 | Security briefing: May 2026 | 2026-06-02 | True | | True | | |
| AI agent at the wheel: How an attacker used LLMs to move from a CVE to an internal database in 4 pivots | 2026-05-26 | True | | True | | |
| The expendable extension name: Azure VMAccess naming chaos, password resets, and a detection gap | 2026-05-20 | True | | True | | |
| Agentic AI Tooling: Why Runtime Security Is the Missing Layer | 2026-05-19 | True | | True | | |
| NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys | 2026-05-14 | True | | True | | |
| CVE-2026-44338: PraisonAI authentication bypass in under 4 hours and the growing trend of rapid exploitation | 2026-05-12 | True | | True | | |
| Dirty Frag (CVE-2026-43284 and CVE-2026-43500): Detecting unpatched local privilege escalation via Linux Kernel ESP and RxRPC | 2026-05-08 | True | | True | | |
| Security briefing: April 2026 | 2026-05-05 | True | | True | | |
| CVE-2026-31431: “Copy Fail” Linux kernel flaw lets local users gain root in seconds | 2026-04-30 | True | | True | | |
| CVE-2026-42208: Targeted SQL injection against LiteLLM's authentication path discovered 36 hours following vulnerability disclosure | 2026-04-27 | True | | True | | |
| CVE-2026-33626: How attackers exploited LMDeploy LLM Inference Engines in 12 hours | 2026-04-22 | True | | True | | |
| Anthropic Mythos just broke the four-minute mile in cyber offense | 2026-04-21 | True | | True | | |
| CVE-2026-39987 update: How attackers weaponized marimo to deploy a blockchain botnet via HuggingFace | 2026-04-15 | True | | True | | |
| Marimo OSS Python Notebook RCE: From Disclosure to Exploitation in Under 10 Hours | 2026-04-09 | True | | True | | |
| Security briefing: March 2026 | 2026-04-06 | True | | True | | |
| AI infrastructure security: Why it deserves its own category | 2026-03-26 | True | | True | | |
| AI infrastructure security: Why it deserves its own category | 2026-03-26 | True | | True | | |
| TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions | 2026-03-23 | True | | True | | |
| AI coding agents are running on your machines — Do you know what they're doing? | 2026-03-23 | True | | True | | |
| TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions | 2026-03-23 | True | | True | | |
| AI coding agents are running on your machines — Do you know what they're doing? | 2026-03-23 | True | | True | | |
| CVE-2026-33017: How attackers compromised Langflow AI pipelines in 20 hours | 2026-03-19 | True | | True | | |
| CVE-2026-33017: How attackers compromised Langflow AI pipelines in 20 hours | 2026-03-19 | True | | True | | |
| Detecting CVE-2026-3288 & CVE-2026-24512: Ingress-nginx configuration injection vulnerabilities for Kubernetes | 2026-03-17 | True | | True | | |
| Detecting CVE-2026-3288 & CVE-2026-24512: Ingress-nginx configuration injection vulnerabilities for Kubernetes | 2026-03-17 | True | | True | | |
| Security briefing: February 2026 | 2026-03-04 | True | | True | | |
| Security briefing: February 2026 | 2026-03-04 | True | | True | | |
| LLMjacking: From Emerging Threat to Black Market Reality | 2026-02-24 | True | | True | | |
| LLMjacking: From Emerging Threat to Black Market Reality | 2026-02-24 | True | | True | | |
| AI-assisted cloud intrusion achieves admin access in 8 minutes | 2026-02-03 | True | | True | | |
| AI-assisted cloud intrusion achieves admin access in 8 minutes | 2026-02-03 | True | | True | | |
| Security briefing: January 2026 | 2026-02-02 | True | | True | | |
| Security briefing: January 2026 | 2026-02-02 | True | | True | | |
| VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits | 2026-01-16 | True | | True | | |
| VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits | 2026-01-16 | True | | True | | |
| How threat actors are using self-hosted GitHub Actions runners as backdoors | 2026-01-13 | True | | True | | |
| How threat actors are using self-hosted GitHub Actions runners as backdoors | 2026-01-13 | True | | True | | |
| Security briefing: December 2025 | 2026-01-06 | True | | True | | |
| Security briefing: December 2025 | 2026-01-06 | True | | True | | |
| EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2 | 2025-12-16 | True | | True | | |
| EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2 | 2025-12-16 | True | | True | | |
| EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks | 2025-12-08 | True | | True | | |
| EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks | 2025-12-08 | True | | True | | |
| Detecting React2Shell: The maximum-severity RCE vulnerability affecting React Server Components and Next.js | 2025-12-05 | True | | True | | |
| Detecting React2Shell: The maximum-severity RCE vulnerability affecting React Server Components and Next.js | 2025-12-05 | True | | True | | |
| Security briefing: November 2025 | 2025-12-01 | True | | True | | |
| Security briefing: November 2025 | 2025-12-01 | True | | True | | |
| Return of the Shai-Hulud worm affects over 25,000 GitHub repositories | 2025-11-24 | True | | True | | |
| Return of the Shai-Hulud worm affects over 25,000 GitHub repositories | 2025-11-24 | True | | True | | |
| Detecting CVE-2024-1086: The decade-old Linux kernel vulnerability that’s being actively exploited in ransomware campaigns | 2025-11-20 | True | | True | | |
