OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry. The…
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry. The…
Qilin ransomware is a highly active and sophisticated ransomware operation that has rapidly modernized its evasion techniques. Historically focused on file encryption, the ransomware-as-a-service (RaaS)…
In this article Across the threat landscape, in this moment, one pattern sits at the center of the story: threat actors are following trust. They…
Key takeaways Advanced Persistent Threats (APTs) are sophisticated, long-term cyber campaigns conducted by well-funded human adversaries (often nation-states) who target specific organizations for espionage, data…
In this article AI agents aren’t only smarter API callers. They plan, chain actions across systems, and invoke tools in sequences while no single human…
Unit 42’s 2026 Global Incident Response Report offers frontline intelligence drawn directly from global investigations. The report spotlights four defining trends shaping the threat landscape.…
The export controls imposed on Anthropic’s Fable model mark a significant shift in United States (US) artificial intelligence (AI) policy. The controls set a precedent…
A fast-growing scam impersonates city and county planning departments, sending property owners real-looking invoices for fake permit fees and pressuring them to wire payment on…
In a recent episode of Intel 471’s Happy Hunting series, we broke down Scattered Spider, a group behind several high profile breaches over the past…
When a high-profile data breach hits headlines, the default assumption is often to view the dark web as a single, centralized marketplace where any illicit…
Executive Summary The Gentlemen (aka Storm-2697) is a Ransomware-as-a-Service (RaaS) program active since at least July 2025. Public reporting indicates that the operators were likely…
In June 2026, Insikt Group® identified 60 high-impact vulnerabilities that should be prioritized for remediation, 30 of which had a Very Critical Recorded Future Risk…