Understanding the Cookie-Bite MFA Bypass Risk
The Cookie-Bite attack is an advanced evolution of Pass-the-Cookie exploits. This tactic bypasses Multi-Factor Authentication (MFA) by leveraging stolen authentication cookies—such as Azure Entra ID’s ESTSAUTH and ESTSAUTHPERSISTENT—to impersonate users ... Read More
The State of AI in Cybersecurity 2025: What’s Working, What’s Lagging, and Why It Matters Now More Than Ever
This second annual study offers a deeper look at how organizations are using AI to detect and respond to attacks faster, where it’s making the biggest impact, and what’s holding adoption back ... Read More
Safeguarding SAP Systems Amid Rising Financial Fraud and Economic Stress
SAP systems are the backbone of enterprise finance—and they’re under attack. As economic pressures rise, so do attempts to exploit financial platforms. From insider threats to ransomware and zero-day vulnerabilities, SAP’s critical role in handling billions of dollars daily makes it a high-value target. The recent disclosure of CVE-2025-31324, a critical zero-day in ... Read More
The Rise of AI-Driven Cyberattacks: Accelerated Threats Demand Predictive and Real-Time Defenses
Artificial intelligence (AI) is transforming industries, but it’s also empowering cybercriminals to launch sophisticated, high-speed cyberattacks. AI-driven attacks, particularly those orchestrated by autonomous AI agents, operate at an accelerated pace, compressing the window for detection and protection ... Read More
WarGames – it’s not 1983 anymore
China’s state-sponsored cyber operations, driven by groups like Volt Typhoon, Salt Typhoon, Brass Typhoon, and APT41, and amplified by techniques like Fast Flux DNS, are not chasing Hollywood apocalypse—they’re seizing America’s networks, turning our infrastructure into a weapon against us ... Read More
Volt Typhoon, Salt Typhoon & APT41: This is No Longer a Drill
New threat intelligence confirms what many infrastructure leaders have long feared: Chinese state-sponsored threat groups are not only capable of infiltrating U.S. critical systems—they already have ... Read More
Why the 2025 PyPI Attack Signals a New Era in Cloud Risk
The 2025 PyPI supply chain attack is a stark reminder of just how vulnerable cloud ecosystems remain to sophisticated, stealthy, and evolving threats ... Read More
The Fast Flux DNS Threat: A Call to Action Against a Geopolitical and Hacktivist Nightmare
Artificial Intelligence (AI) has quickly become an integral part of modern workflows, with AI-powered applications like copilots, chatbots, and large-scale language models streamlining automation, decision-making, and data processing. However, these same tools introduce significant security risks—often in ways organizations fail to anticipate ... Read More
Threat Research Report: How AI Assistants, Co-Pilots, and Chatbots Create New Cyber Threats
Artificial Intelligence (AI) has quickly become an integral part of modern workflows, with AI-powered applications like copilots, chatbots, and large-scale language models streamlining automation, decision-making, and data processing. However, these same tools introduce significant security risks—often in ways organizations fail to anticipate ... Read More
MixMode Uncovers Nation-State Attacks, Insider Threats, and Regulatory Risks in Critical Infrastructure Environment within 3 Days of Deployment
In our newest MixMode report, we break down how a critical infrastructure provider uncovered active nation-state and insider threats within three days of deploying our AI-driven security platform ... Read More
