// publications
Research & Publications
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
Tracking the Expansion of ShinyHunters SaaS Data Theft
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
Bringing Access Back
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
Assessed Cyber Structure and Alignments of North Korea in 2023
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation
North Korea Leverages JumpCloud in a Targeted Supply Chain Attack
Barracuda ESG Zero-Day Vulnerability Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SIM Swapping and Abuse of the Microsoft Azure Serial Console
// conferences
Talks & Presentations
// press & coverage
Media
- Cyber Magazine GTIG: How Did North Korean Hackers Compromise Axios?
- Infosecurity Magazine Hackers Hijack Axios NPM Package
- CyberSecurity Dive Axios open-source library targeted in sophisticated supply chain attack
- Cyber Magazine DarkSword Spyware: Is Your iPhone Watching You?
- TechCrunch Google says hackers stole data from 200 companies following Gainsight breach
- Reuters Google says dozens of organizations affected by Oracle-linked hacking campaign
- 404 Media Suspected Snowflake Hacker Arrested in Canada
- The Record CISA adds Chrome, open-source bugs
- SC Magazine Barracuda ESG hacks focused on China's high-priority targets
- BleepingComputer JumpCloud breach traced back to North Korean state hackers
- TechTarget Chinese nation-state actor behind Barracuda ESG attacks