%term

From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services

Jun 2, 2026 By Arctic Wolf Labs In Arctic Wolf

In our previous post, Token Bingo: Don’t Let Your Code Be the Winner, we documented Kali365, a phishing-as-a-service (PhaaS) kit abusing Microsoft’s OAuth 2.0 device authorization flow to steal Entra ID tokens. In this follow-up report, we track the same operator into new territory as they expand their operation and infrastructure.

Read Post

Arctic Wolf

Read more about From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services

Arctic Wolf Product Updates: May 2026

Jun 1, 2026 By Arctic Wolf In Arctic Wolf

Security teams are being asked to operate at machine speed while still making decisions they can trust. Attackers move faster. Exposure changes continuously. Manual workflows struggle to keep up. Following the recent announcement of the Aurora Superintelligence Platform and Aurora Agentic SOC, Arctic Wolf continues to advance its portfolio with new capabilities that help teams see risk clearly, prioritize what matters, and act with confidence.

Read Post

Arctic Wolf

Read more about Arctic Wolf Product Updates: May 2026

How Aurora Managed Endpoint Defense Combines Experts and Technology to Simplify Security

Jun 1, 2026 By Arctic Wolf Networks In Arctic Wolf

In this demo, Aurora Managed Endpoint Defense shows how human expertise and EDR work together to rapidly detect, investigate, and respond to threats; giving customers stronger protection, faster results, and improved security posture.

View Video

Arctic Wolf

Read more about How Aurora Managed Endpoint Defense Combines Experts and Technology to Simplify Security

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

May 27, 2026 By Arctic Wolf Labs In Arctic Wolf

In May 2026, Arctic Wolf observed a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer. We named this payload EKZ Infostealer, based on internal symbol names extracted from decrypted code.

Read Post

Arctic Wolf

Read more about FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

How Aurora Vulnerability Management Provides Asset Visibility, Risk Prioritization, and Remediation

May 23, 2026 By Arctic Wolf Networks In Arctic Wolf

In this demo, we will see how Aurora Vulnerability Management helps organizations discover and categorize assets, prioritize risks, and take action to remediate and patch vulnerabilities.

View Video

Arctic Wolf

Read more about How Aurora Vulnerability Management Provides Asset Visibility, Risk Prioritization, and Remediation

How Arctic Wolf Aurora Mobile Threat Defense Protects the Mobile Attack Surface

May 21, 2026 By Arctic Wolf Networks In Arctic Wolf

How Arctic Wolf Aurora Mobile Threat Defense secures the full mobile attack surface—devices, apps, networks, phishing, and privacy—in one unified platform. This demo highlights real‑time visibility, actionable insights, and automated response to reduce mobile risk.

View Video

Arctic Wolf

Read more about How Arctic Wolf Aurora Mobile Threat Defense Protects the Mobile Attack Surface

How AI Is Transforming Detection Engineering

May 20, 2026 By Joshua Riccio In Arctic Wolf

One of the most important shifts AI enables in detection engineering is changing where engineers spend their time. Traditionally, a significant portion of detection development effort is consumed by implementation details: writing complex SQL queries, building enrichment pipelines, handling edge cases, tuning rule logic, writing tests, documenting detections, and repeatedly iterating on detection logic. Those tasks are necessary, but they are also time-consuming.

Read Post

Arctic Wolf

Read more about How AI Is Transforming Detection Engineering

Arctic Wolf: A Higher Standard

May 20, 2026 By Arctic Wolf Networks In Arctic Wolf

Powering modern security operations with AI is no longer optional. It’s essential. The Aurora Superintelligence Platform is built for the AI era, combining specialized AI agents, real-world security data, and human expertise to deliver outcomes security teams can trust. At its core, the Swarm of Experts, Security Operations Graph, and AI Trust Engine work together to drive faster detection, more accurate investigations, and more decisive response across the attack surface.

View Video

Arctic Wolf

Read more about Arctic Wolf: A Higher Standard

How to Use Aurora Security Assistant for Deeper Security Expertise and Content

May 19, 2026 By Arctic Wolf Networks In Arctic Wolf

In this demo, we will look at three different use cases for the Aurora Security Assistant including general security knowledge, deeper ticket context and quick answers around self-service and product documentation.

View Video

Arctic Wolf

Read more about How to Use Aurora Security Assistant for Deeper Security Expertise and Content

Accelerating Cloud Security Outcomes Together: Why Arctic Wolf and Wiz are Redefining What's Possible

May 18, 2026 By Sean Phillips In Arctic Wolf

Across every industry, one thing has become abundantly clear: Cloud security has never been more critical, nor more complex. Organizations are scaling cloud environments faster than ever, but the explosion of identities, configurations, and services has created an attack surface that traditional approaches simply can’t keep up with. Teams are drowning in alerts, struggling to identify which issues matter, and facing increasing pressure to respond to threats with limited resources.

Read Post

Arctic Wolf

Read more about Accelerating Cloud Security Outcomes Together: Why Arctic Wolf and Wiz are Redefining What's Possible

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services

Arctic Wolf Product Updates: May 2026

How Aurora Managed Endpoint Defense Combines Experts and Technology to Simplify Security

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

How Aurora Vulnerability Management Provides Asset Visibility, Risk Prioritization, and Remediation

How Arctic Wolf Aurora Mobile Threat Defense Protects the Mobile Attack Surface

How AI Is Transforming Detection Engineering

Arctic Wolf: A Higher Standard

How to Use Aurora Security Assistant for Deeper Security Expertise and Content

Accelerating Cloud Security Outcomes Together: Why Arctic Wolf and Wiz are Redefining What's Possible

Monthly Archive

Follow Us