Category: Threat Intel

Software supply chain attacks aren’t new, but the JavaScript ecosystem and specifically NPM has become the perfect breeding ground for them. With millions of packages, heavy dependency chaining, and a culture of…

Command-and-Control (C2) frameworks sit at the core of modern offensive cyber operations. All ransomware groups, access brokers, APT units, and red team, use these tools or similar. They are stable for how…

Microsoft Threat Intelligence has observed a financially motivated cyber-threat actor, tracked as Storm-0501, shifting its playbook to exploit cloud environments. Once a on-premises attacker, the group now prioritizes cloud-native ransomware speeding up…