Ransomware Doesn't Need to Encrypt Anymore — And That's the Point
22% of ransomware incidents in 2026 involve no encryption at all. The threat model has shifted from disruption to silent exfiltration — and most defenses haven't caught up.
Security Research & Analysis
Offensive thinking.
Offensive thinking.
Defensive expertise.
In-depth red team research, blue team strategy — and privacy-first security tools that run entirely in your browser. No accounts. No telemetry. No data leaves your machine.
Featured
Latest research
Archive
Recent posts
CVE-2026-42897: Exchange Server Zero-Day Executes JavaScript Through Your Inbox
Microsoft's on-prem Exchange Server has an actively exploited XSS zero-day (CVSS 8.1). A single crafted email in OWA triggers arbitrary JavaScript — here's how it works and how to stop it.
$10 Million Ransom, Four Days of Peace, and Then the Login Page Changed
ShinyHunters breached Canvas LMS, stole 275 million students' data, took the ransom — and attacked again four days later. Here's who they are and why arrests haven't stopped them.
Unmasking TeamPCP: The Supply Chain Saboteurs and the Trails They Left Behind
TeamPCP has compromised hundreds of open-source packages and stolen half a million credentials. But their OPSEC is leaking — and someone is already hunting them.
YellowKey: The BitLocker Bypass Hidden in Windows Recovery
A researcher discovered a zero-day that bypasses BitLocker encryption on Windows 11 using a USB stick and the recovery environment — and suspects the component may be intentional.
500 Microsoft CVEs Later — We're Still Measuring Security Wrong
Microsoft patched 500+ vulnerabilities in five months. Linux ecosystems patched even more. So which is more secure? That's the wrong question — here's the metric that actually matters.
Shai-Hulud: The Open-Source GitHub Actions Token Harvester That Just Went Public
TeamPCP's Shai-Hulud is a TypeScript/Bun C2 framework targeting GitHub Actions CI/CD pipelines — it steals GitHub tokens, exfiltrates via a fake git domain, and has now been open-sourced for anyone to deploy.