The Axios Supply Chain Attack
The Axios supply chain attack proves attackers don’t need vulnerabilities if they can hit the assembly line. By compromising a single npm maintainer account, they were able to slip a trojan into Axios...
10 Apr 43min
OpenClaw & Moltbook (w/ Moriah Hara!)
OpenClaw – an opensource AI agent dubbed “Claude with hands” – has exploded across GitHub, rocketing from obscurity to 170,000 stars in just two weeks. It’s now the fastest spreading form of shadow IT...
14 Feb 43min
The React2Shell Crisis
React2Shell, the zero-click RCE exploit, is rapidly becoming one of the most significant cybersecurity incidents this year. From emergency patches causing a massive Cloudflare outage to active exploi...
15 Des 202522min
AI-Powered Espionage
A Chinese state-sponsored group weaponized Anthropic’s Claude tool to launch the first large-scale AI-driven espionage campaign, targeting more than 30 organizations across tech, finance, manufacturin...
24 Nov 202523min
Black Hat Cartels
More from Varonis ⬇️ Visit our website: https://www.varonis.com LinkedIn: linkedin.com/company/varonis X/Twitter: x.com/varonis Instagram: instagram.com/varonislife Want to join us live? Save a seat...
31 Okt 202523min
Supply Chain Attacks
This month marked the discovery of one of the largest NPM compromises in history. Though AI-assisted social engineering, a profilic developer dubbed Qix was phished. His account was then maliciously u...
20 Sep 202524min
ShinyHunters' CRM Heist
One phone call was all it took for ShinyHunters to breach some of the world's biggest brands. By exploiting Salesforce to infiltrate Google, Cisco, and many others, this group has shown just how vulne...
18 Aug 202526min
