The Good | Authorities Dismantle Malicious Hosting Network & Sentence Oregon State Cyberattacker Web hosting firm, Stark Industries, was the subject of scrutiny this week from financial crime investigators in the Netherlands (FIOD). Founded just before the 2022 invasion of Ukraine, the firm had deep ties to Russian and Belarusian entities all sanctioned by the […]

The Good | Joint Operations Dismantle Cybercrime Infrastructure, Infostealers & Malicious VPNs Over 200 individuals and another 382 suspects have been rounded up in Interpol’s Operation Ramz, an initiative targeting cybercrime networks across the Middle East and North Africa. Spanning thirteen countries and working alongside cybersecurity partners, police seized 53 servers used for malware distribution,

The Threat Hunting World Championship is back — bigger, bolding, and with more on the line than ever. Sentinels League 2026, presented by SentinelOne® in partnership with DropZone AI, Google Cloud, and Mimecast, now is open for entries, and the best threat hunters on the planet are already sharpening their edge. This year’s championship brings

Agentic AI is no longer theoretical. It’s already embedded across enterprises inside developer workflows, SaaS platforms, and operational pipelines. It is executing tasks, chaining actions, and interacting with critical systems at machine speed. What makes this shift different from previous waves of automation is not just capability, it’s autonomy. These systems don’t wait for step-by-step

The “black box” assessment represents the most authentic test of an AI system’s security. Unlike white-box testing, where the system prompt and architecture are known, black box red-teaming forces the attacker to rely solely on the system’s outputs to map its internal defense mechanisms. This case study details a recent engagement with “[EduBot]” (pseudonym), a

Infostealers targeting macOS have continued to proliferate over the last two years, with threat actors iterating on successful techniques across related malware families. Researchers at Moonlock, Jamf, and Malwarebytes have previously documented the rise of SHub Stealer, including its use of fake application installers and “ClickFix” social engineering. This week, SentinelOne observed a new SHub

The software supply chain has become one of the most attractive targets for modern adversaries, but the attacks seen in 2025 did not focus solely on poisoning dependencies or hijacking packages. Increasingly, attackers are targeting the infrastructure that powers the software delivery lifecycle itself. Build servers, CI/CD runners, package managers, and developer workstations all sit

The Good | Authorities Dismantle Major Dark Web Marketplaces & Arrest Key Admins European authorities dismantled a lucrative, rebooted version of the ‘Crimenetwork’ cybercrime marketplace and arrested its primary administrator in Mallorca, Spain. When German police first disrupted the original platform in late 2024 and apprehended its operator, a 35-year-old suspect allegedly constructed an identical

In 2025, the enterprise risk landscape experienced a paradigm shift: the adoption of AI and LLMs officially becoming the primary driver of cloud risk. Today, almost 88% of organizations now leverage AI in at least one business function. With this level of integration, the risk of AI is now outpacing traditional security guardrails, culminating in

The Good | Courts Sentence Karakurt Ransomware Negotiator & Two DPRK IT Worker Scheme Facilitators Federal authorities have successfully secured a nearly nine-year prison sentence for Deniss Zolotarjovs, a Latvian national extradited to the U.S. for his critical role in the Karakurt extortion syndicate. Operating as a specialized “cold case” negotiator, Zolotarjovs (aka Sforza_cesarini) systematically