Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike

How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed

Apr 6, 2026 By Rona Kedmi In CrowdStrike
When a new vulnerability is disclosed, security leaders want to know whether they’re exposed. In many organizations, the answer still depends on scan cycles that lag behind exposure — an architectural delay. Adversaries are moving faster: The average eCrime breakout time fell to 29 minutes in 2025, and the fastest was only 27 seconds, the CrowdStrike 2026 Global Threat Report found.
Read Post
CrowdStrike

Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs

Apr 6, 2026 By CrowdStrike In CrowdStrike
The Claude Mythos Preview matters for every enterprise. Frontier models raise the ceiling for both offense and defense. Our job is to make sure defenders hold the advantage. That is what we have always done. That is what we do today. Today, CrowdStrike is a founding member of Project Glasswing. Anthropic builds the model. CrowdStrike secures AI where it executes. That’s the division of labor the industry needs.
Read Post

Can an Attack Start Without Malware? 82% of Attacks Do

Apr 2, 2026 By CrowdStrike In CrowdStrike
What looks like a simple coding task can quickly turn into a real cyberattack. In this demo, we show how a modern malware-free attack works step by step. It starts with something that feels completely normal: a job interview and a small coding assignment. No suspicious files. No obvious malware. But once the script is executed, everything changes. You’ll see how adversaries use trusted tools like Git, Notepad, and Python to gain access, establish command and control, and move inside an environment without being detected at first.
View Video
CrowdStrike

Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management

Apr 1, 2026 By Dr. Beth Williams In CrowdStrike
Microsoft has announced the retirement of the Windows UEFI CA 2011 certificate and the transition to the Windows UEFI CA 2023 certificate, with hard enforcement beginning in 2026. This update is part of Microsoft’s ongoing effort to preserve the integrity of the Windows Secure Boot trust chain and ensure continued delivery of boot-level security updates. For enterprise IT teams, this is not simply a certificate replacement.
Read Post
CrowdStrike

STARDUST CHOLLIMA Likely Compromises Axios npm Package

Apr 1, 2026 By Counter Adversary Operations In CrowdStrike
On March 31, 2026, a threat actor used stolen maintainer credentials to compromise the widely used HTTP client library Axios Node Package Manager (npm) package and deploy platform-specific ZshBucket variants. CrowdStrike Counter Adversary Operations attributes this activity to STARDUST CHOLLIMA with moderate confidence based on the adversary’s deployment of updated variants of ZshBucket (malware uniquely attributed to STARDUST CHOLLIMA) and overlaps with known STARDUST CHOLLIMA infrastructure.
Read Post

Outpacing Modern Adversaries with the CrowdStrike Agentic SOC

Mar 31, 2026 By CrowdStrike In CrowdStrike
Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.