Threat Intelligence

Flat white line-art of a courthouse and a gavel, on a Midnight Navy background — DOJ charges in the Void Blizzard case.

Nation-State Cyber Threats

US Justice Department Charges Russian National in Void Blizzard Case

Another indictment in a Russia-aligned case — but unlike most, this defendant is already in US custody after an extradition from Thailand.

Ransomware

"The Gentlemen" Ransomware Claims 478 Victims and Spreads Like a Worm

A ransomware group that spreads like a worm and counts 478 victims — and the Krebs investigation now identifying the people running it.

Flat white line-art of an opened archive folder spilling a single document, on an Oxblood background — WinRAR flaw exploited against Ukraine.

Nation-State Cyber Threats

WinRAR Flaw Exploited by Russia-Aligned Groups Against Ukrainian Organizations

Consumer compression software remains a reliable initial-access vector in the Russia-Ukraine cyber theater.

Flat white line-art of a sorting funnel routing shapes onto fast and slow tracks, on a Mulberry background — CISA BOD 26-04 risk-based patching.

Policy & Government

CISA Rewrites Federal Patching with BOD 26-04 — Patch by Risk, Fix Criticals in 3 Days

CISA's new directive ends CVSS-led patching for federal agencies — risk becomes the prioritization signal, and the most dangerous bugs must be patched in three days.

Flat white line-art of a central hub linked to scattered small devices, on an Olive background — China-linked JDY botnet disclosure.

Nation-State Cyber Threats

Researchers Disclose Growth of China-Linked JDY Botnet

A small-footprint, long-tail Chinese proxy network grows past 1,500 devices — defenders should account for this layer of reconnaissance infrastructure.

Editorial science-poster illustration of MITRE ATT&CK symbols — a matrix grid, a chess piece, a labeled index card, a magnifying lens, a masked silhouette, and a shield.

Cybersecurity 101

What Is the MITRE ATT&CK Framework? A Guide for Defenders

A defender's guide to the MITRE ATT&CK framework — what it is, how tactics, techniques, and matrices are structured, and how to use it for detection and threat intel.

Flat white line-art of two layered AI model panels behind a gated barrier, on a Peacock background — Anthropic Claude Fable 5 release.

Artificial Intelligence (AI)

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

Anthropic's Fable 5 launches with “cyber safeguards” baked in — a framing that would, days later, become the center of a precedent-setting US export-control action.

Flat white line-art of a sealed toolbox opening above a row of code repositories, on an Olive background — Miasma toolkit open-sourced on GitHub.

Supply Chain Attack

Miasma Supply-Chain Worm Open-Sourced on GitHub

Miasma's open-sourcing turns the previous day's Microsoft-repo incident into the first instance of a much broader supply-chain threat any actor can now reproduce.

Flat white line-art of a single node duplicating into two identical copies beside an open book, on a peacock background — academic self-replicating AI research.

Artificial Intelligence (AI)

Researchers Publish Prototype of Self-Replicating AI Worm Concept on Open-Weight Models

Half a century after Brunner imagined it, researchers publish a prototype — and the defender community gets a new detection-research agenda rather than an immediate operational threat.

Editorial science-poster illustration of cyber threat intelligence symbols — a radar dish, a dossier folder, a pinned bulletin board, a magnifying lens, a signal waveform, and a fountain pen.

Cybersecurity 101

What Is Cyber Threat Intelligence (CTI)? Types and Use Cases

Cyber threat intelligence (CTI) explained — the four types, the CTI lifecycle, where intelligence comes from, and how organizations turn it into action.

Flat white line-art of a VPN gateway with an open keyhole and an unlocked padlock, on a Crimson background — Check Point VPN zero-day.

Vulnerabilities

Check Point VPN Zero-Day CVE-2026-50751 Exploited for a Month Before Patch; Qilin Ransomware Involved

A logic-flow weakness in Check Point's Remote Access VPN gave a Qilin ransomware affiliate and other attackers a month to operate before a patch arrived.

Flat white line-art of a classical law-firm building beside a magnifying glass, on a Mulberry background — Mandiant UNC3753 report.

Threat Intelligence

Mandiant Documents UNC3753 Extortion Campaign Against US Legal-Services Firms

Mandiant's published findings on a financially motivated campaign give defenders in legal and financial services a sector advisory to act on.

See all