Learn how the EDR Freeze uses Windows Error Reporting to suspend EDR/AV processes, how to detect it, and what to do if you see it.

CVE-2025-32711 (“EchoLeak”) is a critical zero click prompt injection in Microsoft 365 Copilot that could exfiltrate org secrets. Read the technical breakdown, detection rules, IR playbook and mitigation guidance.

A phishing attack on a maintainer led to 18 npm packages shipping malware that hijacks browser wallet flows. Learn the timeline, IoCs of the npm supply chain attack 2025

Dive deep into the UNC6040 breach of Salesforce environments via vishing and fake Data Loader apps. Learn the attack chain, affected organizations, and proven detection and mitigation strategies.

Explore CVE‑2025‑53770 ("ToolShell") a critical, unauthenticated RCE exploited in the wild against on-prem SharePoint. Understand how it works, real-world impact, detection rules, and remediation steps.