Marcus Thorne

Silent Ransom Group (Luna Moth) escalates attacks with in-person IT impersonation, bypassing digital defenses through social engineering.

Expert analysis of Hisense U6 Pro Mini LED TV, balancing performance with critical cybersecurity and OSINT considerations for researchers.

Cybercriminals impersonate Signal Support to steal backup recovery keys, compromising entire message archives.

The Pentagon's long-standing failure to secure troop location data has enabled adversaries to target US military personnel.

Technical analysis of DShield sensor file uploads over a year, revealing seasonal threat peaks, malware trends, and defensive strategies.

Highly technical analysis of attackers' shift from typosquatting to realistic code mimicry in open-source supply chain attacks.

Nordic CISOs demonstrate remarkable resilience against rising cyber threats, maintaining stability despite AI's evolving attack surface.

WatchGuard and ESET report Grandoreiro (Windows) and BTMOB (Android) banking trojan campaigns targeting LATAM and European businesses/users.

Strategies for MSSPs to scale threat detection and prevent analyst burnout using automation, AI, and advanced telemetry.

Beware fake ChatGPT, Claude, AutoTune software on GitHub/SourceForge distributing Deno RAT, enabling full device compromise. A critical cybersecurity alert.

Analyzing the technical and OSINT implications of Iran's partial internet reconnection after a 3-month blackout, focusing on forensics and attribution.

Deep dive into a sophisticated ChatApp-0day campaign, exploring attack vectors, forensic analysis, and advanced attribution techniques.

Dutch authorities seize 800 servers, arrest two for facilitating Russian state-sponsored cyberattacks and disinformation campaigns in the EU.

Deep dive into last week's cyber chaos: Linux flaws, Defender 0-days, router botnets, supply chain compromises, and sophisticated phishing.

Dutch authorities bust a bulletproof hosting network, disrupting cybercrime, disinformation, and Russian sanctions evasion operations.

Secure your next research rig. Maximize Memorial Day desktop deals for robust cybersecurity and OSINT workstation builds.

FBI warns about Kali365, a fast-growing phishing kit abusing Microsoft 365 device authorization for persistent, surreptitious access.

GitHub's VS Code extension compromised, NGINX flaw exploited. Deep dive into supply chain attacks and server vulnerabilities.

Critical Chrome update fixes arbitrary code execution flaws. Patch now to prevent exploitation via malicious websites. Browser Fetch still unpatched.

Examining the FBI's push for real-time LPR access, zero-day exploits, deepfake forensics, and advanced digital attribution tools.

Deep dive into stack string handling in HLL for red team evasion and blue team forensics, informed by SEC670 training.

Akamai joins vendors betting on Secure Enterprise Browsers, enhancing Zero Trust and SASE strategies against evolving web threats.

Authorities dismantle First VPN Service, a criminal VPN used by 25 ransomware groups, enhancing global cybersecurity defenses.

Alleged Kimwolf botnet leader, Jacob Butler, arrested in Canada, facing extradition and significant prison time.

CISA adds two critical Microsoft Defender flaws to KEV catalog. Learn about the exploitation, impact, and advanced defensive strategies.

EU accelerates digital sovereignty, moving from US Big Tech to homegrown solutions amid data privacy concerns and geopolitical shifts.

Deep dive into advanced persistent threats, supply chain vulnerabilities, and critical OSINT techniques discussed in the May 20th, 2026 ISC Stormcast.

Analysis of the "Premium Deception" Android malware campaign, using 250+ fake apps to silently charge users.

Interpol's Operation Ramz marks a critical advancement in MENA cybercrime enforcement, fostering unprecedented cross-regional collaboration.

Expert analysis of Google I/O 2026's security implications: Gemini 3.5, Spark, and Android XR's new threat landscapes.

Mini Shai-Hulud returns, compromising hundreds of npm packages, stealing tokens, installing backdoors, and persisting in CI/CD.

Deep dive into CIS Benchmarks May 2026 updates, focusing on cloud, AI/ML, IoT, and supply chain security for robust cyber defense.

AI-driven vulnerability reports overwhelm software maintainers with noise, causing alert fatigue and hindering critical fixes.

Microsoft Edge enhances security, preventing saved passwords from lingering in plaintext memory, mitigating memory scraping risks.

An in-depth analysis of cybercriminal twins caught by a forgotten Teams recording, alongside critical updates on ransomware, dark net arrests, and supply chain attacks.

NGINX CVE-2026-42945, a heap buffer overflow in ngx_http_rewrite_module, actively exploited, causing crashes and RCE risk.

Scammers exploit physical mail and QR codes to trick Ledger users into revealing critical seed phrases, blending old and new phishing tactics.

Technical analysis of the Tina Peters commutation, focusing on insider threat, data exfiltration, digital forensics, and election security implications.

Securing AI integration protocols with CIS MCP guidelines, covering authorization, tool access, and execution controls for robust defense.

Google Workspace introduces unified Context-Aware Access for SAML apps, establishing a universal security baseline and enhancing Zero Trust.

Analyzing the impact of new malware libraries on cybersecurity, requiring advanced signature generation and adaptive defense strategies.

Unit 42 research reveals Gremlin Stealer's evolution into a modular threat with advanced evasion and sophisticated data theft capabilities.

Cybersecurity legends reflect on 20 years of Dark Reading columns, revealing enduring threats and predictive insights shaping our digital future.

Deep dive into CVE-2026-42897, an actively exploited XSS spoofing vulnerability in on-prem Microsoft Exchange via crafted emails.

Pentagon official Paul Lyons warns advanced AI ushers in 'revolutionary warfare,' emphasizing cyber offense and the critical need for advanced telemetry.

Comprehensive guide for cybersecurity and OSINT researchers: 5 technical steps to secure cities before large-scale events, covering advanced threat intelligence, network hardening, detection, forensics, and multi-agency collaboration.

CERN's open-source KiCad library, 17,000 components strong, revolutionizes hardware design, offering critical insights for cybersecurity and OSINT researchers.

Analyzing DHS plans for autonomous drones, 5G, and 'battlefield intelligence' on the US-Canada border, focusing on cybersecurity implications.

A cybersecurity deep dive into website fraud mechanisms, OSINT methodologies, and advanced threat actor attribution.

OpenAI's Daybreak initiative leverages frontier AI models to build inherently secure software from the ground up.

May 2026 Patch Tuesday reveals AI's dual role: vulnerable to social engineering, yet adept at finding code flaws, driving record patch volumes.