Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Detectify AI-Researcher Alfred gets smarter with threat actor intelligence

Six months after launch, Alfred, the AI Agent that autonomously builds security tests, has revolutionized our workflow. Alfred has delivered over 450 validated tests against high-priority threats (average CVSS 8.5) with 70% requiring zero manual adjustment, allowing our human security researchers to concentrate on more complex, high-impact issues. Now, we’re elevating Alfred’s capabilities by integrating real-world threat actor intelligence directly into its core system.

Uncovering the Shadow AI Paradox

Does the world really need another study of shadow AI? That was my first thought going into this project. Reading dozens of previous reports did not change that impression: there's a lot of shadow AI out there, and a lot of reports saying so. But the more I read, the more apparent it became that something important was missing. This endless supply was not meeting what was actually in demand.

The Great Divide: Can the Desktop and Cloud Truly Coexist?

The cloud has transformed collaboration. Teams now share documents, slides, spreadsheets, and more in real time, without worrying about content silos or email chains (a hotspot for inefficient sharing). For most files, it’s seamless. But here’s the reality: Not all work lives comfortably in the cloud. Designers, video editors, engineers, and data scientists are just a few of the professionals who depend on desktop native apps to do their best work.

The Agentic OODA Loop: How AI and Humans Learn to Defend Together

Last week at the AI Security Summit, something profound happened. The first cohort of AI Security Engineers in the world earned their certification — a milestone that symbolized not just new skills, but a new mindset. For decades, security has been about control. Rules, gates, and policies that define what’s safe and what’s not. But the age of Agentic AI — systems that perceive, reason, act, and learn — is forcing us to evolve beyond static defenses.

ClickFix to NodeJS RAT: An Ominous Sign

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) have uncovered a cyber campaign that signals a concerning evolution in the threat landscape: the rise of the "LLM-Enabled Developer." In-depth analysis suggests the actor behind an ongoing ClickFix campaign leveraged publicly documented advanced attack chains, powered by AI-generated code, to deploy a less sophisticated, but capable Node.js RAT.

Malicious NPM Package Found Targeting GitHub By Typosquatting on GitHub Action Packages

The package states it is for the GitHub Actions Toolkit, which has a legitimate npm package @actions/artifact. Therefore this malware package is a clear typosquat with the swapping of the letters “ti” for “it”. We took a look at the “harness” binary as indicated in version 4.0.13.

Quantum Route Redirect: Anonymous Tool Streamlining Global Phishing Attack

KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s completely changing the game for cybercriminals—turning what used to be complex, technical phishing setups into simple one-click launches that can bypass certain technical controls. Welcome to the era of “Quantum Route Redirect.".

The 3-2-1-1-0 Backup Strategy Explained

Your backup system is supposed to be your safety net. It’s the insurance policy that lets you sleep at night knowing that even if disaster strikes, your business can recover. But there’s a problem: ransomware attackers know about your backups too. And they’re coming for them first. According to data shared in our recent webinar with Pellera, 89% of organizations that experienced ransomware attacks saw clear indications that attackers specifically targeted their backup infrastructure.

What Is a Dictionary Attack In Cyber Security? How To Detect & Prevent It?

Most people are aware of ways to ensure their online security, yet they often fail to implement them fully. A common guideline when signing up for an account on any website is to create a strong password; however, 65% of people reuse passwords across websites. Not just that, people use passwords that are easier to guess, like ‘123456’, ‘iloveyou’, ‘welcome’, and personal details. These passwords regularly appear in data breach leaks.