Kimsuky targets organizations with PebbleDash-based tools
Over the past few months, we have conducted an in-depth analysis of specific activity clusters of Kimsuky (aka APT43, Ruby Sleet, Black Banshee, Sparkling...
5 Key Takeaways from “Inside the Shape-Shifting Inbox: The New Playbook for SOC Teams”
Phishing has entered a new phase. Today’s attacks are no longer built around a single malicious email, domain, or attachment. Instead, threat actors are leveraging...
Abrigo – 711,099 breached accounts
In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data...
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defense
Executive Summary Artificial intelligence is often discussed as a tool for automating and accelerating existing cybersecurity workflows. While that framing is accurate, it...
1 year and 1 million messages later: Lessons learned building AI agents on the...
After a year and one million messages, Elastic's Field Technology team shares five lessons from building production AI agents: why logs matter most, how...
Backdoored Cemu release linked to TanStack and Mistral supply chain campaign
We investigate how a coordinated supply chain campaign that compromised npm and PyPI packages also backdoored the official Cemu Nintendo Wii U emulator GitHub...
NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals
As of April 15, 2026, NIST enriches only CVEs that appear in the CISA Known Exploited Vulnerabilities catalog, federal government software, or software...
Backdoored node-ipc npm releases steal developer credentials through DNS queries
An analysis of backdoored node-ipc npm releases that add an obfuscated credential collection and DNS exfiltration payload to the CommonJS entrypoint. - Read...
Detecting and preventing crypto mining in your AWS environment
This article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS) environment....
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
