 | From Exploit Code to Production Detection: Building a CVE-2026-31431 (Copy Fail) detection with Agents | 2026-05-28 | True | | True | | |
| Unpatchable Vulnerabilities of Kubernetes: CVE-2021-25740 | 2026-05-21 | True | | True | | |
| Backdoored Cemu release linked to TanStack and Mistral supply chain campaign | 2026-05-14 | True | | True | | |
| Backdoored node-ipc npm releases steal developer credentials through DNS queries | 2026-05-14 | True | | True | | |
| Shai-Hulud Goes Open Source | 2026-05-13 | True | | True | | |
| Malicious Coding Agent Skills and the Risk of Dynamic Context | 2026-05-11 | True | | True | | |
| The case for dependency cooldowns in a post-axios world | 2026-04-16 | True | | True | | |
| Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8562 | 2026-04-09 | True | | True | | |
| Compromised axios npm package delivers cross-platform RAT | 2026-03-31 | True | | True | | |
| Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561 | 2026-03-27 | True | | True | | |
| LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign | 2026-03-24 | True | | True | | |
| Uncovering agent logging gaps in Copilot Studio | 2026-03-10 | True | | True | | |
| Behind the console: Active phishing campaign targeting AWS console credentials | 2026-03-09 | True | | True | | |
| Hook, line, and vault: A technical deep dive into the 1Phish kit | 2026-02-27 | True | | True | | |
| Kubernetes project issues warning on Ingress NGINX retirement | 2026-02-19 | True | | True | | |
| Tech impersonators: ClickFix and MacOS infostealers | 2026-02-10 | True | | True | | |
| Web Traffic Hijacking: When Your Nginx Configuration Turns Malicious | 2026-02-04 | True | | True | | |
| OpenSSL January 2026 Security Update: CMS and PKCS#12 Buffer Overflows | 2026-01-27 | True | | True | | |
| Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE | 2026-01-26 | True | | True | | |
| Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554 | 2026-01-14 | True | | True | | |
| Investigating an adversary-in-the-middle phishing campaign targeting Microsoft 365 and Okta users | 2025-12-10 | True | | True | | |
| CVE-2025-55182 (React2Shell): Remote code execution in React Server Components and Next.js | 2025-12-04 | True | | True | | |
| The Shai-Hulud 2.0 npm worm: analysis, and what you need to know | 2025-11-25 | True | | True | | |
| MUT-4831: Trojanized npm packages deliver Vidar infostealer malware | 2025-11-06 | True | | True | | |
| A runtime security approach to detecting supply chain attacks | 2025-11-05 | True | | True | | |
| Datadog threat roundup: Top insights for Q3 2025 | 2025-10-31 | True | | True | | |
| Learnings from recent npm supply chain compromises | 2025-10-30 | True | | True | | |
| CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing | 2025-10-20 | True | | True | | |
| CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions | 2025-08-26 | True | | True | | |
| MCP vulnerability case study: SQL injection in the Postgres MCP server | 2025-08-21 | True | | True | | |
| Datadog threat roundup: Top insights for Q2 2025 | 2025-08-14 | True | | True | | |
| Beyond Mimo’lette: Tracking Mimo's Expansion to Magento CMS and Docker | 2025-07-21 | True | | True | | |
| I SPy: Escalating to Entra ID's Global Admin with a first-party app | 2025-07-16 | True | | True | | |
| CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems | 2025-07-10 | True | | True | | |
| The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions | 2025-05-21 | True | | True | | |
| Tales from the cloud trenches: The Attacker doth persist too much, methinks | 2025-05-13 | True | | True | | |
| RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale | 2025-05-07 | True | | True | | |
| Datadog threat roundup: Top insights for Q1 2025 | 2025-04-17 | True | | True | | |
| Understanding CVE-2025-29927: The Next.js Middleware Authorization Bypass Vulnerability | 2025-03-28 | True | | True | | |
| The 'IngressNightmare' vulnerabilities in the Kubernetes Ingress NGINX Controller: Overview, detection, and remediation | 2025-03-25 | True | | True | | |
| Creating immutable users through a bug in Entra ID restricted administrative units | 2025-03-25 | True | | True | | |
| whoAMI: A cloud image name confusion attack | 2025-02-12 | True | | True | | |
| Datadog threat roundup: top insights for Q4 2024 | 2025-01-24 | True | | True | | |
| Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials | 2024-12-13 | True | | True | | |
| Tales from the cloud trenches: Unwanted visitor | 2024-12-11 | True | | True | | |
| MUT-8694: An NPM and PyPI Malicious Campaign Targeting Windows Users | 2024-11-22 | True | | True | | |
| Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview | 2024-10-24 | True | | True | | |
| Remote execution exploit chain in CUPS: Overview, detection, and remediation | 2024-09-27 | True | | True | | |
| Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale | 2024-09-23 | True | | True | | |
| Hidden in Plain Sight: Abusing Entra ID Administrative Units for Sticky Persistence | 2024-09-16 | True | | True | | |
