Threat Analyst
Artem specializes in analyzing large-scale data breaches and social engineering methods. He believes that the primary vulnerability in any system isn't code-it's human behavior. In his articles, he deconstructs complex cybercriminal schemes and transforms them into actionable security guidelines.
Eight memory safety bugs in one Chrome update. Three hit the GPU stack, one targets the authentication API. A pseudonymous researcher filed two GPU-adjacent flaws in four days. This is …
Read more →
Forty-two CVEs in a single Firefox release. Six are sandbox escapes. Six were found by researchers using Anthropic's Claude. Chrome patched 8 more the same day. Both browsers closed attack …
Read more →
A Russian access broker sold corporate network credentials for $1,000. His Yanluowang buyers demanded millions. Separately, a DigitalMint negotiator ran BlackCat attacks against his own clients, extracting $75 million. Both …
Read more →
Oracle's emergency patch fixes a CVSS 9.8 pre-auth RCE in Identity Manager. PTC Windchill carries a CVSS 10.0 zero-day with webshell IOCs but no patch. Langflow AI pipelines were exploited …
Read more →
A 24-day supply chain campaign hit Aqua Security's Trivy scanner, 75 GitHub Actions tags, and 66+ npm packages. TeamPCP stole CI/CD secrets from 10,000+ workflows using memory scraping and spawned …
Read more →
Four MOIS domains seized, replacement site launched within hours. Handala Hack wiped 80,000 Stryker devices through Microsoft Intune without deploying malware, sent $250,000 bounty threats to dissidents, and doxxed 190 …
Read more →
A weekend batch of 198 CVEs includes a BACnet plaintext flaw (CVSS 9.1) exposing building automation to traffic interception. WordPress gets hit with five privilege escalation bugs, cookie-based SQL injection …
Read more →
Four IoT botnets that launched 316,000+ DDoS attacks and hit a record 31.4 Tbps are down. The DOJ-led takedown targeted Aisuru, KimWolf, JackSkid, and Mossad, which had compromised 3+ million …
Read more →
Oracle broke its quarterly cycle with an emergency patch for Identity Manager RCE (CVSS 9.8), likely a bypass of an actively exploited October 2025 flaw. Spring patched two actuator auth …
Read more →
Hair dryers, dummy servers, and sobbing emojis. Super Micro co-founder Wally Liaw charged with smuggling $2.5 billion in Nvidia AI servers to China. Shares fell 25%. The largest AI chip …
Read more →
A contractor stole payroll data, demanded $2.5 million in crypto, and framed it as salary transparency. Cameron Curry extorted Siemens subsidiary Brightly Software with 60+ emails, SEC threats, and a …
Read more →
Thirty-six days of zero-day access. Interlock ransomware hit Cisco Firewall Management Center via CVE-2026-20131 (CVSS 10.0) before anyone knew the flaw existed. A misconfigured server exposed their entire toolkit. CISA …
Read more →