-
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The post Inside AD CS Esca...
-
Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and f...
-
What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context and practical guidance.
-
NYDFS Cybersecurity Enforcement: US$2.25m Fine Against Delta Dental
On April 30, 2026, the New York Department of Financial Services (NYDFS) announced a consent order with Delta Dental Insurance Company and Delta Dental of New York, Inc. for all...
-
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details. The post Threat Brief: Exploitation of PAN-OS C...
-
The Digital Foundation of Public Trust Is More Than Skin Deep
Imagine a parent attempting to access Supplemental Nutrition Assistance Program (SNAP) benefits to feed the family, only to meet a perpetual loading screen. Or a resident rushin...
-
Supporting the National Cyber Strategy: How TrendAI™ Helps
A deeper look at the first three pillars and outlining how our capabilities directly support government agencies working to bring this strategy to life.
-
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
Copy Fail (CVE-2026-31431) is a critical Linux kernel LPE that allows stealthy root access. This flaw impacts millions of systems. Read our analysis. The post Copy Fail: What Yo...
-
Preparing for the UK’s New Data Protection Complaints Regime: Key Steps Before June 2026
The Data (Use and Access) Act 2025 (“DUAA”) has made a number of changes to the UK’s data protection regime, many of which have already come into force. From 19 June 2026, organ...
-
Top 10 Cybersecurity Companies in Europe
Over the last 10-15 years, the cybersecurity scene has gotten increasingly complex, as organizations adopt new technology and hackers evolve more innovative ways to target them....
