Skip to main content

Security Research

for the Community

Recently Added

Research
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem

Leaked Knownsec documents reveal China’s cyberespionage ecosystem. Analyze TargetDB, GhostX, and 404 Lab’s role in global reconnaissance and critical infrastructure targeting.

Learn More
2026-01-09
Research
The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation

APT35/Charming Kitten's leaked documents expose the financial machinery behind state-sponsored hacking. Learn how bureaucracy, crypto micro-payments, and administrative ledgers sustain Iranian cyber operations and link them to Moses Staff.

Learn More
2025-12-16
SecuritySnacks
Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More
2026-01-21
SecuritySnacks
Cybersecurity Reading List - Week of 2026-01-05

Commentary followed by links to cybersecurity articles that caught our interest internally.

Learn More
2026-01-05
Newsletters
Rainy Day Newsletter #12 (but not 35)
Explore how agentic AI accelerates threat hunting by 10x, a deep dive into APT35’s internal operations, and B2B2C supply chain attacks in the DTI December newsletter.
Learn More
2026-01-08
Newsletters
Newsletter 11 Could Take Forever
Dive into DomainTools Investigations' latest threat intel! Read our 3-part series on China's Great Firewall leak and an analysis of APT35 (Charming Kitten) campaigns targeting the Middle East and Korea, focusing on Exchange attacks. Get the intelligence you need!
Learn More
2025-12-04
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Learn More
2025-04-16
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
Learn More
2024-05-01
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Research
SecuritySnacks
Newsletters
Podcast Episodes
No items found.

Research

View All
Research
THE KNOWNSEC LEAK: Yet Another Leak of China’s Contractor-Driven Cyber-Espionage Ecosystem

Leaked Knownsec documents reveal China’s cyberespionage ecosystem. Analyze TargetDB, GhostX, and 404 Lab’s role in global reconnaissance and critical infrastructure targeting.

Learn More
Research
The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence Operation

APT35/Charming Kitten's leaked documents expose the financial machinery behind state-sponsored hacking. Learn how bureaucracy, crypto micro-payments, and administrative ledgers sustain Iranian cyber operations and link them to Moses Staff.

Learn More
Research
Chinese Malware Delivery Domains Part IV

Chinese Malware Delivery Domains Part IV uncovers 1,900+ new sites targeting Chinese-speaking users. Get a deep dive into infrastructure, TTPs, and AI-powered threat analysis.

Learn More

SecuritySnacks

View All
SecuritySnacks
Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-01-05

Commentary followed by links to cybersecurity articles that caught our interest internally.

Learn More
SecuritySnacks
B2B2C Supply Chain Attack: Hotel’s Booking Accounts Compromised to Target Customers

New B2B2C supply chain attack targets Booking.com customers. Attackers are compromising hotel accounts to send & "verify or cancel" phishing messages with dynamic booking data. Learn how to spot these fake domains and protect your payment info.

Learn More

Newsletters

View All
Newsletters
Rainy Day Newsletter #12 (but not 35)
Explore how agentic AI accelerates threat hunting by 10x, a deep dive into APT35’s internal operations, and B2B2C supply chain attacks in the DTI December newsletter.
Learn More
Newsletters
Newsletter 11 Could Take Forever
Dive into DomainTools Investigations' latest threat intel! Read our 3-part series on China's Great Firewall leak and an analysis of APT35 (Charming Kitten) campaigns targeting the Middle East and Korea, focusing on Exchange attacks. Get the intelligence you need!
Learn More
Newsletters
Tenth Newsletter Freeze-Out
Cybersecurity deep dive: NPM Phishing, Crypto Scams, & 18+ E-Crime analysis. Get expert research on supply chain attacks, wallet drain schemes, and trojans targeting social media. Plus, BSides NoVa recap & top reading list.
Learn More

Podcast Episodes

View All
Podcast episodes
How Russian Disinformation Campaigns Exploit Domain Registrars and AI
The Breaking Badness Cybersecurity Podcast discusses research from the DomainTools Investigations team on Russian Disinformation
Learn More
Podcast episodes
Book Club with Dmitri Alperovitch
Discussing Dmitri's new book, World on the Brink: How America Can Beat China in the Race for the 21st Century.
Learn More
Podcast episodes
Call to ARMs
Palo Alto’s latest findings on Bifrost along with the rise of laid off tech workers turning to cybercrime.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.