Shai-Hulud: Miasma - When a Supply-Chain Worm Learned to Hijack AI Coding Agents

Threat Intelligence

Security Joes

Jun 1024 min read

The Defender Domino: How a DigiCert Breach Turned Microsoft into an Unwitting Proxy for APT-Q-27

Threat Intelligence

Security Joes

May 69 min read

Hunting OpenClaw: Detection and Containment Guidance for Defenders

Threat Intelligence

Security Joes

Feb 616 min read

LazarOps: APT Tactics Targeting the Developers Supply Chain [PART 1]

Threat Intelligence

Security Joes

Aug 14, 202511 min read

Weaponizing Windows Drivers: A Hacker's Guide for Beginners

In the never-ending cat-and-mouse game of cybersecurity, every advancement in defense inevitably drives attackers to evolve their...

Security Joes

Jul 15, 202510 min read

Incident Response In The Age of Malicious ML Model Artifacts

Modern Incident Response: Tackling Malicious ML Artifacts

Machine learning model files (e.g. .pkl, .pt, .onnx, .pb) can serve as stealthy malware carriers. When a serialized model is the root cause of a breach, incident responders face unique challenges in detection, analysis, and attribution.

Community

Security Joes

May 12, 202512 min read

Gaps in Traditional DFIR Playbooks: Machine Learning Models

Incidents involving malicious ML models reveal significant weaknesses in standard Digital Forensics and Incident Response (DFIR)...

Community

Security Joes

May 4, 202510 min read

Crowdstrike Global Outage: Effective Solutions To Mitigate The Impact

Crowdstrike outage

Security Joes

Jul 19, 20242 min read

Security's Achilles' Heel: Vulnerable Drivers on the Prowl

A notable trend in cyber threats nowadays is the exploitation of vulnerabilities in drivers through the Bring Your Own Vulnerable Driver...

Threat Intelligence

Security Joes

Jul 15, 202414 min read