Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Adobe Reader zero-day vulnerability in active exploitation

On April 7, 2026, a security researcher described an Adobe Reader zero-day vulnerability that has been exploited since at least December 2025. The vulnerability allows threat actors to execute privileged Acrobat APIs via specially crafted malicious PDF files that execute obfuscated JavaScript when opened. Exploitation allows attackers to steal sensitive user and system data and to potentially launch additional attacks and remotely execute code.

Episode 12 - The Agentic SOC: Upleveling Analysts with AI Knowledge Multipliers

Richard Bejtlich sits down with Stan Kiefer, Corelight’s Senior Manager for Data Science, to discuss how AI serves as a vital "abstraction layer" and "knowledge multiplier" for security analysts. Stan explains that while AI can synthesize complex information, it remains untrustworthy without high-fidelity network data at its center to provide verifiable evidence. The episode explores the shift toward an "agentic ecosystem" and a tiered architecture where a central orchestrator manages specialized sub-agents to accelerate detection and investigation.

Modernizing threat detection with advanced ML: Corelight Sensor v.29 release highlights

Staying ahead of sophisticated attackers requires a security platform that evolves at the speed of the threat landscape. Today’s attackers are AI-enabled, increasing the number of attacks and targeting vulnerabilities more quickly than ever. That's why we are excited to announce the Corelight Sensor v.29 release, a significant step forward in our mission to provide critical detections backed by the world's best network evidence.

Tuning Machine Learning Settings in Fleet Manager

In this video, we introduce the basic features of Corelight's new Machine Learning and Anomaly Detection tools. We also dive into how you can optimize the machine learning settings to ensure your SOC remains focused on the most critical network threats. Check out this short video to see what these tools can do and to learn how they can help you in implementing your company's NDR plan.

Corelight's Virtual Resident - First Look

Discover Corelight's Virtual Resident tool! This video provides an overview of our new feature that serves as an AI-powered SOC assistant. This platform orchestrates specialized agents to query your SIEM and then return descriptions of threats, network evidence, and suggested next steps while maintaining the highest security standards. We provide a firsthand look at how adaptive playbooks and automated triaging can uncover hidden threats across an entire attack life cycle.

Using Agentic AI to Scale Threat Detection in Healthcare

For every human in a healthcare organization, there are 82 machine identities—service accounts, API keys, cloud functions, medical devices.2 That's the 82:1 ratio, and it means your team is fundamentally outnumbered. The Change Healthcare breach in 2024, which started with one unprotected Citrix credential and disrupted 40% of US claims processing,1 showed exactly what happens when that ratio goes unmanaged. The numbers back this up.