Skip to main content

Latest Analysis

Cybersecurity intelligence, threat analysis, and national security reporting.

Government building in Tel Aviv with people walking nearby, hint of cyber threat in background.

Iran-Linked Cavern Manticore Targets Israel with Modular Cyber Attacks

Meet Cavern Manticore, a highly skilled and disciplined cyber threat group with ties to Iran, targeting Israel's defense and government sectors with modular attacks. Their sophisticated tactics have allowed them to infiltrate organizations with alarming speed and precision.

Analyst 207
Laptop screen displays innocuous webpage with subtle hidden code in background.

Web Content Conceals Hidden Instructions Targeting AI Agents

As AI agents increasingly interact with the web, hidden instructions embedded in online content can be manipulated to perform unintended actions, posing a new threat to users. Researchers have uncovered real-world campaigns that use indirect prompt injection to steer AI agents into carrying out malicious tasks.

Analyst 207
Server room with equipment racks and monitors, a lone blank laptop screen in foreground.

Ransomware Operators Leverage AI for Autonomous Attacks

Meet JADEPUFFER, a pioneering threat actor that's harnessing AI to launch autonomous ransomware attacks - and adapting in real-time to get the job done. This groundbreaking tactic has been observed by researchers, who spotted JADEPUFFER's lightning-fast 31-second pivot from a failed login to a successful exploit.

Analyst 207
Chinese J-8I fighter jet centered on a runway or in a hangar, showcasing its sleek design and military markings.

China's J-8I Fighter Marks Maturation of Airpower

Every July 4th, China's J-8I fighter jet celebrates another year of maturity, marking a milestone for the People's Liberation Army Air Force's (PLAAF) trusty Cold War interceptor. Born from China's ambitious pursuit of a high-altitude, high-speed fighter, the J-8I embodies the air-defence demands of the Cold War era.

Analyst 207
China Coast Guard vessel patrols waters east of Taiwan with coastline in background.

China Escalates Maritime Pressure on Taiwan with Coast Guard Patrols

China's increased maritime presence, including coast guard patrols and survey ships, is heightening tensions with Taiwan and threatening the stability of the region and international shipping routes. This bold move has sparked concern from diplomatic missions, who warn it could have far-reaching consequences.

Analyst 207
Laptop screen shows generic browser homepage with subtle hint of malicious mod installation in background.

Opera GX Flaw Enables Sites to Auto-Install Malicious Mods

A critical flaw in Opera GX allowed websites to secretly install malicious customization mods, which could then siphon sensitive data from other sites you visited - and it took a $5,000 bounty and a May 8 patch to fix the issue. This sneaky exploit let attackers install mods without your consent, putting your online security at risk.

Analyst 207
Submarine launches ballistic missile over Pacific coastline with islands on the horizon.

China Warns Pacific Allies with Ballistic Missile Test

China fired a warning shot across the bow of its Pacific allies just hours after Australia and Fiji inked a historic defence pact, testing a submarine-launched ballistic missile into the Pacific Ocean. The move has sparked heated debate across the region and raised questions about Beijing's intentions.

Analyst 207
Rows of retired military aircraft in various states of disassembly in a desert boneyard.

US Downsizes J-8F Fighter Fleet with Planned Aircraft Boneyard Disposal

The US is significantly reducing its J-8F Fighter Fleet, with plans to dispose of the aircraft in a boneyard, marking the end of their service life. The move comes as the fleet is being dismantled, with airframes being relocated to a storage facility.

Analyst 207
Software development team collaborates around a large table in a modern office space.

Vibe Coding Exposes New Security Risks

The software development landscape is undergoing a seismic shift, evolving from traditional Waterfall and Agile models to a revolutionary conversational era driven by generative AI, also known as Vibe Coding. This new frontier promises to transform the way we create and interact with software.

Analyst 207
Formal conference setting with podium and abstract cryptography background.

France Mandates Quantum-Safe Encryption by 2027

France's cybersecurity agency ANSSI has set a deadline: by 2027, all security products must use quantum-safe encryption to receive certification, with a recommendation for businesses to make the switch by 2030.

Analyst 207
Person working on laptop with blurred screen in home office setting.

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website

Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

Analyst 207
Security team member overwhelmed by paperwork and notes, staring at laptop screen with blurred vulnerability list.

AI Exacerbates Vulnerability Prioritization Crisis

The irony of AI-powered vulnerability discovery is that it's creating an overwhelming crisis: despite spotting weaknesses at unprecedented speed and scale, organizations are no safer - just more inundated. The harsh truth is that a vulnerability is just a clue, not risk, and the real challenge lies in prioritizing and assessing true threats.

Analyst 207
Rack of network equipment with server, cables, and devices in a brightly-lit server room.

Adobe ColdFusion Flaw Exploited in Ongoing Attacks

A critical Adobe ColdFusion vulnerability, CVE-2026-48282, is under attack - and it's crucial to patch now to prevent remote code execution on your system. This maximum-severity flaw affects ColdFusion releases 2025.9, 2023.20, and earlier, and can be exploited without privileges.

Analyst 207
Living room entertainment center with smart TV, streaming box, and network equipment in background.

Google Disrupts NetNut Residential Proxy Botnet

Google teamed up with the FBI, Lumen, and other partners to take down the NetNut residential proxy network, disabling key Google accounts and services used by the threat actors to control malware. This move helps keep everyday devices and systems safe from being exploited as footholds for attacks.

Analyst 207
Sainsbury's supermarket interior with shoppers and a discreet security camera.

Sainsbury's Expands Facial Recognition to Combat Shoplifting

Sainsbury's is taking a bold stance against shoplifting by expanding its facial recognition technology to nearly 200 stores by 2026, but is this move a step too far for customer privacy? The supermarket giant's system has already shown promising results, with 90 percent of identified individuals choosing not to return.

Analyst 207
Person sits at cluttered desk with laptop and financial documents, surrounded by papers.

China-nexus Hackers Deploy DcRAT via Fake Indian Tax Utility

Cyber attackers with ties to China are pulling out all the stops to scam Indian taxpayers, using a sophisticated fake tax utility to deploy malware and pilfer sensitive info. Their precision-crafted phishing campaign, dubbed Operation DragonReturn, sends convincing emails and PDFs that even cite real laws to trick victims.

Analyst 207
Security analysts work in a SOC with a large screen displaying a network graph and various security metrics on a console…

AI SOC Platforms Face Test of Predictive Power

Meet Mike Shannon, Guardant Health's Director of Security Engineering, who's ditched manual queries for Exabot - a game-changing AI solution that's revolutionizing the way security teams operate. By harnessing the power of AI SOC platforms, organizations can now automate core security tasks, freeing up teams to focus on high-stakes threats.

Analyst 207
College setting with laptop on a desk, hinting at vulnerability.

ShinyHunters Breach Exposes 2.3M Moody Bible Institute Accounts

A massive data breach at Moody Bible Institute has exposed the sensitive information of over 2.3 million people, including names, addresses, phone numbers, and more, after being targeted by the notorious extortion group ShinyHunters. The stolen data, which was leaked on June 23, puts countless individuals at risk of identity theft and cyber attacks.

Analyst 207
Vintage computer tapes and documentation scattered in an archive room.

Historic Unix OS KSOS Exposed in Public Archives

Get ready to explore a piece of computing history: the source code for KSOS, a highly secure Unix operating system backed by the US Department of Defense, is now freely available in the archives of The Unix Heritage Society. This remarkable release offers a glimpse into the development of secure operating systems in the 1970s and 80s.

Analyst 207
Blurred figure of a person works amidst server racks and monitors in a brightly-lit data center.

Sysdig Exposes First Fully Agentic Ransomware Campaign

Meet JadePuffer, the groundbreaking ransomware campaign that's fully driven by a large language model (LLM) and can launch a devastating attack in as little as 31 seconds. This AI-powered threat uses an adaptive and automated approach to exploit vulnerabilities and extort its targets.

Analyst 207
Cluttered tech lab with scattered devices, laptops, and tools under indoor lighting.

QuimaRAT Exposes Cross-Platform Threat Capabilities

Meet QuimaRAT, a commercialized remote access trojan package that's being sold as a malware-as-a-service, threatening security across multiple platforms with its flexible subscription tiers. This Java-based tool is marketed for a surprisingly low price, ranging from $150 for a month to $1,200 for lifetime access.

Analyst 207
Close-up of a video cable connected to a monitor with blurred background.

TrojPix Exploits Video Cables to Leak Air-Gapped Data

Meet TrojPix, a sneaky technique that can stealthily siphon air-gapped data at lightning-fast speeds of up to 1 megabyte per second - fast enough to exfiltrate a 100MB file in under two minutes while the monitor appears dark and inactive.

Analyst 207
Parent holds smartphone, surrounded by family photos in dimly lit home setting, conveying concern and vulnerability.

NCA Warns Parents of AI Exploitation of Shared Child Photos

As a parent, sharing photos of your child online can be a minefield - with AI technology now being used to create and spread disturbing child abuse content at an alarming rate, with a 26,000% annual increase in AI-generated videos reported in just one year.

Analyst 207
Browser window with muted notification bar on a computer screen in a quiet indoor setting.

Opera GX Flaw Enables Silent Mod Installs to Steal User Data

Researchers have discovered a security flaw in Opera GX that allows for silent mod installs, potentially putting user data at risk, and surprisingly, this vulnerability can be exploited with just a single page visit. This alarming issue enables malicious mods to be installed without user consent, highlighting a concerning gap in the browser's security.

Analyst 207