A massive phishing-led NPM attack compromised popular packages with 2.67B weekly downloads, hijacking crypto wallets via stealthy AI-generated emails.

SpamGPT is a new AI-powered email attack tool that is changing the way businesses address email security issues. Learn how this technology makes phishing attacks more effective and how to protect your company's email systems ahead of time.

Validate your security tools with a real-world attack simulation that reveals detection gaps and boosts your cyber resilience.

A misconfigured upload path exposed a Linux web server to attack. Varonis Threat Labs reveals how it happened and how to prevent future breaches.

As organizations increasingly rely on MCP servers to bridge AI capabilities with business systems, understanding and defending against threats is critical.

Varonis uncovers an RCE vulnerability in PostgreSQL via PL/Perl and PL/Rust. Learn how AWS RDS responded and how to secure your Postgres environment.

Learn how Varonis Threat Labs uncovered a critical Microsoft 365 Direct Send exploit, and how organizations leveraged Varonis Incident Response to protect themselves from attack.

Learn about the vishing and recent attacks from ShinyHunters' targeting Salesforce environments and how your org can stay protected from data breaches and extortion.

ToolShell is a critical SharePoint RCE exploit chain. Learn how it works, who’s at risk, and how to protect your environment before it’s too late.

A subtle versioning error in Microsoft’s AppLocker block list exposes a bypass risk — learn how to spot and fix this overlooked security gap.

A real-world look at how attackers use OneNote, OneDrive, and AI/no-code tools like Flazio for phishing, and practical steps to defend your organization today.

Complete Operation Frostbyte, an interactive mission created by Varonis Threat Labs to test the cybersecurity community’s Snowflake data security knowledge.