Category: Research
Chrome Launches Device Bound Session Credentials to Block Cookie Theft
Google's DBSC feature ties authentication sessions to hardware security modules, making exfiltrated cookies useless to attackers. It is now publicly available on…
Google Integrates Rust DNS Parser into Pixel 10 Modem Firmware
Google's Pixel team has embedded a memory-safe Rust-based DNS parser into the Pixel 10 cellular baseband, targeting a class of memory-safety vulnerabilities…
CISA Contractor Leaked AWS GovCloud Keys and Plaintext Passwords on GitHub
A public GitHub repository maintained by a Nightwing contractor exposed highly privileged AWS GovCloud credentials, plaintext passwords, and internal CISA system files…
Cisco Talos Uncovers BadIIS Malware-as-a-Service Ecosystem Tied to Chinese-Speaking Cybercrime
Cisco Talos researchers have identified a commodity BadIIS malware variant powering a mature malware-as-a-service operation used by Chinese-speaking threat actors to conduct…
Netherlands Seizes 800 Servers, Arrests 2 in Russian Cyberattack Infrastructure Bust
Dutch financial crime investigators arrested two men and seized over 800 servers tied to hosting infrastructure used to support Russian-linked DDoS attacks,…
Cisco Talos Releases EvidenceForge for Realistic Synthetic Security Logs
EvidenceForge is a new open-source tool from Cisco Talos that generates correlated, realistic security log datasets across 20-plus formats to support threat…
Encryption Optional: How Cyber Extortion Is Evolving Beyond Ransomware
Unit 42 research shows ransomware encryption dropped to 78% of extortion cases in 2025, as threat actors pivot to pure data theft…
Operation FlutterBridge: New macOS Backdoor Spreads via Google Ads
Unit 42 researchers have identified a macOS malvertising campaign delivering a Flutter-based backdoor called FlutterShell, capable of browser hijacking, shell command execution,…
Inside Cisco Talos Threat Hunting: Hypotheses, Telemetry, and Human Judgment
Cisco Talos has published a detailed look at its hypothesis-driven threat hunting methodology, including a real-world case study showing how correlated firewall…
Microsoft Teams Becomes Prime Vector for IT Impersonation Phishing
Threat actors including APT29 are exploiting overly permissive Teams federation settings to impersonate IT staff and trick employees into approving MFA prompts.…
How Attackers Abuse Cloud Logging Services to Evade Detection
Unit 42 researchers outline five techniques adversaries use to manipulate AWS CloudTrail and Google Cloud Logging, turning essential security infrastructure into a…
Researchers Link Ransomware Group ‘The Gentlemen’ to Izhevsk Man
Intelligence trails connecting forum handles, leaked databases, and open-source lookups point to a named Russian individual as the administrator behind one of…