACLESPY<\/a>\u00a0<\/strong><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/16f14270-37fe-4f87-85a6-235dd47020ad?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>PCLOCKER<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/706a4e50-1970-4e7a-bcb4-f417f2a5026b?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>EXITIUM<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/de9e1fed-538d-4dbc-8bbc-07423f1d81ef\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>ONYXC2<\/strong><\/a>\u00a0(mutex)<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/a30ccad6-7ad8-47f6-a3eb-6e4270c7834a\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>SHAT<\/strong><\/a>\u00a0<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/f1bc8ea8-78e1-462e-989b-2391f0e1490d?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>MAKOP<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/1c13178d-d97a-4150-bd7a-1eb93a476e0d?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>1BYTE<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/55514ae6-150d-4cde-90ed-60a26e5d25e9\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>APEXTRADER<\/strong><\/a>\u00a0<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/2bba5094-7ee2-4bd1-98f3-f3a9b5af3e91\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">GLAMOUR (YARA rule)<\/a>\u00a0<\/strong><\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/807bf35a-2912-4541-ae11-6bdf901c9ef9?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>MORPH<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/b65c1bd1-1983-4b20-8ea5-3ffabe58437e\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>SMUKX<\/strong><\/a>&nbsp;<\/li>\n<\/ul>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nCut response delays before threats become costly incidents.<br>\n<span class=\"highlight\">Give your SOC faster, evidence-backed decisions<\/span>\n\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&#038;utm_term=010726&#038;utm_content=linktoenterprise#contact-sales\" rel=\"noopener\" target=\"_blank\">\nIntegrate in your SOC<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">New Suricata Rules<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A total of 1,055 new Suricata rules were implemented in June to improve visibility into malicious network activity, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/app.any.run\/tasks\/446d373f-2cc3-4455-97d5-64797934f6f1\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\"><strong>Phishing Redirect Engine related URL<\/strong><\/a> (sid: 89003883) &#8211; Identifies various PhaaS operators&#8217; infrastructure used as routing layer, delivering victim to specific phishkit landing pages.<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/529a64bf-3465-4e8e-8983-564558ea2915\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\">Adobe-themed RMM phishing<\/a><\/strong> (sid: 84003399) &#8211; Tracks attempts to lure user into installing remote management tool, disguised as shared secure documents.<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/app.any.run\/tasks\/8ca6e2fc-b4bb-4691-b295-8a971590c852\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoservice\">SilentNet CnC HTTP activity<\/a><\/strong> (sid: 84003444) &#8211; Detects SilentNet attempts to communicate with its C2-server.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">About&nbsp;ANY.RUN&nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, helps businesses and organizations strengthen security operations with faster threat understanding andclearer evidence for response.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Its solutions include the <a href=\"https:\/\/any.run\/features\/\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktosandboxlanding\" target=\"_blank\" rel=\"noreferrer noopener\">Interactive Sandbox<\/a> for enterprise-scale malware and phishing analysis, as well as <a href=\"https:\/\/any.run\/threat-intelligence-lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktotilookuplanding\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence<\/a> solutions built on investigation data from more than 15,000 organizations. This intelligence helps security teams enrich alerts, detect active threats earlier, and support investigation and response workflows with relevant context.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">ANY.RUN is <a href=\"https:\/\/any.run\/compliance\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-may-2026&amp;utm_term=030626&amp;utm_content=linktocompliance\" target=\"_blank\" rel=\"noreferrer noopener\">SOC 2 Type II attested<\/a>, reflecting its strong security controls and commitment to protecting customer data. For SOCs, MSSPs, and enterprise teams, the platform helps reduce investigationuncertainty, improve triage speed, and turn threat analysis into actionable insights for faster, better-informed decisions.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=release-notes-june-2026&amp;utm_term=010726&amp;utm_content=linktoenterprise#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Integrate ANY.RUN into your SOC workflow \u2192<\/strong><\/a>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing pages don&#8217;t sit still anymore. They redirect, load scripts, harvest credentials through dynamic forms, and rebuild their DOM after the initial load \u2014 and most URL analysis workflows still only see the finish line, not the race. This June, ANY.RUN closed that gap directly inside the Interactive Sandbox and extended its automation reach with [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":21861,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[57,10,55],"class_list":["post-21857","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-service-updates","tag-anyrun","tag-cybersecurity","tag-release"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Updates<\/title>\n<meta name=\"description\" content=\"Discover the latest ANY.RUN updates for June 2026, including In-Browser Data Inspection, Torq integration, and 1,100+ new Suricata, YARA, and behavior detection rules.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"headline\":\"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Coverage Updates\",\"datePublished\":\"2026-07-01T11:31:25+00:00\",\"dateModified\":\"2026-07-01T11:46:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/\"},\"wordCount\":1021,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/Release-notes-scaled.png\",\"keywords\":[\"ANYRUN\",\"cybersecurity\",\"release\"],\"articleSection\":[\"Service Updates\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/\",\"name\":\"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Updates\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/Release-notes-scaled.png\",\"datePublished\":\"2026-07-01T11:31:25+00:00\",\"dateModified\":\"2026-07-01T11:46:49+00:00\",\"description\":\"Discover the latest ANY.RUN updates for June 2026, including In-Browser Data Inspection, Torq integration, and 1,100+ new Suricata, YARA, and behavior detection rules.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#primaryimage\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/Release-notes-scaled.png\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/Release-notes-scaled.png\",\"width\":2560,\"height\":1243,\"caption\":\"Release Notes June\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/release-notes-june-2026\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Service Updates\",\"item\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/category\\\/service-updates\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Coverage Updates\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/any.run\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/www.any.run\\\/\",\"https:\\\/\\\/x.com\\\/anyrun_app\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/30692044\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/author\\\/a-bespalova\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Updates","description":"Discover the latest ANY.RUN updates for June 2026, including In-Browser Data Inspection, Torq integration, and 1,100+ new Suricata, YARA, and behavior detection rules.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Coverage Updates","datePublished":"2026-07-01T11:31:25+00:00","dateModified":"2026-07-01T11:46:49+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/"},"wordCount":1021,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"image":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#primaryimage"},"thumbnailUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/Release-notes-scaled.png","keywords":["ANYRUN","cybersecurity","release"],"articleSection":["Service Updates"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/","url":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/","name":"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Updates","isPartOf":{"@id":"https:\/\/any.run\/"},"primaryImageOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#primaryimage"},"image":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#primaryimage"},"thumbnailUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/Release-notes-scaled.png","datePublished":"2026-07-01T11:31:25+00:00","dateModified":"2026-07-01T11:46:49+00:00","description":"Discover the latest ANY.RUN updates for June 2026, including In-Browser Data Inspection, Torq integration, and 1,100+ new Suricata, YARA, and behavior detection rules.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#primaryimage","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/Release-notes-scaled.png","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/07\/Release-notes-scaled.png","width":2560,"height":1243,"caption":"Release Notes June"},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/release-notes-june-2026\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Service Updates","item":"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/"},{"@type":"ListItem","position":3,"name":"Release Notes: In-Browser Data Inspection, Torq Integration, and 1,100+ Threat Coverage Updates"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/x.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4a921d1fbcf45a0476667c89b7999bc2bb3c028b518acc569da69c8797e53a84?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/21857","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=21857"}],"version-history":[{"count":25,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/21857\/revisions"}],"predecessor-version":[{"id":21902,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/21857\/revisions\/21902"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/21861"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=21857"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=21857"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=21857"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}