Skip to main content

Latest Analysis

Cybersecurity intelligence, threat analysis, and national security reporting.

Cluttered developer workstation with laptop, coding tools, and subtle blockchain diagram in background.

Malicious Vite npm Packages Exploit Blockchain C2 for RAT Delivery

Security researchers have uncovered a sneaky campaign, dubbed ViteVenom, involving seven malicious npm packages that target Vite developers, executing malicious code as soon as they're imported. These packages, published in a matter of days, may have modest download counts, but their stealthy nature raises major red flags for the supply-chain community.

Analyst 207
Dimly lit server room with one server showing high memory usage.

OpenSSL Servers Vulnerable to Memory-Bloating DDoS Attacks

Beware: a simple 11-byte malicious input can cripple OpenSSL servers with a devastating DDoS attack, leaving them permanently bloated and vulnerable. This sneaky exploit, dubbed HollowByte, takes advantage of a weakness in OpenSSL's TLS handshake to drain server resources.

Analyst 207
Security analysts examine a laptop screen in a brightly-lit security operations center with rows of computer servers in the…

GoldenEyeDog Exploits DigiCert Breach for Code-Signing Certificates

In a chilling example of malware mastery, the GoldenEyeDog group exploited a DigiCert breach to snag code-signing certificates, which they then used to cloak their malicious software in a veneer of legitimacy. This brazen heist highlights the group's cunning and capabilities, which have been under scrutiny since at least 2015.

Analyst 207
Dimly lit server room with rows of racked servers and networking gear.

NadMesh Botnet Targets Exposed AI Services for Cloud Credentials

Meet NadMesh, a sneaky botnet on the hunt for cloud credentials, with its operators claiming to have already amassed 3,811 unique AWS keys; but is its reported success just a facade?

Analyst 207
Large catamaran unmanned surface vessel with a loaded shipping container in a calm harbor.

ARES Shipyard Unveils Large Container-Rated Catamaran USV Design

Meet the game-changing catamaran USV design from ARES Shipyard, a 22.5-metre vessel capable of carrying a single 40 ft shipping container, revolutionizing unmanned surface vessel capabilities. This innovative design boasts a spacious flatbed section, offering a significant upgrade from ARES's existing ULAQ family.

Analyst 207
Rows of missile components on a production line with machinery in a well-lit facility.

Pentagon Secures Multiyear Deals for Low-Cost Cruise Missiles

The Pentagon has sealed the deal with three suppliers - Anduril Industries, CoAspire, and Zone 5 Technologies - for low-cost cruise missiles, setting the stage for a modern arsenal. This multiyear agreement paves the way for affordable mass production of missiles.

Analyst 207
Handcuffed young men escorted by a stern-looking officer outside a UK courthouse.

UK Sentences Scattered Spider Members to 66 Months for Cyberattacks

In a major cybercrime crackdown, two young men have been sentenced to 66 months in jail for their role in a 2024 cyberattack that crippled Transport for London's network operations. Thalha Jubair and Owen Flowers were arrested and pleaded guilty, marking a significant win for the UK's National Crime Agency after nearly two years of investigation.

Analyst 207
Engineers work around a large aircraft component in a brightly-lit aerospace facility.

EDGE Group Expands Aerospace Footprint with Akaer Acquisition

EDGE Group is taking its aerospace ambitions to new heights with the acquisition of Akaer, a Brazilian engineering powerhouse, bringing unparalleled expertise to the table. This game-changing deal is set to supercharge EDGE's capabilities, with Akaer's impressive engineering footprint and program history poised to make a lasting impact.

Analyst 207
Stack of vintage papers with handwritten notes and diagrams on a formal archive room table.

Turing's Voice Encryption System Uncovered in Wartime Papers

A treasure trove of wartime papers, known as the "Bayley papers," has surfaced in London, selling for nearly $500,000 and revealing groundbreaking details about Alan Turing's pioneering voice encryption system. This long-hidden collection has finally been transferred into the public sphere, offering historians and technologists a fascinating glimpse into Turing's secret work.

Analyst 207
Sensitive documents labeled Voter Registration scattered in dimly lit government records room.

Declassified Intel Reveals China's Voter Data Collection

Newly declassified intel reveals a shocking truth: China has collected and analyzed over 200 million US voter records, putting sensitive information at risk of being bought, hacked, or exploited. President Trump has vowed to take swift action to protect voter data and prevent future threats to election integrity.

Analyst 207
Government briefing room with podium and American flags, cityscape visible outside window.

Trump Escalates Claims of Election Compromise Despite Debunked Evidence

The White House touted a prime-time speech as proof of foreign interference and widespread voter irregularities, but it fell flat, with critics calling it a dud. Despite claims of a bombshell, the declassified documents so far have failed to validate allegations of election compromise.

Analyst 207
Office email workstation with laptop, papers, and supplies under ordinary lighting.

AI Spam Filters Vulnerable to Text Salting Attacks

Over 1 million retail-themed phishing emails have been detected using a sneaky technique called text salting to evade AI spam filters since April. This clever trick hides harmless words in malicious messages, fooling automated scanners but not the human eye.

Analyst 207
Massive supply ship under construction in a brightly-lit shipyard near the water.

China Builds Massive Supply Ship for Carrier Groups

China is building a massive supply ship that has caught the world's attention, particularly in the US, as it signals a new era of maritime power. This hulking vessel, rising from the shipyard on Longxue Island, is set to support China's carrier groups and challenge traditional naval dominance.

Analyst 207
Military personnel walk near fighter jets and warships at a Southeast Asian airbase or dockyard.

Southeast Asia Accelerates Military Modernization Amid Geopolitical Tensions

Southeast Asia is rapidly upgrading its military arsenal, with Indonesia leading the charge with major deals, including the purchase of 42 Rafale fighter jets from France and talks to acquire South Korea's KF-21 Boramae fighters. The region's defense modernization is gaining momentum and shows no signs of slowing down.

Analyst 207
Bayraktar Kızılelma unmanned combat aerial vehicle on a runway with blurred Turkish landscape background.

Pakistan Air Force Weighs J-35, Kızılelma as F-16 Alternatives

Baykar's Kızılelma UCAV just hit a major milestone, successfully test-firing a Roketsan JET-230 air-launched ballistic missile, further cementing its status as a cutting-edge, strike-capable drone. This latest achievement builds on last year's groundbreaking radar-guided air-to-air missile launch from the same platform.

Analyst 207
Industrial control equipment and network switch on a rack in a brightly-lit control room.

Siemens ROX II Zero-Days Expose Critical Infrastructure Risks

Our research team, in close collaboration with Siemens, uncovered a critical vulnerability chain of three zero-day exploits in Siemens ROX II operational-technology switches, posing significant risks to critical infrastructure security. This chained exploit could allow attackers to escalate from basic reconnaissance to full root-level control.

Analyst 207
Rows of servers in a data center with a distant view of the Sydney Opera House.

Australia Wrestles with Sovereign AI Capability Plan

Australia is taking a bold step towards tech independence, with Prime Minister Anthony Albanese vowing to turn the country into a hub for large-scale AI training and cement its sovereignty in the field. By hosting cutting-edge AI data centres, Australia aims to break free from reliance on foreign tech and secure its economic resilience.

Analyst 207
Genetic testing lab with modern and traditional equipment, conveying scrutiny and security.

23andMe Agrees to $18m Settlement, New Data Security Mandates

After cracking down on 23andMe's lax security measures, a coalition of 42 US attorneys general, led by New York Attorney General Letitia James, has secured an $18 million settlement and binding data-protection commitments to safeguard customer information. This move comes after a 2023 data breach put millions of 23andMe customers at risk of having their personal info exposed.

Analyst 207
Blurred office background with a single support document on a desk.

Ernst & Young Exposes Client Data in Third-Party Support System Hack

Ernst & Young suffered a data breach when hackers accessed a third-party support system, downloading sensitive client documents between March 28 and April 12. The breach was detected on April 23, prompting the company to alert affected clients and notify authorities.

Analyst 207
Government office with a barricaded door and encrypted computer screen.

Ransomware Targets Government Agencies Daily, Study Reveals

Government agencies are under attack, with ransomware hitting a staggering 187 organizations in just six months - that's one body disrupted every single day, on average. This alarming trend is up 13% from the previous half-year, leaving public services vulnerable and citizens at risk.

Analyst 207
A coding test setup in a brightly-lit computer lab with a laptop and blank screen.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware

North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Analyst 207
Cluttered, dimly lit room with laptop on worn desk, surrounded by papers and household items.

Carders Seek 'Clean' Residential Proxies to Evade Fraud Controls

Criminals are on the hunt for so-called "clean" residential proxies, a new classification that's emerged in the underground world of payment fraud and carding. These proxies are prized for their spotless usage history, making them harder to detect and allowing scammers to evade fraud controls.

Analyst 207
Man led away by border officers in airport departure hall.

US Misidentifies Russian Hacker in Extradition Bid

A Russian man named Aleksandr Ermakov has been wrongly detained in an Armenian jail on a US extradition request, with his lawyers claiming he is not the REvil ransomware suspect the US is actually after. His family and lawyers are now racing against time to clear his name and prevent his deportation to the US.

Analyst 207
Secure military operations center with autonomous systems and screens displaying data.

Military Autonomy Spurs Race for Trusted Information Infrastructure

The future of military capability hinges on a robust trusted information infrastructure that seamlessly connects autonomous systems, enabling secure and efficient data exchange. This backbone of innovation is now driving Western defense plans and funding.

Analyst 207