As organizations increasingly rely on MCP servers to bridge AI capabilities with business systems, understanding and defending against threats is critical.

Varonis uncovers an RCE vulnerability in PostgreSQL via PL/Perl and PL/Rust. Learn how AWS RDS responded and how to secure your Postgres environment.

Learn how Varonis Threat Labs uncovered a critical Microsoft 365 Direct Send exploit, and how organizations leveraged Varonis Incident Response to protect themselves from attack.

Learn about the vishing threats from UNC6040 and UNC3944 targeting Salesforce environments and how to protect your organization from data breaches and extortion.

ToolShell is a critical SharePoint RCE exploit chain. Learn how it works, who’s at risk, and how to protect your environment before it’s too late.

A subtle versioning error in Microsoft’s AppLocker block list exposes a bypass risk — learn how to spot and fix this overlooked security gap.

A real-world look at how attackers use OneNote, OneDrive, and AI/no-code tools like Flazio for phishing, and practical steps to defend your organization today.

Complete Operation Frostbyte, an interactive mission created by Varonis Threat Labs to test the cybersecurity community’s Snowflake data security knowledge.

Varonis Threat Labs discovered a high severity vulnerability in ServiceNow’s platform that can lead to significant data exposure and exfiltration.

Varonis Threat Labs uncovered a phishing campaign with M365's Direct Send feature that spoofs internal users without ever needing to compromise an account.

Sometimes the old ones are best... avoided. Explore Kerberoasting and how it remains a relevant attack method.

Discover how Varonis researchers detect stealthy beacon traffic by analyzing jitter patterns, turning evasion tactics into powerful behavioral detection signals.