Skip to main content

Latest Analysis

Cybersecurity intelligence, threat analysis, and national security reporting.

Dark industrial control room with a lone, open laptop on a metal console.

Armored Likho Exploits Global Targets with BusySnake Stealer

Meet Armored Likho, a sneaky threat actor who's been wreaking havoc globally, exploiting both private individuals and organizations, including government agencies and electric power sectors in Russia, Brazil, and Kazakhstan. With a blend of financially motivated attacks and targeted cyber espionage, Armored Likho is a force to be reckoned with.

Analyst 207
Brightly lit healthcare setting with paper files and computer screens.

AdaptHealth Breach Exposes Patient Data via Social Engineering Tactics

AdaptHealth recently fell victim to a data breach, where hackers used clever social engineering tactics to trick a third-party contractor into giving them access to sensitive patient information stored in the company's cloud environment. This alarming breach put a large volume of patient data at risk, prompting AdaptHealth to disclose the incident to the Securities and Exchange Commission.

Analyst 207
Modern office building exterior in a business district at daytime.

ARToken Phishing Platform Exposes EvilTokens' Microsoft 365 Toolkit

Cisco Talos researchers have uncovered a sophisticated phishing platform, ARToken, that offers a Microsoft 365 toolkit and goes far beyond traditional credential-harvesting pages, exposing over 80 API endpoints. This phishing-as-a-service operation is a game-changer in the world of cyber threats.

Analyst 207
Modern office buildings with subtle network infrastructure in foreground.

Qilin Consolidates Lead in Ransomware Market

Qilin is tightening its grip on the ransomware market, emerging as a leading player after a recent wave of consolidation, with an estimated 16% share of the cybercriminal market. This surge in power is a result of its technically mature infrastructure and strategic positioning in the ransomware-as-a-service (RaaS) market.

Analyst 207
Technicians investigate a large screen displaying a map of the internet in a network operations center with rows of servers…

Google and FBI dismantle 2-million device NetNut botnet

In a major win for cybersecurity, Google and the FBI have joined forces to dismantle the massive NetNut botnet, a network of 2 million devices used by cybercriminals and espionage groups to hide their malicious activities. This significant disruption is the latest in a series of efforts to take down tools used to conceal online threats.

Analyst 207
Cramped warehouse storage area with industrial computer equipment and tangled cables.

Ransomware Gang Exploits Supply Chain Attacks in New Partnership

Ransomware gangs are now operating like businesses, forming partnerships to supercharge their attacks - and a new alliance between Vect and TeamPCP is a prime example, combining massive credential theft with devastating ransomware-as-a-service operations. This unprecedented pairing puts organizations directly in the crosshairs.

Analyst 207
Home network setup with disrupted connections and erratic router lights.

FBI and Google Disrupt NetNut Proxy Network Used by Cyber Threat Actors

In a major win for cybersecurity, the FBI and Google have joined forces to dismantle the notorious NetNut proxy network, a go-to tool for cyber threat actors. This disruption has significantly reduced the network's capacity, cutting the available pool of devices by millions.

Analyst 207
Person sits at desk, looking concerned, holding phone with laptop and papers nearby.

Impostor Scams Expose Vulnerabilities, Cost $3.5B in 2025

Impostor scams are getting more sophisticated, with personalized attacks costing Americans a staggering $3.5 billion in 2025 - triple the losses since 2020. Social media platforms have become a primary channel for these scams, with $2.1 billion lost to online impostors alone.

Analyst 207
Cluttered home office workspace with Mac computer on desk displaying a blurred download page, with cityscape visible…

PamStealer Targets Mac Users with Fake Maccy Sites and PAM Checks

Researchers have uncovered PamStealer, a sneaky macOS information stealer that tricks users into downloading it from fake Maccy sites, and it can even slip past Apple's security measures. This clever malware uses a two-stage delivery method to steal sensitive info from unsuspecting Mac users.

Analyst 207
Systems administrator looks concerned at computer screen amidst technical equipment.

Error Message Misinterpretation Exposes False Hacking Claim

A simple pause and a couple of words can make all the difference - in this case, changing a supposedly sinister hacking claim into a straightforward hard disk failure. A vice president's misread error message, "General failure reading Drive C:", nearly sparked a security scare before Lee, a quick-thinking sysadmin, got to the bottom of it.

Analyst 207
Somber courthouse interior with global map in foreground.

China Expands Jurisdiction with New Law Targeting Overseas Critics

A new Chinese law that kicked in on July 1 can now label work done legally in Australia by journalists, analysts, and academics as a crime under Chinese law, sparking concerns about its global reach. This law allows China to pursue individuals outside its borders who are deemed to undermine its ethnic unity or promote division.

Analyst 207
Australian defence industry workers in safety gear near a sleek, partially-assembled military vehicle.

Australia's Defence Industry Drives Credible Deterrence Strategy

Defence Industry Minister Pat Conroy says growing Australia's self-reliance in defence is key to a credible deterrence strategy, but what does this really mean for the country's military power? Can a stronger domestic defence industry be the game-changer Australia needs to stay safe in uncertain times?

Analyst 207
Australian industrial facility with machinery and subtle national emblems.

Australia Unveils Defense Industry Overhaul to Bolster Sovereign Capabilities

Australia is taking a bold step towards securing its future with a groundbreaking overhaul of its defence industry, aimed at strengthening its sovereign capabilities and forging a deeper partnership with local businesses. The move is driven by a clear imperative: a robust Australian defence industrial base is crucial to national security.

Analyst 207
Nighttime scene of a military base with a spotlight on the fence and a vague, small, dark shape in the distance.

Russia Likely Conducted Covert Drone Campaign Over European Military Bases

The Kremlin may have secretly flown drones over a dozen European countries, including multiple US bases in England and a major air base in Germany, in a covert campaign that spanned over a year and a half. This shocking revelation raises serious concerns about European security and the reach of Russian espionage.

Analyst 207
Australian industrial facility with workers and machinery, conveying resilience and self-reliance.

Australia Needs Sovereign Fund to Bolster Defence Industry Depth

Australia's defence community has been sounding the alarm for nearly a decade: the country's industrial base is structurally weak and in urgent need of a boost to become more robust, resilient, and self-reliant. Despite consistent warnings, the issue remains unresolved - but a sovereign fund could be the key to bolstering defence industry depth.

Analyst 207
Laptop connected to external authenticator device in bright office setting.

WebAuthn Integration Breaches Windows RDP Security Gap

Prisma Browser's innovative team successfully integrated WebAuthn redirection into their RDP client, pioneering a secure solution that enables seamless authentication via local devices like YubiKey, Touch ID, or Windows Hello. This game-changing move closed a significant security gap in Windows RDP, paving the way for enhanced remote desktop security.

Analyst 207
A smartphone lies face down on a simple office desk surrounded by papers and a notebook, conveying vulnerability.

Pegasus Spyware Targets European Parliament Investigator

In a shocking twist, a member of the European Parliament's PEGA Committee, Stelios Kouloglou, was targeted with the notorious Pegasus spyware - the very same spyware his committee is investigating. This brazen move raises serious concerns about surveillance and accountability.

Analyst 207
Military aircraft component on workbench with industrial equipment in background.

Pentagon Struggles to Meet Weapons Delivery Timelines, GAO Warns

The Pentagon is facing a major challenge in delivering new military capabilities on time, with a staggering 12-year average delay in bringing vital projects to fruition, according to a damning new report from the Government Accountability Office. This alarming trend reveals a worrying pattern of slow progress and broken promises of rapid fielding.

Analyst 207
Two Myanmar Air Force Y-8F-200 transport aircraft on a tarmac in China.

China's Y-8 Transport Keeps Export Momentum with Price Advantage

Myanmar's airlift capabilities just got a boost with the delivery of two new Y-8F-200 transports, which will help shore up its fleet amid tight budgets and rough runways. With Western procurement channels closed, the affordable Y-8F-200 offers a practical solution for the Myanmar Air Force.

Analyst 207
US Navy aircraft parked on tarmac with technicians and equipment nearby.

US Navy's 'Doomsday Plane' Program Delayed by Integration Risks

The US Navy's highly anticipated 'Doomsday Plane' program has hit a snag, with integration risks causing a significant delay - pushing back the low-rate initial production by about a year to April 2029. The setback is a reality check for a project that's become increasingly complex.

Analyst 207
Law enforcement officials surround a computer server setup in a secure facility.

FBI Disrupts NetNut Proxy Platform Tied to Popa Botnet

In a major cybercrime crackdown, the FBI has seized hundreds of domains linked to NetNut, a residential proxy service allegedly tied to the massive Popa botnet, which controls at least two million devices. This disruption, made possible with the help of industry partners like Google and Lumen, marks a significant blow to the network's operations.

Analyst 207
Empty chairs surround a podium in a formal conference room with subtle digital technology hints.

Cybersecurity Reframing Fuels Governance Risks

The growing trend of treating social and regulatory issues as cybersecurity threats is blurring the lines between policy debates and governance, with far-reaching consequences. From misinformation to child safety laws, an increasing array of problems are being reframed as cybersecurity risks, changing the way we approach governance and policy.

Analyst 207
Person working on laptop in minimalist office setting with subtle tech theme.

Anthropic Temporarily Restricts Fable 5 Access on Subscriptions

Big news for Fable 5 fans: Anthropic is temporarily sweetening the deal for subscription customers, now including access to its powerful model for up to 50% of weekly usage limits on Pro, Max, Team, and select Enterprise plans through July 7. After that, Fable 5 will be available à la carte via usage credits.

Analyst 207
Person working at laptop in modern office space surrounded by papers and notes.

Anthropic's Claude Fable Relaunch Marred by Degraded Performance

Anthropic's relaunch of Claude Fable has hit a snag, with users reporting that new safety guardrails are kicking in too aggressively, causing the model to fall back to the older Opus 4.8 and limiting its performance. This development has left users frustrated, especially with usage caps and a forthcoming pay-to-play arrangement.

Analyst 207