Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks

Throughout 2026, Arctic Wolf has investigated multiple Anubis ransomware intrusions. Although threat actor tradecraft differs between intrusions, key themes have emerged: abuse of VPN infrastructure, blending in with legitimate activity through the use of Remote Monitoring and Management (RMM) solutions, and using other legitimate binaries on victim devices.

What Is Privacy-by-Design and Why Is It Important?

Every AI application relies on data. From customer conversations and healthcare records to financial transactions, organizations process enormous volumes of sensitive information every day. As AI adoption grows, so does the need to protect that data from misuse, exposure, and compliance risks. This is why understanding what privacy by design entails has become a business necessity rather than just a compliance requirement.

Browser Security: Zero-Days Are Only Part of the Problem

The browser is the operating environment for modern work — it’s where employees access email, SaaS applications, collaboration tools, HR systems, finance platforms, customer data, developer resources and AI services. All of this activity makes the browser a high-value target for attackers because it sits between users, identities, applications, and sensitive enterprise data.

How KeeperMSP Simplifies Multi-Tenant Security

For Managed Security Service Providers (MSSPs), managing cybersecurity programs across multiple client environments can be a daunting task. Context-switching between isolated client accounts, enforcing access policies at scale and ensuring that no vulnerability in one environment affects another demonstrates the ongoing challenges of multi-tenant security.

What the Black Hat NOC taught me about MCP & agentic SOCs (Chapter 1 of 4)

The first time an MCP (Model Context Protocol) server felt real to me, it wasn't because of a clean demo. It was because of the noise. TL;DR: The harness matters more than the protocol, and the evidence matters more than both. MCP earns its keep when it shortens the path from a good security question to trustworthy evidence, and almost everything interesting about making that work happens in the harness wrapped around the model. In this series, I will cover how to build an MCP for an AI SOC.

Phone Bombing Attacks 2026: A Complete Guide

If your phone has not stopped buzzing for twenty minutes, you may be facing a synchronized disruption tactic called a “bombing” attack. In the 2026 cybersecurity landscape, flooding an endpoint with many requests is not just a nuisance. A weaponized operational strategy. Whether an SMS bomber script targets a person or bot networks drive up a business’s API bills, the exploit works the same way.

Braintrust's Ankur Goyal: Code review doesn't cover prompts

Zero-Shot Learning is a podcast about how AI gets built, secured, and deployed. Hosted by Nancy Wang, 1Password CTO, and Dev Tagare, Senior Director of Engineering at Google, it’s a builder’s view of the architecture and the decisions it takes to ship with AI.

Top 10 Open Source SIEM Tools for 2026

At 2 a.m., an alert queue full of raw Windows events, firewall logs, and duplicate detections stops being a tooling problem and becomes an operations problem. The team does not need another dashboard. It needs a SIEM that can ingest the right data, normalize it, correlate it well enough to surface real incidents, and stay maintainable after the initial rollout.