Real Cyberattacks - Explained in easy steps

This is the story of the biggest hack in the NPM world (aka Shai-Hulud Attack)

This week, we're exploring Shai-Hulud — a terrifying blend of infostealer, worm, and supply-chain attack that has shaken the npm ecosystem!

Sep 23 •

The First AI-Powered Ransomware: How it Works & Key Lessons

This week, we’re diving into the first AI-powered ransomware—a glimpse into the fundamental shift reshaping cyberattacks.

Sep 2 •

How This Latest Technique Bypasses Phish Resistant Creds!

This week, we're exploring the latest technique attackers are using to silently bypass phish resistant credentials against Microsoft Entra ID.

Aug 26 •

How Hackers Are Using This Simple Trick to Silently Disable EDR!

This week, we're exploring the latest technique attackers are using to silently disable EDR software. Interestingly this involves no malware!

Aug 11 •

How Attackers Are Mass Exploiting This Deadly SharePoint Flaw & Key Insights

On July 18, mass exploitation of SharePoint servers started to appear in the news.

Jul 29 •

5 Simple Methods This Infamous Hacking Group Uses to Hack High-Profile Companies

MGM Resorts hack..

Jul 13 •

How attackers are hijacking Citrix sessions with a single weird HTTP request (a.k.a. “CitrixBleed 2”)

This week, we're exploring the latest exploitation technique attackers are using to takeover active Citrix sessions. Interestingly this involves no user…

Jul 6 •

How a Simple Programming Mistake Took Down a $50 Million Botnet

This week, we're exploring an interesting story of how defenders quietly hacked the botnet infra that caused over $50 million in losses worldwide and…

Jun 29 •

How Attackers Weaponized an Expired Discord Invite to Deliver Malware & Key Insights!

This week, we're exploring a recent campaign used by attackers to weaponize expired Discord invites to push malware. We’ll unpack the attack chain with…

Jun 22 •

The AI Hack That Lets Attackers Steal Data from Copilot by Just Sending an Email!

Imagine this: No malware.

Jun 17 •

How Attackers Are Using Google Calendar to Hide Malicious Activity?

This week, we're exploring an advanced stealth technique used by attackers to blend in seamlessly with trusted cloud services. We’ll unpack the attack…

Jun 8 •

How an Attacker Stole 868 GB of Data with Just a Phone Call and a Virtual Machine

What is an attacker's greatest strength?

Jun 1 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts