Discover how the Varonis Cookie-Bite PoC redefines session hijacking by stealing browser cookies to bypass MFA and maintain persistent access to cloud services like Microsoft 365.

We uncover the sophisticated tactics of the notorious APT29 group, also known as Midnight Blizzard. This deep dive explores their 2025 phishing campaign leveraging the advanced Grapeloader malware, targeting global organizations with precision. Learn how APT29 exploits vulnerabilities, deploys stealthy payloads, and evades detection, alongside expert insights into countermeasures to protect against this evolving cyberthreat.

Cybercriminals are using fake updates to deliver malware across Windows, macOS, and Android. Our latest blog breaks down the full attack chain in six steps, revealing how attackers compromise websites, trick users, and steal sensitive data.

A recent typosquatting attack on Go developers disguised a malicious package as the popular BoltDB library, exploiting Go’s module caching system to keep the backdoor accessible even after the repository was cleaned.