#Threat Intelligence
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag is the kind of Linux bug defenders worry about because it turns a limited foot...
Lucas Oliveira
Research
TCLBANKER turns WhatsApp and Outlook into trusted malware delivery channels
TCLBANKER turns WhatsApp and Outlook into trusted malware delivery channels The most important detail in Elastic's new TCLBANKER research is not just that a Bra...
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag deserves attention because it is not a theoretical Linux bug waiting for slow...
Lucas Oliveira
Research
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...
Lucas Oliveira
Research
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path The most important part of the DAEMON Tools incident is not that malware...
Lucas Oliveira
Research
Vishing and SSO abuse are accelerating rapid SaaS extortion
Vishing and SSO abuse are accelerating rapid SaaS extortion The most dangerous part of modern SaaS intrusions is not always malware. Sometimes it is speed, trus...
Lucas Oliveira
Research
CPUID breach turned CPU-Z and HWMonitor into a malware delivery path
CPUID breach turned CPU-Z and HWMonitor into a malware delivery path Executive summary A compromise of the CPUID website briefly turned trusted download links f...
Lucas Oliveira
Research
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions Storm-1175 is a financially motivated threat actor that Microsoft says has been using newly...
Lucas Oliveira
Research
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane CVE-2026-35616 is the second serious FortiClient EMS story in less than two...
Lucas Oliveira
Research
European Commission breach shows how stolen cloud secrets can spill across shared public platforms
European Commission breach shows how stolen cloud secrets can spill across shared public platforms The latest details on the European Commission cloud incident...
Lucas Oliveira
Research
CVE-2026-21643: FortiClient EMS exploitation puts exposed endpoint managers at immediate risk
CVE-2026-21643: FortiClient EMS exploitation puts exposed endpoint managers at immediate risk CVE-2026-21643 is the kind of flaw defenders should treat as an im...
Lucas Oliveira
Research
LeakBase arrest is a warning to review stolen credential exposure now
LeakBase arrest is a warning to review stolen credential exposure now | 2026 The reported arrest of the alleged LeakBase administrator in Russia is the kind of...
Lucas Oliveira
Research