Back to Blog

#Threat Intelligence

9 posts
Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI
supply chain attack
Supply Chain Security
Python Security

Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI

Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI | 2026 The LiteLLM incident is what modern software supply-chain compromise looks like when one...

March 25, 2026
5 min read
Lucas Oliveira
CVE-2026-20131: Interlock hit Cisco FMC before disclosure
vulnerability
CVE
Cisco

CVE-2026-20131: Interlock hit Cisco FMC before disclosure

CVE-2026-20131: Interlock hit Cisco FMC before disclosure | 2026 CVE-2026-20131 is the kind of firewall-management flaw defenders dread: an unauthenticated bug...

March 24, 2026
6 min read
Lucas Oliveira
OpenClaw AI Agents Can Leak Data via Indirect Prompt Injection
⭐ Featured
Threat Hunting & Intel
OpenClaw
Prompt Injection

OpenClaw AI Agents Can Leak Data via Indirect Prompt Injection

OpenClaw AI Agents Can Leak Data via Indirect Prompt Injection | 2026 Executive Summary OpenClaw is facing renewed scrutiny after reporting from The Hacker News...

March 16, 2026
6 min read
Lucas Oliveira
CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers
Threat Hunting & Intel
SolarWinds
CVE

CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers

CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers | 2026 Executive Summary CVE-2025-26399 in SolarWinds Web Help Desk has moved from “critical but patcha...

March 15, 2026
7 min read
Lucas Oliveira
North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms
⭐ Featured
Cybercrime
Account Takeover
Threat Intelligence

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

Executive Summary Since February 2026, the North Korea–linked group UNC1069 has been observed running a highly targeted deepfake campaign against cryptocurrency...

February 14, 2026
3 min read
Lucas Oliveira
CVE-2026-21643 & CVE-2026-24858: Fortinet Critical Flaws | 2026
⭐ Featured
vulnerability
Account Takeover
Threat Intelligence

CVE-2026-21643 & CVE-2026-24858: Fortinet Critical Flaws | 2026

Executive Summary Since December 2025, two critical vulnerabilities in Fortinet's infrastructure have created a perfect storm for enterprise compromise: [CVE-20...

February 10, 2026
9 min read
Lucas Oliveira
MaliciousCorgi: VSCode Supply Chain Attack on 1.5M Devs | 2026
⭐ Featured
Cloud & Application Security
Threat Intelligence
Malware Analysis

MaliciousCorgi: VSCode Supply Chain Attack on 1.5M Devs | 2026

Executive Summary Since January 2026, the sophisticated MaliciousCorgi supply chain attack has weaponized two malicious AI coding assistants on the official VSC...

February 2, 2026
6 min read
Lucas Oliveira
Mandiant Findings ShinyHunters Voice Phishing: SaaS Extortion Research
⭐ Featured
Ransomware Groups
Double Extortion
ransomware

Mandiant Findings ShinyHunters Voice Phishing: SaaS Extortion Research

Executive Summary Since June 2025, [ShinyHunters](https://cloud.google.com/blog/topics/threat-intelligence/expansion-shinyhunters-saas-data-theft) cybercrime co...

January 31, 2026
11 min read
Lucas Oliveira
CVE-2025-8088: The WinRAR Path Traversal Flaw Powering Global Cyberattacks—From Russian Spies to Ransomware Gangs
⭐ Featured
Threat Hunting & Intel
cyberthreads
Threat Intelligence

CVE-2025-8088: The WinRAR Path Traversal Flaw Powering Global Cyberattacks—From Russian Spies to Ransomware Gangs

Executive Summary Since July 2025, the critical CVE-2025-8088 vulnerability in WinRAR has become a weaponized vector for initial access, exploited by state-spon...

January 29, 2026
3 min read
Lucas Oliveira

Tags

CVE
16
cyberthreads
7
Credential Theft
6
Account Takeover
4
AI Security
3
Cisco
3
Browser Security
2
CI/CD Security
2
Crypto
2
APT28
1