Research
DPRK Malware Modularity: Diversity and Functional Specialization
Explore the DPRK’s modular malware architecture. Analyze how North Korea uses compartmentalized toolchains for espionage, crypto theft, and strategic signaling.
Security Research for the Community
Recently Added
2026-04-01
Research
Exposure of TLS Private Key for Myclaw 360 in Qihoo 360 “Security Claw” AI Platform
DTI analysis of a leaked TLS private key from Qihoo 360's AI security platform, covering cryptographic validation, threat scenarios, and incident response.
2026-03-18
Research
Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026
Analysis of the Doppelgänger / RRN disinformation ecosystem. Learn how this DevOps-style infrastructure uses automated media impersonation, TLD rotation, and cloud-native hosting to target global audiences and evade enforcement.
2026-03-01
SecuritySnacks
SecuritySnack - OpenAI Anti-Ads Malware
Stay protected against the "ChatGPT Ad Blocker" malware. This investigation reveals how a malicious Chrome extension uses Discord webhooks to steal private ChatGPT conversations, prompts, and metadata.
2026-03-26
SecuritySnacks
SecuritySnack - CloudFlare Anti-Security For Phishing
A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.
2026-03-11
Newsletters
Fourteen Newsletters and Fifteen Winters
Learn how Lotus Blossom (G0030) weaponized Notepad++ updates. Plus, a deep dive into 250+ crypto scam domains and upcoming BSides San Francisco sessions.
2026-03-05
Newsletters
Thirteen Silver Newsletters
DomainTools Investigations kicks off 2026 with deep dives into the KnownSec leak exposing China's cyberespionage ecosystem, predatory online gambling apps, and a phishing campaign weaponizing fake job interviews.
2026-02-05
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
2025-04-16
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
2024-05-01
Research
DPRK Malware Modularity: Diversity and Functional Specialization
Explore the DPRK’s modular malware architecture. Analyze how North Korea uses compartmentalized toolchains for espionage, crypto theft, and strategic signaling.
Research
Exposure of TLS Private Key for Myclaw 360 in Qihoo 360 “Security Claw” AI Platform
DTI analysis of a leaked TLS private key from Qihoo 360's AI security platform, covering cryptographic validation, threat scenarios, and incident response.
Research
Doppelgänger / RRN Disinformation Infrastructure Ecosystem 2026
Analysis of the Doppelgänger / RRN disinformation ecosystem. Learn how this DevOps-style infrastructure uses automated media impersonation, TLD rotation, and cloud-native hosting to target global audiences and evade enforcement.
SecuritySnacks
SecuritySnack - OpenAI Anti-Ads Malware
Stay protected against the "ChatGPT Ad Blocker" malware. This investigation reveals how a malicious Chrome extension uses Discord webhooks to steal private ChatGPT conversations, prompts, and metadata.
SecuritySnacks
SecuritySnack - CloudFlare Anti-Security For Phishing
A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.
SecuritySnacks
Cybersecurity Reading List - Week of 2026-03-02
A broken snowblower belt taught me something cybersecurity professionals often forget — saying "I don't know" isn't failure. It's where the real work begins.
Newsletters
Fourteen Newsletters and Fifteen Winters
Learn how Lotus Blossom (G0030) weaponized Notepad++ updates. Plus, a deep dive into 250+ crypto scam domains and upcoming BSides San Francisco sessions.
Newsletters
Thirteen Silver Newsletters
DomainTools Investigations kicks off 2026 with deep dives into the KnownSec leak exposing China's cyberespionage ecosystem, predatory online gambling apps, and a phishing campaign weaponizing fake job interviews.
Newsletters
Rainy Day Newsletter #12 (but not 35)
Explore how agentic AI accelerates threat hunting by 10x, a deep dive into APT35’s internal operations, and B2B2C supply chain attacks in the DTI December newsletter.
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
