A reflection on the shift from opportunistic human-speed attacks to autonomous machine-speed operations, and why survival in the AI era depends on updating our structural assumptions.
An analysis of RDP exposure on port 3389 across the 27 EU member states using Shodan data, highlighting risks and providing a hardening checklist.
An analysis of SMB exposure on port 445 across the EU using Shodan data, highlighting the critical risks associated with exposing this internal protocol to the public internet.
An analysis of Telnet exposure across the 27 EU member states using Shodan data, highlighting the risks of this unencrypted command-line protocol.
An analysis of FTP exposure across all 27 EU member states using Shodan data, highlighting anonymous login rates and affected device types.
An analysis of AI poisoning (data poisoning), exploring how attackers manipulate training data and how defenders can protect the integrity of machine learning models.
An analysis of recent campaigns targeting developers through fake repositories, breaching air-gapped systems, and using fake Zoom update scams.
An analysis of UNC2814's campaign using Google Sheets as a C2 channel for the GRIDTIDE backdoor, highlighting modern stealth and cloud service abuse.
A practical breakdown of the CrowdStrike 2026 Global Threat Report, focusing on 29-minute breakout times, malware-free intrusions, and AI-enabled adversary activity.
An analysis of the increasing use of CVE-2026-21509 in targeted phishing campaigns by advanced threat actors, and the resulting risks for enterprise environments.
A retrospective on the 2025 cyber threat landscape and projections for 2026, focusing on identity, zero-days, and the blending of cyber and information operations.
An analysis of a sophisticated multi-stage phishing campaign impersonating Booking.com to target both hotel partners and their guests.
An analysis of an active npm supply chain worm that targets developers and AI coding assistants using typosquatting and sophisticated evasion techniques.
An analysis of the psychological and social drivers behind domestic hacktivism and DDoS attacks, drawing lessons from recent arrests in Spain.
An analysis of the Keenadu firmware-level Android backdoor, explaining how it hides in core system libraries and why it's a significant supply chain threat.