Discover Bluekit, the AI-driven phishing kit that centralizes phishing operations with advanced features like automated domain registration and an AI Assistant.

Vercel disclosed a major breach exposing customer environment secrets via a compromised AI tool. Learn what happened, why it matters, and the steps to protect your organization.

Learn how anonymous S3 requests evaded AWS CloudTrail logging via VPC endpoints, the risks to enterprises, and how AWS addressed the issue.

Varonis Threat Labs investigated Comet, OpenAI Atlas, Edge Copilot, and Brave Leo to understand how LLM browsers work and where attackers can break them.

A Varonis Threat Labs breakdown of Anthropic’s Claude Code leak, uncovering the AI coding agent’s architecture, guardrails, and attack surface.

Meet Storm, a new infostealer that tiptoes around endpoint security tools, remotely decrypts browser credentials, and lets operators restore hijacked sessions.

Varonis uncovers a local file inclusion vulnerability in the AWS Remote MCP Server, exposing how authenticated access can lead to sensitive data exposure.

ShinyHunters is abusing misconfigured Salesforce Experience sites to expose sensitive data. Learn how the attack works and how to reduce your risk.

Months after Shai‑Hulud, organizations are still uncovering breaches. Learn what the campaign did, its lasting impact, and how to assess exposure.

1Campaign is a new cloaking platform that helps attackers bypass Google Ads screening, evade security researchers, and keep phishing and crypto drainer pages online longer.

Explore how cybercriminals buy VPN credentials, infostealer logs, breach databases, and web shells to access networks without writing a single exploit.

Discover how attackers can hijack Google Cloud Dataflow pipelines by manipulating shadow resources and learn how to secure your environment against it.