The Blog.
Long-form research.

Practitioner-written research, technical guides, and explainers for analysts, defenders, and learners. Every piece is hand-edited and updated as the threat landscape changes.

108

Articles

Updated this month

20k+

Monthly readers

Showing 55–63 of 108 articles 52 updated this month

Intermediate

Blog 10 min read

DPRK npm Malware Detection: Auditing npm for AI-Generated Backdoors

Famous Chollima uses Claude Opus to generate malicious npm packages. Learn DPRK npm malware detection: install hook inspection and CI/CD guardrails.

Beginner 2

Blog 6 min read

France Arrests 15-Year-Old for ANTS Data Breach Exposing 11.7 Million Records

French authorities arrested a 15-year-old using the alias ‘breach3d' who allegedly stole 11.7 million records from France's national ID document…

Intermediate

Blog 8 min read

CVE-2026-31431 Linux Privilege Escalation Detection: Copy Fail Patch Verification Checklist

CVE-2026-31431 ‘Copy Fail' (CVSS 7.8) grants root to unprivileged users on Linux kernels since 2017.

Intermediate 7

Blog 7 min read

Ransomware Infrastructure Exposed: What the 0APT vs. KryBit Mutual Hack Reveals for Defenders

Ransomware infrastructure exposed: the 0APT–KryBit mutual hack leaked plaintext creds, BTC wallets, affiliate data, and 190+ fabricated victim claims.

Intermediate

Blog 9 min read

Unsafe Deserialization in Machine Learning: CVE-2026-25874, Pickle, and the Full AI Framework Attack Surface

CVE-2026-25874 gives unauthenticated RCE in LeRobot (CVSS 9.8). Learn how unsafe deserialization in machine learning frameworks creates systemic risk.

Intermediate 9

Blog 10 min read

Vidar Stealer Detection 2026: YARA Rules, C2 Signatures, and Post-Compromise Credential Checklist

Vidar Stealer 2.0 detection guide: current YARA rules, Dead Drop Resolver C2 signatures, and post-compromise credential checklist for security teams.

Intermediate

Blog 8 min read

BlueNoroff Fake Zoom Malware: IOCs, Attack Chain, and Defenses for Crypto Teams

BlueNoroff is using AI deepfakes in fake Zoom calls to deliver macOS malware to crypto executives. Learn the IOCs, attack chain, and detection steps.

Intermediate

Blog 8 min read

VECT 2.0 Ransomware Wiper Analysis: Why Files Over 128 KB Are Permanently Unrecoverable

VECT 2.0 ransomware destroys files over 128 KB due to a broken ChaCha20 nonce loop — technical breakdown and IR guidance for incident responders.

Intermediate 1

Blog 10 min read

The War on Availability: How Today’s Cyber Attacks Bring Businesses Down

Why Availability Matters More Than We Think. It is essential for everyone to be able to access the same tools that have been created with advances in…