Azure’s Hidden Operators: A Threat Model for Platform-Level Managed Identities by Kat Traxler 2026-06-01 True True Shai-Hulud Part 2: When the Worm Forged Its Own Security Certificate by Lucie Cardiet 2026-05-13 True True ShinyHunters isn’t a group. It’s a pattern. by Lucie Cardiet 2026-05-06 True True Azure Logging just Changed - Your Detections May be Missing it by Alex Groyz 2026-04-20 True True When the Defender Becomes the Door: BlueHammer, RedSun, and UnDefend in the Wild by Justin Howe 2026-04-20 True True The rise of supply chain-driven data theft in SaaS environments by Lucie Cardiet 2026-04-14 True True FortiClient EMS Zero-Day: When the Control Plane Becomes Initial Access by Lucie Cardiet 2026-04-08 True True The axios Breach: A Wake-Up Call for Software Supply Chain Security by Yusri Mohd Yusop 2026-04-03 True True Breaking down the axios supply chain incident by Lucie Cardiet 2026-04-01 True True Detecting Sliver C2: When Advanced Beaconing Tries to Hide in Plain Sight by Lucie Cardiet 2026-03-23 True True How Attackers Establish Persistence in Hybrid Environments by Lucie Cardiet 2026-03-16 True True What the Stryker Incident Reveals About Handala’s Attack Playbook by Lucie Cardiet 2026-03-13 True True 5-Minute Hunt: Six Queries to Detect Iranian APT Activity by Lucie Cardiet 2026-03-06 True True AWS Compromised by AI Agents in Minutes by Alex Groyz 2026-02-10 True True Moltbook and the Illusion of “Harmless” AI-Agent Communities by Lucie Cardiet 2026-02-03 True True From Clawdbot to OpenClaw: When Automation Becomes a Digital Backdoor by Lucie Cardiet 2026-01-29 True True OPSEC Failures: How Threat Actor Mistakes Help Defenders by Lucie Cardiet 2026-01-09 True True How Threat Actors Turned AI Into a Weapon by Mauro Paredes 2026-01-05 True True CVE-2025-14847 MongoBleed in the Wild: Identifying MongoDB Exposure and Exploitation with Network Metadata by Fabien Guillot 2025-12-29 True True Shai-Hulud: When a Supply-Chain Incident Turns Into a Worm by Lucie Cardiet 2025-11-26 True True How Typhoon APTs Infiltrate Infrastructure Without Leaving a Trace by Lucie Cardiet 2025-11-20 True True Think Your Microsoft Environment Is Resilient to Attacks? Think Again by Tiffany Nip 2025-11-19 True True Operation ENDGAME and the Battle for Initial Access by Lucie Cardiet 2025-11-14 True True How Attackers Gain Initial Access in Hybrid Environments by Lucie Cardiet 2025-11-12 True True From Conti to Black Basta to DevMan: The Endless Ransomware Rebrand by Lucie Cardiet 2025-10-17 True True Could the F5 Breach Expose a New Edge Security Gap? by Lucie Cardiet 2025-10-16 True True Qilin’s 2025 Playbook, and the Security Gap it Exposes by Lucie Cardiet 2025-10-15 True True Seeing Beneath the Surface: What Crimson Collective Reveals About Cloud Detection Depth by Lucie Cardiet 2025-10-09 True True Cl0p Is Back, Exploiting Supply Chains Again. by Lucie Cardiet 2025-10-07 True True Red Hat GitLab Breach Shows Why Consulting Data is a Goldmine for Attackers by Lucie Cardiet 2025-10-03 True True When GoAnywhere Lets Attackers Go Everywhere by Lucie Cardiet 2025-10-02 True True Beyond Endpoints: How BRICKSTORM Exposed Security Blind Spots by Lucie Cardiet 2025-10-01 True True Scattered Lapsus$ Hunters Announce They Are Going Dark but the Threat Remains by Lucie Cardiet 2025-09-17 True True LockBit is Back: What’s New in Version 5.0 by Lucie Cardiet 2025-09-12 True True The Npm Exploit Is The Entry Point, What Follows Is Just As Critical. by Lucie Cardiet 2025-09-11 True True How AI is Fueling Cybercrime and Why Security Gaps Are Growing by Lucie Cardiet 2025-09-10 True True 5-Minute Hunt: Detecting Risky Multi-Tenant Apps in Microsoft 365 by Lucie Cardiet 2025-09-09 True True GLOBAL RaaS: Dissecting a Modern Ransomware Franchise by Lucie Cardiet 2025-09-08 True True CISA’s August Advisory: Why You Need Post-Compromise Detection by Lucie Cardiet 2025-08-28 True True New Technologies bring new risks: MCP-Powered Swarm C2 by Strahinja Janjusevic 2025-08-27 True True 4 Real-World Attacks That Show Why SOCs Need NDR by Lucie Cardiet 2025-08-21 True True CVE-2025-53770: A 9.8/10 Critical Exploit Targeting SharePoint by Lucie Cardiet 2025-07-23 True True Are Iranian APTs Already inside Your Hybrid Network? by Lucie Cardiet 2025-07-10 True True Sanofi Uses Vectra to Stop Cyberattack in Real Time by Hitesh Sheth 2025-06-30 True True How Black Basta Turned Public Data into a Breach Playbook by Lucie Cardiet 2025-06-25 True True Play’s New Tactics Bypass Traditional Defenses. Are You Ready? by Lucie Cardiet 2025-06-12 True True How attackers use Brute Ratel (BRC4) by Lucie Cardiet 2025-05-14 True True Identity-Centric Attacks: The New Reality for UK Retail by Caren Havelock 2025-05-06 True True How Attackers Use Shodan & FOFA by Lucie Cardiet 2025-04-24 True True How Threat Actors Weaponize EV Certificates by Lucie Cardiet 2025-04-01 True True 
