Skip to main content

Security Research

for the Community

Recently Added

Research
Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign

How Lotus Blossom (G0030) compromised the Notepad++ update pipeline in a precision supply-chain espionage campaign targeting high-value organizations.

Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign
Learn More
Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign
2026-02-11
Research
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem

Leaked Knownsec documents reveal China’s cyberespionage ecosystem. Analyze TargetDB, GhostX, and 404 Lab’s role in global reconnaissance and critical infrastructure targeting.

THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem
Learn More
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem
2026-01-09
SecuritySnacks
Cybersecurity Reading List - Week of 2026-02-02

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

Cybersecurity Reading List - Week of 2026-02-02
Learn More
Cybersecurity Reading List - Week of 2026-02-02
2026-02-02
SecuritySnacks
SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.

SecuritySnack: Phishing Interviews
Learn More
SecuritySnack: Phishing Interviews
2026-01-30
Newsletters
Thirteen Silver Newsletters
DomainTools Investigations kicks off 2026 with deep dives into the KnownSec leak exposing China's cyberespionage ecosystem, predatory online gambling apps, and a phishing campaign weaponizing fake job interviews.
Learn More
Thirteen Silver Newsletters
2026-02-05
Newsletters
Rainy Day Newsletter #12 (but not 35)
Explore how agentic AI accelerates threat hunting by 10x, a deep dive into APT35’s internal operations, and B2B2C supply chain attacks in the DTI December newsletter.
Learn More
Rainy Day Newsletter #12 (but not 35)
2026-01-08
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Learn More
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
2025-04-16
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
Learn More
Book Club with Dmitri Alperovitch
2024-05-01
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Research
Research
SecuritySnacks
SecuritySnacks
Newsletters
Newsletters
Podcast Episodes
Podcast Episodes
No items found.

Research

View All
Research
Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign

How Lotus Blossom (G0030) compromised the Notepad++ update pipeline in a precision supply-chain espionage campaign targeting high-value organizations.

Learn More
Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign
Research
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem

Leaked Knownsec documents reveal China’s cyberespionage ecosystem. Analyze TargetDB, GhostX, and 404 Lab’s role in global reconnaissance and critical infrastructure targeting.

Learn More
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem
Research
The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation

APT35/Charming Kitten's leaked documents expose the financial machinery behind state-sponsored hacking. Learn how bureaucracy, crypto micro-payments, and administrative ledgers sustain Iranian cyber operations and link them to Moses Staff.

Learn More
The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation

SecuritySnacks

View All
SecuritySnacks
Cybersecurity Reading List - Week of 2026-02-02

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

Learn More
Cybersecurity Reading List - Week of 2026-02-02
SecuritySnacks
SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.

Learn More
SecuritySnack: Phishing Interviews
SecuritySnacks
Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More
Pay to Lose: Dubious Online Gambling Games

Newsletters

View All
Newsletters
Thirteen Silver Newsletters
DomainTools Investigations kicks off 2026 with deep dives into the KnownSec leak exposing China's cyberespionage ecosystem, predatory online gambling apps, and a phishing campaign weaponizing fake job interviews.
Learn More
Thirteen Silver Newsletters
Newsletters
Rainy Day Newsletter #12 (but not 35)
Explore how agentic AI accelerates threat hunting by 10x, a deep dive into APT35’s internal operations, and B2B2C supply chain attacks in the DTI December newsletter.
Learn More
Rainy Day Newsletter #12 (but not 35)
Newsletters
Newsletter 11 Could Take Forever
Dive into DomainTools Investigations' latest threat intel! Read our 3-part series on China's Great Firewall leak and an analysis of APT35 (Charming Kitten) campaigns targeting the Middle East and Korea, focusing on Exchange attacks. Get the intelligence you need!
Learn More
Newsletter 11 Could Take Forever

Podcast Episodes

View All
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Learn More
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
Learn More
Podcast episodes
Call to ARMs
Palo Alto’s latest findings on Bifrost along with the rise of laid off tech workers turning to cybercrime.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.