Threat Hunting & Intel
Oracle PeopleSoft alert follows breach claims at 100+ organizations
Oracle PeopleSoft alert follows breach claims at 100+ organizations Claims of mass compromise across Oracle PeopleSoft environments were already serious on June...
Lucas Oliveira
Research
LLMShare Turns Trusted AI Domains Into Malware Delivery Infrastructure
LLMShare Turns Trusted AI Domains Into Malware Delivery Infrastructure | 2026 Executive Summary Push Security disclosed a live campaign it tracks as LLMShare, w...
Lucas Oliveira
Research
GlassWorm takedown shows how developer malware becomes supply-chain risk
GlassWorm takedown shows how developer malware becomes supply-chain risk Executive Summary The coordinated disruption of GlassWorm on May 26, 2026 is useful bec...
Lucas Oliveira
Research
AI-Assisted Search Poisoning Fuels ScreenConnect Cryptojacking
AI-Assisted Search Poisoning Fuels ScreenConnect Cryptojacking Executive Summary Microsoft disclosed an active campaign on May 26, 2026 in which attackers push...
Lucas Oliveira
Research
Kazuar’s redesign turns a familiar backdoor into a harder-to-hunt botnet
Kazuar’s redesign turns a familiar backdoor into a harder-to-hunt botnet Microsoft’s latest research on Kazuar matters because it reframes the malware from a we...
Lucas Oliveira
Research
TCLBANKER turns WhatsApp and Outlook into trusted malware delivery channels
TCLBANKER turns WhatsApp and Outlook into trusted malware delivery channels The most important detail in Elastic's new TCLBANKER research is not just that a Bra...
Lucas Oliveira
Research
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path The most important part of the DAEMON Tools incident is not that malware...
Lucas Oliveira
Research
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets CVE-2026-41940 is a critical authentication bypass in cPanel and WHM, an...
Lucas Oliveira
Research
Firestarter leaves patched Cisco firewalls at continued risk
Firestarter leaves patched Cisco firewalls at continued risk A newly detailed persistence mechanism called Firestarter changes the defender story around last ye...
Lucas Oliveira
Research
AgingFly campaign hits Ukrainian government and hospital networks
AgingFly campaign hits Ukrainian government and hospital networks A newly reported campaign centered on the AgingFly backdoor is a reminder that targeted intrus...
Lucas Oliveira
Research
CPUID breach turned CPU-Z and HWMonitor into a malware delivery path
CPUID breach turned CPU-Z and HWMonitor into a malware delivery path Executive summary A compromise of the CPUID website briefly turned trusted download links f...
Lucas Oliveira
Research
Iranian PLC Attacks Disrupt U.S. Critical Infrastructure
Iranian PLC Attacks Disrupt U.S. Critical Infrastructure Executive Summary Iranian-affiliated [advanced persistent threat](https://invaders.ie/resources/glossar...
Lucas Oliveira
Research