Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest posts

securonix

Analyzing Dead#Vax: Analyzing Multi-Stage VHD Delivery and Self-Parsing Batch Scripts to Deploy In-Memory Shellcode

Feb 4, 2026 By Akshay Gaikwad, Shikha Sangwan, Aaron Beardslee In Securonix
Securonix Threat Research has been tracking a stealthy malware campaign that uses an uncommon chain of VHD abuse, script-based execution, self-parsing batch logic, fileless PowerShell injections and ultimately dropping RAT. The attack leverages IPFS-hosted VHD files, extreme script obfuscation, runtime decryption, and in-memory shellcode injection into trusted Windows processes, never dropping a decrypted binary to disk.
Read Post
safeaeon

Passwordless Authentication: Where It Strengthens Security and Where It Doesn't

Feb 4, 2026 By SafeAeon Inc. In SafeAeon
Passwords are still used almost everywhere. People reuse and share their passwords without knowing the risks. Attackers take advantage of these situations. Phishing emails and malware are enough to steal a password, and this is how many security incidents start. The problem can be reduced using passwordless authentication. When passwords are removed from the login process, attackers would find it difficult to attack that device or account.
Read Post

Threat Intelligence: Hunt Agent

Feb 4, 2026 By CrowdStrike In CrowdStrike
Threat hunting no longer requires hours of manual research or specialized expertise. CrowdStrike Hunt Agent uses intelligence driven hunting guides and Charlotte AI to automatically detect and analyze suspicious activity in your environment. See how analysts gain instant expert insight prioritize real adversaries and uncover threats before they become incidents.
View Video
sentrium

Disclosure: SupportCandy Ticket Attachment IDOR (CVE-2026-1251)

Feb 4, 2026 By Theklis Stefani In Sentrium
During independent security research conducted as part of the Wordfence Bug Bounty Program, we identified a broken access control vulnerability in the SupportCandy plugin for WordPress. SupportCandy is a helpdesk and customer support ticketing plugin that enables organisations to manage user-submitted support requests directly within their WordPress environment, including the ability to upload files and exchange attachments through ticket replies.
Read Post

Dinari bridges traditional markets and digital assets - S2E09

Feb 4, 2026 By Persona In Persona
In this episode, we're excited to introduce Brandon Ooi, the COO of Dinari, a fintech innovator making compliant tokenized securities accessible to investors. Brandon co-founded Crunchyroll as its CTO and worked at Stripe as an engineer specializing in marketplace enterprises, bringing deep technical expertise and product leadership to the intersection of traditional finance and blockchain technology. Join us as we explore Brandon's journey from building beloved consumer platforms to pioneering the future of securities trading, and how Dinari is bridging the gap between traditional markets and digital assets.
View Video

Is your vendor data a source of insight-or just more noise?

Feb 4, 2026 By Bitsight In BitSight
For many risk and compliance leaders, the reality of Third-Party Risk Management (TPRM) is a mountain of disorganized spreadsheets, overflowing inboxes, and endless PDFs. When an audit is seven days away or the Board asks for a risk posture update, documentation overload becomes a liability. In this video, we explore the transition from vendor chaos to risk clarity. The Challenge.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.