Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads.

AI represents a fundamental shift in how organizations work and innovate. It demands an equally fundamental shift in how technology leaders approach governance. Forward-looking leaders are moving beyond traditional gatekeeping by creating "paved roads": secure, pre-approved pathways that embed security controls, automated data protections, and real-time monitoring directly into AI workflows so teams can innovate rapidly within safe boundaries.

As organizations scale Anthropic’s Claude model across their workforce, they need the same level of auditability around AI platform activity that they expect from every other enterprise application. A new integration with the Claude Compliance API brings Claude activity into the CrowdStrike Falcon platform to deliver real-time visibility, detection, and automated response for AI use.

Infostealers are among the most persistent and damaging strains of malware affecting individuals and organizations worldwide. These stealthy and malicious programs often go unnoticed, quietly infiltrating devices to steal sensitive data and relay it to cybercriminals. From session tokens and login credentials to financial information and browser-stored data, infostealers pose a grave risk to organizations.

The financial services industry is the fourth most-targeted sector globally, accounting for 12% of all observed activity. eCrime and nation-state adversaries spanning all motivations target these organizations due to their unique convergence of valuable assets, strategic intelligence, and geopolitical significance.

AI is introducing a new class of threats that don’t look like traditional attacks and can’t be detected with conventional tools. The AI applications that organizations deploy in the cloud interact with large language models (LLMs) through prompts and responses. This prompt layer has emerged as a new attack surface, where risks like prompt injection and sensitive data leakage can go unnoticed.

Last summer we introduced Automated Leads, a transformative approach to threat detection designed to surface the subtle signs of an attack before it turns into a full-blown breach. It’s powered by CrowdStrike Signal (distinct from SGNL) and delivered via the CrowdStrike Falcon platform. Since that launch, the goal has remained the same: to move beyond the limitations of traditional alerting and give analysts a head start on detecting the most sophisticated adversaries.

CrowdStrike has been named a Leader in the inaugural 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies and positioned furthest to the right in Completeness of Vision among all vendors evaluated. We believe this placement validates CrowdStrike as the platform of choice for threat intelligence and reflects our relentless innovation to provide organizations with the technology they need to understand, detect, and defend against modern adversaries.

CrowdStrike is excited to announce Falcon OverWatch for Defender, a new offering that extends our elite managed threat hunting to Microsoft Defender environments. The need for proactive threat hunting is increasingly urgent as adversary operations evolve: 82% of intrusions observed in 2025 were malware-free, the CrowdStrike 2026 Global Threat Report revealed, and the fastest eCrime breakout time was a mere 27 seconds. Adversaries using AI increased their attacks 89% year-over-year.

Every year, CrowdStrike Professional Services performs hundreds of Technical Risk Assessments (TRAs) across myriad industries, geographies, and business environments. These deep, hands-on reviews look at how security controls behave in production to evaluate the threats they see and block — and crucially, the threats they miss.