Threat Research

RSS

Threat Research

x-ops

Patch Tuesday

MICROSOFT PATCH TUESDAY

June Patch Tuesday smashes past 500-CVE mark

209 patches + 388 advisories = welcome to summer 2026

X-ops

Threat Research

Patch Tuesday

Microsoft addresses 163 CVEs, 88 advisories for April Patch Tuesday

Following a long-established pattern, the fourth month of the year is one of the cruelest

Threat Research

OpenClaw

LLM

penetration testing

Red Team

CISO

Sophos X-Ops

We let OpenClaw loose on an internal network. Here’s what it found

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks

Threat Research

STAC6405

infostealer

RMM

Phishing

Incident responders, s'il vous plait: Invites lead to odd malware events

A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway?

Shadow of a person in an underground mine

Threat Research

Dark Web

underground

AI in the underground: Curiosity, claims, and concerns

Threat Research

Crypto mining

Supply chain

You do surprise me.exe: An unexpected executable in Hola Browser

Gold cursor navigating around other cursors

Threat Research

EDR

Pointing a Cursor at evading detection

Threat Research

GitHub

Supply chain

GitHub internal repositories breached.

Threat Research

Ransomware

WantToCry

SMB

WantToCry ransomware remotely encrypts files

Threat Research

MacOS

AMOS

infostealer

Why AMOS matters: The macOS malware stealing data at scale

Illustration with many sea lions barking

Threat Research

X-ops

Patch Tuesday

MICROSOFT PATCH TUESDAY

May’s Patch Tuesday hauls out 132 CVEs

Threat Research

CISO

risk

Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments

Threat Research

Claude

Beagle

Backdoor

malvertising

DONUT

DLL sideloading

Sophos X-Ops

Donuts and Beagles: Fake Claude site spreads backdoor

…