Marcus Thorne

Critical Alert: Discontinued Edge Devices – A Gateway for State-Sponsored Cyber Espionage

Organizations must replace unsupported edge devices, as state-sponsored threat actors actively exploit their critical vulnerabilities.

Marcus Thorne General news

Vishing for Victory: Deconstructing the Advanced Apple Pay Phishing Campaign Exploiting Fake Support Calls

Sophisticated Apple Pay phishing combines digital lures with fake support calls to exfiltrate sensitive payment data.

Marcus Thorne General news

DKnife Unveiled: A Deep Dive into Chinese-Made Malware Targeting Routers and Edge Devices

Technical analysis of DKnife, a sophisticated Chinese malware framework exploiting routers and edge devices for reconnaissance and control.

Marcus Thorne General news

Unmasking the Digital Dilemma: 'Encrypt It Already' Campaign Confronts Big Tech on E2E Encryption in the AI Era

EFF urges Big Tech to implement E2E encryption by default, crucial for privacy amid rising AI use and advanced cyber threats.

Marcus Thorne General news

China's DKnife: Unpacking the Sophisticated AitM Framework Hijacking Routers

Deep dive into DKnife, a China-linked AitM framework leveraging seven Linux implants to hijack routers for traffic manipulation and malware.

Marcus Thorne General news

Beyond the Bargain: Deconstructing the Cybersecurity & OSINT Implications of an 85-inch Sony Bravia at Sub-$1000

Analyzing the cybersecurity and OSINT implications of the 85-inch Sony Bravia, covering IoT vulnerabilities, data privacy, and threat intelligence.

Marcus Thorne General news

Beyond the Horizon: Deconstructing the 2026 Cyber Threat Landscape & Advanced OSINT Strategies

Analyzing the evolving 2026 cyber threat landscape, supply chain vulnerabilities, APTs, and advanced OSINT for proactive defense.

Marcus Thorne General news

Cyber Startup Programme 2026: Unleashing Next-Gen Innovation Against Evolving Threats

Infosecurity Europe 2026 debuts a Cyber Startup Programme, fostering innovation, connecting early-stage companies with investors, and showcasing emerging cybersecurity technologies.

Marcus Thorne General news

EnCase Driver's Ghost in the Machine: Weaponized for EDR Kill Chains

Expired EnCase driver weaponized for EDR bypass, privilege escalation, and persistence. A critical BYOVD threat.

Marcus Thorne General news

Theonlinesearch.com: A Deep Dive into Browser Hijacking and Advanced Remediation Strategies

Technical guide to identifying, removing, and preventing Theonlinesearch.com browser redirects caused by malicious extensions and browser hijacking tactics.

Marcus Thorne General news

Securing the Sonic Perimeter: An OSINT & Forensics Analysis of Smart Soundbar Deployment

Analyzing flagship soundbars as IoT attack surfaces, focusing on network reconnaissance, data privacy, and forensic investigation techniques.

Marcus Thorne General news

Anomalous Phishing URLs: Unmasking Evasion Tactics in Recent Campaigns (Thu, Feb 5th)

Analyzing the surge of 'broken' phishing URLs observed on Feb 5th, revealing sophisticated evasion and obfuscation techniques by threat actors.

Marcus Thorne General news

GitHub Codespaces: Unmasking RCE Vulnerabilities via Malicious Repository Injections

Deep dive into RCE threats in GitHub Codespaces, detailing attack vectors, exploitation, and robust mitigation strategies.

Marcus Thorne General news

Cyber Success Trifecta: Education, Certifications & Experience in the AI Era

Colonel Pulikkathara emphasizes education, certifications, and experience as cornerstones for cybersecurity success amidst AI evolution.

Marcus Thorne General news

Critical N8n Sandbox Escape: A Gateway to Full Server Compromise and Data Exfiltration

Severe N8n sandbox escape allows arbitrary command execution, credential theft, and full server compromise. Immediate patching advised.

Marcus Thorne General news

AI-Enabled Voice & Virtual Meeting Fraud Explodes 1210%: A Deep Dive into Advanced Threat Vectors

Unprecedented surge in AI-powered voice and virtual meeting fraud. Researchers analyze deepfake tactics, detection challenges, and advanced countermeasures.

Marcus Thorne General news

Critical n8n RCE Flaw CVE-2026-25049: A Deeper Dive into Sanitization Bypass and System Command Execution

Critical n8n flaw CVE-2026-25049 enables arbitrary system command execution, bypassing previous sanitization fixes via malicious workflows.

Marcus Thorne General news

Global SystemBC Botnet Found Active Across 10,000 Infected Systems: A Critical Threat to Sensitive Infrastructure

SystemBC botnet infects 10,000 IPs, posing severe risks to government infrastructure. Analysis covers its capabilities and mitigation strategies.

Marcus Thorne General news

Microsoft's Sentinel: Detecting Covert Backdoors in Open-Weight LLMs

Microsoft unveils a lightweight scanner leveraging three signals to detect backdoors in open-weight LLMs, enhancing AI trust and security.

Marcus Thorne General news

CISA Warns: VMware ESXi Sandbox Escape Actively Exploited by Ransomware Gangs

CISA confirms ransomware gangs exploit a high-severity VMware ESXi sandbox escape, previously a zero-day, urging immediate patching and defense.

Marcus Thorne General news

Persistent Peril: Grok's Continued Generation of Unsafe Content Underscores Deep-Seated AI Safety Challenges

Grok's ongoing generation of sexualized images, even concerning vulnerable subjects, reveals critical failures in AI safety and content moderation.

Marcus Thorne General news

The SLSH Menace: Unmasking the Aggressive Tactics of Scattered Lapsus ShinyHunters

Analyzing Scattered Lapsus ShinyHunters' aggressive data extortion, harassment, and swatting tactics, and outlining robust defensive strategies.

Marcus Thorne General news

APT28's Lightning Strike: Weaponizing Microsoft Office RTF Zero-Day in 72 Hours

APT28 rapidly weaponized a Microsoft Office RTF vulnerability in three days, launching sophisticated multistage attacks.

Marcus Thorne General news

DockerDash: Critical Ask Gordon AI Flaw in Docker Desktop/CLI Exploited via Image Metadata

Docker patched a critical Ask Gordon AI flaw (DockerDash) allowing code execution and data exfiltration via malicious image metadata.

Marcus Thorne General news

Moltbot/OpenClaw Under Siege: Hundreds of Malicious Crypto Trading Add-Ons Uncovered on ClawHub

A security researcher found 386 malicious crypto trading 'skills' on ClawHub for OpenClaw, posing severe financial and data theft risks.

Marcus Thorne General news

CISA Emergency Directive: Critical SolarWinds RCE Exploited in the Wild

CISA flags critical SolarWinds Web Help Desk RCE flaw (CVE-2023-40000) as actively exploited, urging immediate patching.

Marcus Thorne General news

Attackers Harvest Dropbox Logins Via Fake PDF Lures: A Deep Dive into Corporate Phishing

Analyzing a malware-free phishing campaign leveraging fake PDF "request orders" to steal corporate Dropbox credentials.

Marcus Thorne General news

APT28 Unleashes "Operation Neusploit" with Microsoft Office Zero-Day Exploit (CVE-2026-21509)

APT28 weaponizes CVE-2026-21509 in Microsoft Office for espionage, targeting Ukraine, Slovakia, Romania in "Operation Neusploit."

Marcus Thorne General news

New GlassWorm Attack Leverages Compromised OpenVSX Extensions to Target macOS Developers and Crypto Assets

GlassWorm's new macOS attack exploits compromised OpenVSX extensions, stealing passwords, crypto-wallet data, and developer credentials.

Marcus Thorne General news

Manifest V3: A Catalyst for Re-architecting Browser Guard's Defense Mechanisms

Manifest V3 forced Browser Guard to rebuild its core. Discover how this led to enhanced performance, privacy, and security.

Marcus Thorne General news

Unmasking the ClawHub Threat: 341 Malicious Skills Jeopardize OpenClaw Users with Data Theft Campaigns

Koi Security uncovers 341 malicious ClawHub skills, exposing OpenClaw users to supply chain data theft risks.

Marcus Thorne General news

Malicious MoltBot Onslaught: Weaponized AI Skills Pushing Password Stealers

Over 230 malicious OpenClaw/MoltBot AI skills distributed, pushing password-stealing malware via official registries and GitHub.

Marcus Thorne General news

Seamless Scam Defense: Malwarebytes Integrates with ChatGPT for Real-time Threat Analysis

Malwarebytes in ChatGPT offers instant scam checks and threat analysis, a first in cybersecurity integration.

Marcus Thorne General news

Milano Cortina 2026: Navigating the Geopolitical and Cyber Terrain of Olympic Security

Foreign security forces, including ICE and Qatari contingents, raise significant cybersecurity, privacy, and sovereignty concerns for Italy's Winter Olympics.

Marcus Thorne General news

Exposed MongoDB: A Persistent Magnet for Automated Data Extortion Attacks

Automated attacks relentlessly target exposed MongoDB instances, demanding low ransoms for data restoration. A critical cybersecurity threat.

Marcus Thorne General news

ISC Stormcast 9790: AI-Driven Phishing & Covert Exfiltration - The 2026 Threat Landscape

Analyzing advanced AI phishing, social engineering, and covert data exfiltration methods discussed in ISC Stormcast 9790.

Marcus Thorne General news

Unmasking the Architects: Who Operates the Badbox 2.0 Botnet?

Kimwolf botnet claims compromise of Badbox 2.0 C2, potentially revealing operators of the vast Android TV box botnet.

Marcus Thorne General news

Apple's New Frontier in Privacy: Obfuscating Cellular Location Data

Apple introduces a new feature limiting cellular network location precision, enhancing user privacy against carrier tracking on iPhones and iPads.

Marcus Thorne General news

RedKitten Unleashed: Iran-Linked Cyber Campaign Targets Human Rights Defenders Amidst Unrest

RedKitten, an Iran-linked cyber campaign, targets human rights NGOs and activists documenting abuses amidst 2025-2026 unrest, using sophisticated social engineering.

Marcus Thorne General news

Unmasking the Shadows: The Cybersecurity Implications of a 'Personal Hacker' and Evolving Digital Threats

Examine the cybersecurity implications of a 'personal hacker,' advanced AI agents like OpenClaw, global cybercrime, and crypto theft.

Marcus Thorne General news

The Algorithmic Irony: Trusting ChatGPT Amidst Ad Integration – A Cybersecurity Researcher's Perspective

Analyzing cybersecurity risks introduced by ChatGPT's ad rollout, challenging OpenAI's trust claims from a defensive research standpoint.

Marcus Thorne General news

AI Superpower at Risk: The Linwei Ding Conviction and the Escalating Threat of AI IP Theft

Ex-Google engineer convicted for stealing AI supercomputer data, highlighting critical risks of insider threat and intellectual property espionage.

Marcus Thorne General news

Torq Propels SOCs Beyond SOAR with AI-Powered Hyperautomation: A Paradigm Shift in Cyber Defense

Torq's $1.2B valuation fuels AI-driven hyperautomation, revolutionizing SOC operations by transcending traditional SOAR limitations.

Marcus Thorne General news

Mandiant Uncovers ShinyHunters' Sophisticated SSO & MFA Phishing Campaign: A Deep Dive into Cloud Data Theft

Mandiant details how ShinyHunters abuses SSO and MFA via vishing and phishing to steal cloud data.

Marcus Thorne General news

Mandiant Uncovers Sophisticated ShinyHunters Vishing Campaign Targeting MFA-Protected SaaS Platforms

Mandiant reveals ShinyHunters-style vishing attacks bypass MFA to breach SaaS, emphasizing advanced social engineering and credential harvesting.

Marcus Thorne General news

2026: The Year Agentic AI Becomes the Attack-Surface Poster Child

Agentic AI will dominate cyber threats by 2026, creating new, autonomous attack surfaces. An analysis for defenders.

Marcus Thorne General news

Researchers Uncover Sophisticated Chrome Extensions: Affiliate Fraud & ChatGPT Credential Theft

Malicious Chrome extensions identified, hijacking affiliate links, exfiltrating data, and stealing OpenAI ChatGPT authentication tokens.

Marcus Thorne General news

Crypto's Dark Surge: A Record $158 Billion in Illicit Flows Threatens Digital Trust

Illicit crypto flows hit a staggering $158B in 2025, reversing trends. This article analyzes the surge, impact, and defensive strategies.

Marcus Thorne General news

Weaponizing Trust: Google Presentations Exploited in Vivaldi Webmail Phishing Campaign

Attackers leverage Google Presentations for phishing Vivaldi Webmail users, bypassing security and harvesting credentials via trusted domains.

Marcus Thorne General news

Labyrinth Chollima Evolves: Dissecting the Tripartite North Korean Threat

CrowdStrike assesses Labyrinth Chollima fractured into three North Korean APTs, specializing in finance, espionage, and disruption.

Marcus Thorne General news

Badges, Bytes, and Blackmail: Unmasking Cybercriminals and the Digital Hunt

An in-depth look at how law enforcement identifies, tracks, and apprehends cybercriminals, revealing their origins, roles, and common mistakes.

Senior Cybersecurity Analyst and Digital Privacy Advocate with over 15 years of experience in network security. Marcus specializes in threat intelligence and data protection strategies.

Critical Alert: Discontinued Edge Devices – A Gateway for State-Sponsored Cyber Espionage

Vishing for Victory: Deconstructing the Advanced Apple Pay Phishing Campaign Exploiting Fake Support Calls

DKnife Unveiled: A Deep Dive into Chinese-Made Malware Targeting Routers and Edge Devices

Unmasking the Digital Dilemma: 'Encrypt It Already' Campaign Confronts Big Tech on E2E Encryption in the AI Era

China's DKnife: Unpacking the Sophisticated AitM Framework Hijacking Routers

Beyond the Bargain: Deconstructing the Cybersecurity & OSINT Implications of an 85-inch Sony Bravia at Sub-$1000

Beyond the Horizon: Deconstructing the 2026 Cyber Threat Landscape & Advanced OSINT Strategies

Cyber Startup Programme 2026: Unleashing Next-Gen Innovation Against Evolving Threats

EnCase Driver's Ghost in the Machine: Weaponized for EDR Kill Chains

Theonlinesearch.com: A Deep Dive into Browser Hijacking and Advanced Remediation Strategies

Securing the Sonic Perimeter: An OSINT & Forensics Analysis of Smart Soundbar Deployment

Anomalous Phishing URLs: Unmasking Evasion Tactics in Recent Campaigns (Thu, Feb 5th)

GitHub Codespaces: Unmasking RCE Vulnerabilities via Malicious Repository Injections

Cyber Success Trifecta: Education, Certifications & Experience in the AI Era

Critical N8n Sandbox Escape: A Gateway to Full Server Compromise and Data Exfiltration

AI-Enabled Voice & Virtual Meeting Fraud Explodes 1210%: A Deep Dive into Advanced Threat Vectors

Critical n8n RCE Flaw CVE-2026-25049: A Deeper Dive into Sanitization Bypass and System Command Execution

Global SystemBC Botnet Found Active Across 10,000 Infected Systems: A Critical Threat to Sensitive Infrastructure

Microsoft's Sentinel: Detecting Covert Backdoors in Open-Weight LLMs

CISA Warns: VMware ESXi Sandbox Escape Actively Exploited by Ransomware Gangs

Persistent Peril: Grok's Continued Generation of Unsafe Content Underscores Deep-Seated AI Safety Challenges

The SLSH Menace: Unmasking the Aggressive Tactics of Scattered Lapsus ShinyHunters

APT28's Lightning Strike: Weaponizing Microsoft Office RTF Zero-Day in 72 Hours

DockerDash: Critical Ask Gordon AI Flaw in Docker Desktop/CLI Exploited via Image Metadata

Moltbot/OpenClaw Under Siege: Hundreds of Malicious Crypto Trading Add-Ons Uncovered on ClawHub

CISA Emergency Directive: Critical SolarWinds RCE Exploited in the Wild

Attackers Harvest Dropbox Logins Via Fake PDF Lures: A Deep Dive into Corporate Phishing

APT28 Unleashes "Operation Neusploit" with Microsoft Office Zero-Day Exploit (CVE-2026-21509)

New GlassWorm Attack Leverages Compromised OpenVSX Extensions to Target macOS Developers and Crypto Assets

Manifest V3: A Catalyst for Re-architecting Browser Guard's Defense Mechanisms

Unmasking the ClawHub Threat: 341 Malicious Skills Jeopardize OpenClaw Users with Data Theft Campaigns

Malicious MoltBot Onslaught: Weaponized AI Skills Pushing Password Stealers

Seamless Scam Defense: Malwarebytes Integrates with ChatGPT for Real-time Threat Analysis

Milano Cortina 2026: Navigating the Geopolitical and Cyber Terrain of Olympic Security

Exposed MongoDB: A Persistent Magnet for Automated Data Extortion Attacks

ISC Stormcast 9790: AI-Driven Phishing & Covert Exfiltration - The 2026 Threat Landscape

Unmasking the Architects: Who Operates the Badbox 2.0 Botnet?

Apple's New Frontier in Privacy: Obfuscating Cellular Location Data

RedKitten Unleashed: Iran-Linked Cyber Campaign Targets Human Rights Defenders Amidst Unrest

Unmasking the Shadows: The Cybersecurity Implications of a 'Personal Hacker' and Evolving Digital Threats

The Algorithmic Irony: Trusting ChatGPT Amidst Ad Integration – A Cybersecurity Researcher's Perspective

AI Superpower at Risk: The Linwei Ding Conviction and the Escalating Threat of AI IP Theft

Torq Propels SOCs Beyond SOAR with AI-Powered Hyperautomation: A Paradigm Shift in Cyber Defense

Mandiant Uncovers ShinyHunters' Sophisticated SSO & MFA Phishing Campaign: A Deep Dive into Cloud Data Theft

Mandiant Uncovers Sophisticated ShinyHunters Vishing Campaign Targeting MFA-Protected SaaS Platforms

2026: The Year Agentic AI Becomes the Attack-Surface Poster Child

Researchers Uncover Sophisticated Chrome Extensions: Affiliate Fraud & ChatGPT Credential Theft

Crypto's Dark Surge: A Record $158 Billion in Illicit Flows Threatens Digital Trust

Weaponizing Trust: Google Presentations Exploited in Vivaldi Webmail Phishing Campaign

Labyrinth Chollima Evolves: Dissecting the Tripartite North Korean Threat

Badges, Bytes, and Blackmail: Unmasking Cybercriminals and the Digital Hunt