Our Compromise Assessment service report features such a hidden threat as generative AI
Users receive attackers’ remote access tool along with popular freeware
How to detect malware that runs on Linux systems without writing on disk
Some stats on threats found in backups during compromise assessment
New attacks use .vbs droppers, .com droppers, and .com stealer written in Rust
Registration of a malicious provider can be detected in ProviderOrder and ProviderPath parameters
Detecting privilege escalation in Linux through TOCTOU vulnerability
A 2020 vulnerability still allows a local user to elevate privileges to SYSTEM
Vulnerability CVE-2025-47179 allows for full control over SCCM
Catching exploitation of a vulnerability that antiviruses don’t see
How to prevent exploitation of a vulnerability in a popular image editing tool
A chain of events 4023 and 4021 from the same IP address means an attack
Severe vulnerability allows an unprivileged user to gain root
An attacker can take over the domain if automatic client push installation is enabled on the server
A technique much simpler than rootkit can make a malicious process invisible
Combining MDR and IR statistics provides a better understanding of current and emerging threats
How our MDR team investigated a Brazilian hacker attack on Mexico
What types of attacks are leading in different sectors in different years?
How critical incidents of different types were distributed across industries in 2020-2025
Another story of non-standard remote access