Latest Analysis
Cybersecurity intelligence, threat analysis, and national security reporting.

Iran-Linked Cavern Manticore Targets Israel with Modular Cyber Attacks
Meet Cavern Manticore, a highly skilled and disciplined cyber threat group with ties to Iran, targeting Israel's defense and government sectors with modular attacks. Their sophisticated tactics have allowed them to infiltrate organizations with alarming speed and precision.

Web Content Conceals Hidden Instructions Targeting AI Agents
As AI agents increasingly interact with the web, hidden instructions embedded in online content can be manipulated to perform unintended actions, posing a new threat to users. Researchers have uncovered real-world campaigns that use indirect prompt injection to steer AI agents into carrying out malicious tasks.

Ransomware Operators Leverage AI for Autonomous Attacks
Meet JADEPUFFER, a pioneering threat actor that's harnessing AI to launch autonomous ransomware attacks - and adapting in real-time to get the job done. This groundbreaking tactic has been observed by researchers, who spotted JADEPUFFER's lightning-fast 31-second pivot from a failed login to a successful exploit.

China's J-8I Fighter Marks Maturation of Airpower
Every July 4th, China's J-8I fighter jet celebrates another year of maturity, marking a milestone for the People's Liberation Army Air Force's (PLAAF) trusty Cold War interceptor. Born from China's ambitious pursuit of a high-altitude, high-speed fighter, the J-8I embodies the air-defence demands of the Cold War era.

China Escalates Maritime Pressure on Taiwan with Coast Guard Patrols
China's increased maritime presence, including coast guard patrols and survey ships, is heightening tensions with Taiwan and threatening the stability of the region and international shipping routes. This bold move has sparked concern from diplomatic missions, who warn it could have far-reaching consequences.

Opera GX Flaw Enables Sites to Auto-Install Malicious Mods
A critical flaw in Opera GX allowed websites to secretly install malicious customization mods, which could then siphon sensitive data from other sites you visited - and it took a $5,000 bounty and a May 8 patch to fix the issue. This sneaky exploit let attackers install mods without your consent, putting your online security at risk.

China Warns Pacific Allies with Ballistic Missile Test
China fired a warning shot across the bow of its Pacific allies just hours after Australia and Fiji inked a historic defence pact, testing a submarine-launched ballistic missile into the Pacific Ocean. The move has sparked heated debate across the region and raised questions about Beijing's intentions.

US Downsizes J-8F Fighter Fleet with Planned Aircraft Boneyard Disposal
The US is significantly reducing its J-8F Fighter Fleet, with plans to dispose of the aircraft in a boneyard, marking the end of their service life. The move comes as the fleet is being dismantled, with airframes being relocated to a storage facility.

Vibe Coding Exposes New Security Risks
The software development landscape is undergoing a seismic shift, evolving from traditional Waterfall and Agile models to a revolutionary conversational era driven by generative AI, also known as Vibe Coding. This new frontier promises to transform the way we create and interact with software.

France Mandates Quantum-Safe Encryption by 2027
France's cybersecurity agency ANSSI has set a deadline: by 2027, all security products must use quantum-safe encryption to receive certification, with a recommendation for businesses to make the switch by 2030.

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website
Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

AI Exacerbates Vulnerability Prioritization Crisis
The irony of AI-powered vulnerability discovery is that it's creating an overwhelming crisis: despite spotting weaknesses at unprecedented speed and scale, organizations are no safer - just more inundated. The harsh truth is that a vulnerability is just a clue, not risk, and the real challenge lies in prioritizing and assessing true threats.

Adobe ColdFusion Flaw Exploited in Ongoing Attacks
A critical Adobe ColdFusion vulnerability, CVE-2026-48282, is under attack - and it's crucial to patch now to prevent remote code execution on your system. This maximum-severity flaw affects ColdFusion releases 2025.9, 2023.20, and earlier, and can be exploited without privileges.

Google Disrupts NetNut Residential Proxy Botnet
Google teamed up with the FBI, Lumen, and other partners to take down the NetNut residential proxy network, disabling key Google accounts and services used by the threat actors to control malware. This move helps keep everyday devices and systems safe from being exploited as footholds for attacks.

Sainsbury's Expands Facial Recognition to Combat Shoplifting
Sainsbury's is taking a bold stance against shoplifting by expanding its facial recognition technology to nearly 200 stores by 2026, but is this move a step too far for customer privacy? The supermarket giant's system has already shown promising results, with 90 percent of identified individuals choosing not to return.

China-nexus Hackers Deploy DcRAT via Fake Indian Tax Utility
Cyber attackers with ties to China are pulling out all the stops to scam Indian taxpayers, using a sophisticated fake tax utility to deploy malware and pilfer sensitive info. Their precision-crafted phishing campaign, dubbed Operation DragonReturn, sends convincing emails and PDFs that even cite real laws to trick victims.

AI SOC Platforms Face Test of Predictive Power
Meet Mike Shannon, Guardant Health's Director of Security Engineering, who's ditched manual queries for Exabot - a game-changing AI solution that's revolutionizing the way security teams operate. By harnessing the power of AI SOC platforms, organizations can now automate core security tasks, freeing up teams to focus on high-stakes threats.

ShinyHunters Breach Exposes 2.3M Moody Bible Institute Accounts
A massive data breach at Moody Bible Institute has exposed the sensitive information of over 2.3 million people, including names, addresses, phone numbers, and more, after being targeted by the notorious extortion group ShinyHunters. The stolen data, which was leaked on June 23, puts countless individuals at risk of identity theft and cyber attacks.

Historic Unix OS KSOS Exposed in Public Archives
Get ready to explore a piece of computing history: the source code for KSOS, a highly secure Unix operating system backed by the US Department of Defense, is now freely available in the archives of The Unix Heritage Society. This remarkable release offers a glimpse into the development of secure operating systems in the 1970s and 80s.

Sysdig Exposes First Fully Agentic Ransomware Campaign
Meet JadePuffer, the groundbreaking ransomware campaign that's fully driven by a large language model (LLM) and can launch a devastating attack in as little as 31 seconds. This AI-powered threat uses an adaptive and automated approach to exploit vulnerabilities and extort its targets.

QuimaRAT Exposes Cross-Platform Threat Capabilities
Meet QuimaRAT, a commercialized remote access trojan package that's being sold as a malware-as-a-service, threatening security across multiple platforms with its flexible subscription tiers. This Java-based tool is marketed for a surprisingly low price, ranging from $150 for a month to $1,200 for lifetime access.

TrojPix Exploits Video Cables to Leak Air-Gapped Data
Meet TrojPix, a sneaky technique that can stealthily siphon air-gapped data at lightning-fast speeds of up to 1 megabyte per second - fast enough to exfiltrate a 100MB file in under two minutes while the monitor appears dark and inactive.

NCA Warns Parents of AI Exploitation of Shared Child Photos
As a parent, sharing photos of your child online can be a minefield - with AI technology now being used to create and spread disturbing child abuse content at an alarming rate, with a 26,000% annual increase in AI-generated videos reported in just one year.

Opera GX Flaw Enables Silent Mod Installs to Steal User Data
Researchers have discovered a security flaw in Opera GX that allows for silent mod installs, potentially putting user data at risk, and surprisingly, this vulnerability can be exploited with just a single page visit. This alarming issue enables malicious mods to be installed without user consent, highlighting a concerning gap in the browser's security.