An analysis of the emerging “slopsquatting” supply chain risk driven by generative AI hallucinations, where fabricated software packages could be exploited to deliver malicious dependencies. Originally written in April 2025.
Analysis of ResolverRAT, a newly identified remote access trojan targeting healthcare and pharmaceutical organizations through localized phishing campaigns and advanced in-memory evasion techniques. Originally written in April 2025.
Analysis of the newly updated Tycoon-2FA phishing kit targeting Microsoft 365, including its latest evasion techniques and global rollout observed in April 2025. Originally written in April 2025.
An overview of an actively exploited NAKIVO Backup & Replication vulnerability added to CISA’s Known Exploited Vulnerabilities catalog, including technical details and exploitation risk. Originally written in March 2025.
Summary of Hellcat ransomware activity impacting multiple organizations, including ASCOM and Jaguar Land Rover. Originally written in March 2025.