Research & Blog
Intelligence. Analysis. Learning.
From breaking threat reports to hands-on technical deep-dives and beginner-friendly guides — all in one place.
Dissecting LockBit 4.0: How the resurgent ransomware evades modern EDR
A technical deep-dive into the evasion techniques employed by the latest LockBit variant.
North Korean APT targets crypto firms via LinkedIn recruiters
Social engineering campaigns impersonating HR professionals to deliver DPRK-linked payloads.
Azure AD token abuse: lateral movement without credentials
How attackers pivot across tenants using forged access tokens and misconfigured consent flows.
Your first CTF: a practical guide to getting started in security
Everything an aspiring security professional needs to know before their first competition.
Poisoned packages: inside the 2025 npm supply chain attack campaign
Analyzing how threat actors embedded persistent backdoors in 30+ popular open-source packages.
QR code phishing is surging — and your email filters can't stop it
Quishing campaigns bypass traditional email security by encoding malicious URLs in QR images.
Kernel-level rootkits in 2025: detection techniques and blind spots
An in-depth look at modern rootkit evasion strategies and how defenders can improve visibility.
Networking fundamentals every security professional must know
TCP/IP, subnetting, DNS, and packet analysis — the foundational knowledge that underpins everything.
Top AWS misconfigurations that lead to data breaches — and how to fix them
A practical walkthrough of the most common S3, IAM, and VPC mistakes seen in real-world incidents.