CVE Database Threat Actors Research API Docs

Visit Strobes.co Sign Up for Strobes

CVE Database Threat Actors Research API Docs

Tools

Visit Strobes.co Sign Up for Strobes

Do you like the insights?

Strobes vulnerability intelligence is a key component of their Exposure Management platform that helps organizations understand, prioritize, and address security vulnerabilities more effectively.

© 2026 Strobes Security. All rights reserved.

Caramel Tsunami - Threat Actor Profile & Exploited CVEs | Strobes VI | Strobes VI

Home Threat ActorsCaramel Tsunami

Caramel Tsunami

Also known as: Candiru, SOURGUM

0

Exploited CVEs

Overview

Caramel Tsunami is a threat actor that specializes in spyware attacks. They have recently resurfaced with an updated toolset and zero-day exploits, targeting specific victims through watering hole attacks. Candiru has been observed exploiting vulnerabilities in popular browsers like Google Chrome and using third-party signed drivers to gain access to the Windows kernel. They have also been linked to other spyware vendors and have been associated with extensive abuses of their surveillance tools.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions

Search related CVEs Browse all threat actors