Insights into how detection holds up in real environments and how changing attacker tactics impact your team’s response capabilities.
July 7, 2026
7/7/2026
—
Lucie Cardiet
and
VECT and TeamPCP: The Ransomware Kill Chain, Reversed
TeamPCP collected 500,000+ cloud credentials from CI/CD pipelines before anyone was targeted. VECT used that archive to select ransomware victims. Why your exposure may already be determined.
The FBI wrote down the Scattered Spider playbook, and it starts with a phone call
An FBI complaint against a Scattered Spider member documents a full help-desk attack: vishing, an MFA reset, ngrok exfiltration, and why authentication succeeded at every step.
FortiBleed exposed valid logins for 86,644 Fortinet firewalls. No CVE, nothing to patch. Why a working login slips past prevention, and where to catch it.