What we know about the Axios npm supply chain compromise, and what to do about it.

I first read about this on March 31, sitting at Changi Airport on my way back from RSAC. Two malicious versions of Axios had been live on the npm registry overnight.

Tusker has a new friend. Upgrading CBAS training with Cobalt Strike.

Upgrading 'Mastering breach and adversarial attack simulation engagements' training at DEF CON Training Singapore with Cobalt Strike C2.

Nimbus Manticore: How an Iran-aligned APT weaponizes fake job portals and DLL side-loading

Nimbus Manticore is a highly sophisticated threat actor group, assumed to be aligned with Iranian state interests.

Scattered Spider: Inside the operations of a modern threat group

Scattered Spider is one of the most dangerous and active cyber criminal groups operating today.

Hello World!

Hello world from BreachSimRange! From Mammoth to the Tusker, the hunter becomes the hunted.