Skip to main content

Latest Analysis

Cybersecurity intelligence, threat analysis, and national security reporting.

GitHub issue page on laptop with public repository and subtle hint of private content exposure.

GitHub Agentic Workflows Exposed to Data Leak Threat via Public Issues

GitHub's Agentic Workflows are vulnerable to a data leak threat, as researchers have demonstrated a clever technique called GitLost that tricks AI agents into spilling private content from secure repositories into public comments. All it takes is a simple public issue to launch the attack, with no stolen credentials or special access required.

Analyst 207
Concerned business owner sits at desk, scrutinizing suspicious email on smartphone.

Meta Disrupts Phishing Campaign Targeting Facebook Business Users

Watch out for phishing scams targeting Facebook Business users - red flags include broken graphics, suspicious links, and unsolicited emails promising exciting opportunities. Experts warn that cybercriminals are getting sneaky, using legitimate-looking emails and Messenger chatbots to trick victims into taking action.

Analyst 207
Office worker looks confused at laptop screen with phone and notebook nearby.

Phishers Exploit Microsoft Device Code Flow to Hijack M365 Accounts

Cyber attackers have cleverly exploited Microsoft's device code login flow to hijack M365 accounts, using a sneaky collaboration-style lure to trick users into handing over session tokens without even needing to steal passwords. This clever tactic abuses the OAuth 2.0 Device Authorization Grant, designed for constrained devices, to bypass security measures like multifactor authentication.

Analyst 207
University campus scene with a building and clock tower, hint of computer equipment in foreground.

China-Aligned Hackers Exploit Roundcube Servers at US, Canada Universities

China-aligned hackers are targeting universities in the US and Canada, exploiting vulnerable Roundcube webmail servers to gain access to sensitive physics and engineering departments with potential national security links. This latest campaign highlights the ongoing threat of email-based attacks and the need for robust server security.

Analyst 207
Somber courthouse scene with documents on a wooden desk.

Victims of Predatorgate Sue Spyware Maker for €8 Million

Eight individuals targeted in Greece's Predator spyware scandal are taking a stand, suing the spyware maker for €8 million in moral damages after their devices were hacked between 2020 and 2021. Led by lawyer Zacharias Kesses, the group is seeking justice and accountability for the victims of this massive digital breach.

Analyst 207
Police officers stand near a computer in a softly lit home interior.

Spain foils pro-Russian hacktivist's escape plan

Spain's National Police have thwarted a daring escape plan by a suspected pro-Russian hacktivist, exposing his secret communications with terrorist groups and freezing his cryptocurrency assets. The suspect, allegedly part of the notorious CyberArmy of Russia Reborn and Z-Pentest groups, was caught after a months-long investigation sparked by a tip from the FBI.

Analyst 207
Government agency office space with computer workstations and a blurred network diagram in the background.

DHS Probes Data Breach in Sensitive Information-Sharing Network

The Department of Homeland Security is actively investigating a data breach that compromised sensitive information within a multilateral sharing network, with the intrusion believed to have occurred between late May and early June. The breach involved unclassified, legacy data, and DHS is working to determine the full extent of the incident.

Analyst 207
Airborne early warning aircraft with radar system parked on tarmac surrounded by support vehicles under clear blue sky.

Saab's GlobalEye Targets Growing Demand with ITAR-Free Edge

Saab's GlobalEye has taken off, with its ITAR-free edge capturing attention worldwide - and a growing list of countries, including Sweden, France, and Canada, are taking notice. From a single delivery to the UAE in 2020 to a widening international roster, GlobalEye is rapidly becoming the go-to airborne early warning and control aircraft.

Analyst 207
Military personnel stand at attention near a command center and Indian Army vehicles in a high-altitude mountainous region.

Pakistan Scrambles to Match India's Integrated Battle Groups

India takes a giant leap in military strategy with the launch of its first five Integrated Battle Groups, a game-changing formation that combines 5,000 troops into a single, powerhouse unit. This bold move has sparked a scramble in neighboring Pakistan to keep pace with its rival's innovative military might.

Analyst 207
Senior research fellow stands in a neutral think tank setting with subtle globe hint.

Watling Exposes Shifts in Global Power Rules

The global rules of power have changed, and recent strategic failures reveal a harsh truth: it's not technology that's the problem, but flawed decision-making. From intelligence missteps to misguided priorities, the consequences can be catastrophic, as seen in the US's unprepared response to Iran's retaliation.

Analyst 207
US Army facility interior with 404 error on laptop screen near computer setup.

US Army Websites Targeted in 404 Hijacking Campaign

The US Army has confirmed that two of its websites, oil.army.mil and ai2c.army.mil, were recently hijacked in a 404 error page defacement campaign, displaying politically charged messages that denigrated high-profile figures and promoted a separatist cause. The incident was discovered by independent researcher Ronald Lovelace and reported to US Army officials.

Analyst 207
Technicians inspect Barracuda cruise missile components at a Polish manufacturing facility.

Poland to Mass-Produce Low-Cost Barracuda Cruise Missiles

Poland is set to start mass-producing the game-changing Barracuda cruise missiles, a precise, affordable, and electronic warfare-resistant defense system, in partnership with Anduril Industries. This breakthrough move comes after a memorandum was successfully converted into a production program, paving the way for thousands of missiles to bolster the Polish Armed Forces.

Analyst 207
Person working at desk with laptop and papers in modern office setting.

Writer AI Flaw Exposes Session Tokens Across Tenants

A critical flaw in Writer AI, dubbed WriteOut, could let an outsider hijack any account and take over an entire organization with just a single link - no login credentials required. This shocking vulnerability highlights the urgent need for robust security measures in AI-powered platforms.

Analyst 207
Taiwanese presidential plane with Chinese military aircraft in background.

China Escalates Coercion Against Taiwan Amid US Trade Truce

Within weeks of Xi's warning to Trump, Beijing seems to have put its words into action, ramping up diplomatic pressure on Taipei with a series of aggressive moves. Taiwanese President Lai Ching-te's attempted trip to Eswatini was nearly derailed when three African countries rescinded overflight clearances at China's request.

Analyst 207
Newly appointed Chinese generals gather at a promotion ceremony at the Central Military Commission headquarters.

Xi Jinping Reshapes China's Military Leadership Amid Purge Fallout

In a significant move, China's military leadership has been reshaped with the promotion of two lieutenant generals to full general, amid a backdrop of sweeping purges that have rocked the People's Liberation Army. On July 3, Zhang Shuguang and Wang Gang were elevated to their new roles, marking a major shift in the PLA's top ranks.

Analyst 207
Modern submarine docked in icy harbor with Canadian naval vessel in background.

Canada's $86 Billion Submarine Deal Bolsters Arctic, NATO Ties

Canada is set to revolutionize its naval capabilities with a massive $86 billion submarine deal, securing a cutting-edge fleet of up to 12 under-ice-capable submarines to bolster its Arctic presence and NATO ties. The deal, with ThyssenKrupp Marine Systems as the preferred supplier, marks a major milestone in modernizing the Royal Canadian Navy's outdated fleet.

Analyst 207
Construction site on White House South Lawn with partially built granite helipad and workers.

White House to Get Granite Helipad Amid VH-92A Deployment

President Donald Trump announced that a new granite helipad will be built on the South Lawn, ending 50 years of grass landings that have taken a toll on the grounds. The $5-6 million project, funded by Sikorsky, aims to protect the lawn from the intense heat and rotor wash of the new VH-92A Patriot helicopters.

Analyst 207
University computer lab with laptops and ordinary lighting.

China-Aligned Hackers Exploit Roundcube Flaws to Infiltrate Universities

China-aligned hackers have launched a sneaky attack on universities, exploiting two flaws in the popular Roundcube webmail client to steal credentials and gain persistent access. At least a few dozen universities are believed to be affected, with Proofpoint researchers confirming fewer than 10 intrusions so far.

Analyst 207
Help desk area with technician and employees in a retail setting.

FBI Traces Scattered Spider Hacker via Persistent Windows Device ID

In a brazen ransom email, the attackers boldly declared, "IMPORTANT: WE STOLE THE DATA, CONTACT UMMEDIATELY," leaving no doubt about their malicious intentions. The hackers infiltrated the retailer's network through a clever help-desk ploy, tricking staff into resetting passwords and gaining control of critical accounts.

Analyst 207
JL-3 submarine-launched ballistic missile on display against a neutral background.

China Unveils JL-3 Submarine-Launched Ballistic Missile

China has just revealed its latest game-changer: the JL-3, or 'Giant Wave 3', a third-generation intercontinental-range submarine-launched ballistic missile that's set to take the country's military capabilities to new depths.

Analyst 207
GitHub Actions Expose Vulnerability in CI/CD Pipelines

GitHub Actions Expose Vulnerability in CI/CD Pipelines

A single misstep in a GitHub Actions workflow can become a four-step chain to permanent credential exposure, putting your entire CI/CD pipeline at risk. Researchers have uncovered a class of vulnerabilities, dubbed Cordyceps, that can be exploited in a surprisingly simple way.

Analyst 207
Person holding smartphone with subtle phishing website in background, standing on city street.

Google Sues Chinese Scammers Over Gemini AI Misuse

Google is taking a stand against scammers, suing a group called Outsider Enterprise that uses its Gemini AI feature to create fake websites and scam people through text messages. The group, which operates on Telegram, offers phishing-as-a-service, making it easy for non-tech-savvy scammers to target victims.

Analyst 207
Dimly lit, cluttered hackerspace with multiple workstations, notes, and tech gadgets.

Scattered Spider Morphs into Decentralized Cybercrime Network

Meet Scattered Spider, a notorious cybercrime collective that's evolved into a decentralized network of independent clusters, sharing tactics and tools to wreak havoc online. This fresh analysis by Group-IB shatters the traditional view of a single, unified gang, revealing a more complex and dynamic threat.

Analyst 207
Modern office setting with subtle technology integration, conveying a neutral atmosphere.

Enterprises Reap AI Security Risks

Most enterprises are facing a harsh reality: a majority are reporting AI-related security incidents or vulnerabilities, highlighting a growing concern that can't be ignored. This stark statistic sets the tone for a crucial conversation about the intersection of AI and security.

Analyst 207