BlueVoyant Ignites the Next Era of Cyber Defence with Launch of BlueVoyant AI
Introducing the leading AI-native SecOps platform built for both managed and self-service SOCs - delivering autonomous speed, precision, and control at scale.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
AI Data Security
Every enterprise security leader is being asked the same question in 2026: what do you use to protect sensitive data when AI has put it in constant motion?
How BlueVoyant's ASIM-First Strategy Simplifies Threat Detection in Microsoft Sentinel
Earlier this year, BlueVoyant adopted a new detection strategy built on the Advanced Security Information Model (ASIM). For those unfamiliar, ASIM is Microsoft's normalisation layer that standardises log data across products into consistent schemas. Our approach is simple: The result? Dramatically faster use case development and cleaner, more maintainable detection logic.
How Replicating Marauder Rewired the Supply Chain Playbook
In March 2026, researchers began linking a series of software supply-chain compromises to Replicating Marauder, the BlueVoyant Threat Fusion Cell (TFC) primary identifier for the actor publicly tracked elsewhere as TeamPCP. What made the campaign stand out was that trusted software was poisoned and one compromise repeatedly appeared to enable the next by exposing credentials, release paths, or Continuous Integration and Continuous Delivery or Deployment (CI/CD) trust relationships.
BlueVoyant Strengthens Cyber Defence for ODEON Cinemas Group Across Eight Countries
BlueVoyant announces that it has partnered with ODEON Cinemas Group (OCG), Europe's largest cinema operator, to unify and modernise its security operations across eight countries. The collaboration delivers 24/7 protection, rapid incident response, and enhanced visibility into thirdparty risk, significantly reducing operational noise and strengthening OCG's overall cyber resilience.
John Hernandez Joins BlueVoyant as CEO to Accelerate AI-Driven Cybersecurity Platform and Global Growth
Hernandez brings decades of cybersecurity leadership and experience scaling enterprise software platforms, positioning the company for continued growth.
Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor
BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) security researchers have been tracking an emerging, rapidly maturing threat group conducting a global SEO-poisoning campaign that distributes trojanized Microsoft Teams installers. These installers ultimately deploy a multi-stage shellcode loader and backdoor BlueVoyant has designated Lorem Ipsum.
The OtterCookie Matryoshka
Over the past month, the cybersecurity community has published isolated reports detailing disparate attacks by the North Korean state-aligned threat group Shifty Corsair (also known as FAMOUS CHOLLIMA). While individual vendors have documented specific supply chain poisons or targeted spear-phishing campaigns, the Threat Fusion Cell (TFCTI) at BlueVoyant has synthesized these findings to reveal a much larger, coordinated offensive.
Featured Post
Iranian Cyber Threats, Geopolitics and the New Cyber Reality
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the National Cyber Security Centre (NCSC) have all issued warnings about the growing risk of cyber activity attributed to Iranian-aligned actors. Their message is clear: the geopolitical situation is volatile, and organisations should assume they may be in scope for retaliation. The agencies all highlight similar weaknesses being repeatedly exploited: unpatched vulnerabilities, weak identity controls, and exposed remoteaccess services.
Using Agentic AI to Scale Threat Detection in Healthcare
For every human in a healthcare organization, there are 82 machine identities—service accounts, API keys, cloud functions, medical devices.2 That's the 82:1 ratio, and it means your team is fundamentally outnumbered. The Change Healthcare breach in 2024, which started with one unprotected Citrix credential and disrupted 40% of US claims processing,1 showed exactly what happens when that ratio goes unmanaged. The numbers back this up.