Security Research for the Community

Recently Added

Research
Threat Intelligence Report: The Pro-Iran Hacktivist Ecosystem 2026

Moving beyond traditional state-centric APT structures, the pro-Iran coalition of jihadist-aligned collectives, nationalist actors, and opportunistic groups coordinates via Telegram to turn low-cost cyber operations into high-impact psychological warfare. While individual actors primarily rely on technically unsophisticated tradecraft like DDoS-for-hire tools, website defacements, and recycled breach data, their strategic strength lies in speed, visibility, and rapid mobilization alongside real-world kinetic events.

2026-07-09
Research
Threat Intelligence Report: Nation-State Targeting of Water Systems 2024–2026

DTI reveals how Russia, China, and Iran are exploiting weak OT security and internet-facing PLCs to target critical water and wastewater infrastructure. From Volt Typhoon's strategic pre-positioning to Sandworm-adjacent sabotage, discover the primary TTPs, vulnerabilities, and MITRE ATT&CK mappings reshaping modern hybrid warfare.

2026-06-25
2026-06-16
SecuritySnacks
Cybersecurity Reading List - Week of 2026-06-01

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

2026-06-01
SecuritySnacks
SecuritySnack - Hijacking Corporate Sessions

A sophisticated AiTM phishing kit bypassing traditional MFA to steal Microsoft 365 session cookies. Get the full breakdown and IOCs.

2026-06-01
Newsletters
Eighteen Newsletters and a Dozen Roses
June’s roundup of research - from cyberattacks on water infrastructure OT and ICS to DNS hijacking and an AiTM campaign targeting Microsoft365 users.
Learn More
2026-07-09
Newsletters
Edge of Seventeen (Newsletters)
Learn More
2026-06-04
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Learn More
2025-04-16
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
Learn More
2024-05-01

Research

View All
Research
Threat Intelligence Report: The Pro-Iran Hacktivist Ecosystem 2026

Moving beyond traditional state-centric APT structures, the pro-Iran coalition of jihadist-aligned collectives, nationalist actors, and opportunistic groups coordinates via Telegram to turn low-cost cyber operations into high-impact psychological warfare. While individual actors primarily rely on technically unsophisticated tradecraft like DDoS-for-hire tools, website defacements, and recycled breach data, their strategic strength lies in speed, visibility, and rapid mobilization alongside real-world kinetic events.

Learn More
Research
Threat Intelligence Report: Nation-State Targeting of Water Systems 2024–2026

DTI reveals how Russia, China, and Iran are exploiting weak OT security and internet-facing PLCs to target critical water and wastewater infrastructure. From Volt Typhoon's strategic pre-positioning to Sandworm-adjacent sabotage, discover the primary TTPs, vulnerabilities, and MITRE ATT&CK mappings reshaping modern hybrid warfare.

Learn More

SecuritySnacks

View All
SecuritySnacks
SecuritySnack - Hijacking Corporate Sessions

A sophisticated AiTM phishing kit bypassing traditional MFA to steal Microsoft 365 session cookies. Get the full breakdown and IOCs.

Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-05-04

Systems thinking, biolistics, and the danger of mop-up science in infosec — plus this month's reading on ransomware, RPKI exploits, cPanel, and LLM pollution.

Learn More

Newsletters

View All
Newsletters
Eighteen Newsletters and a Dozen Roses
June’s roundup of research - from cyberattacks on water infrastructure OT and ICS to DNS hijacking and an AiTM campaign targeting Microsoft365 users.
Learn More
Newsletters
Sixteen going on Seventeen Newsletters
DPRK's modular malware portfolio, Iran's MOIS-linked Handala/Homeland Justice/Karma persona ecosystem, and a fake Authenticator Chrome extension dissected.
Learn More