Threat Research​

  • The art of the invisible key: Passkey global breakthrough

    The art of the invisible key: Passkey global breakthrough

    Introduction Passkeys now protects billions of accounts, redefining how the world signs in through stronger, more secure authentication without a password. Yet this global movement runs deeper...

    Read Blog

  • 2025 Gartner® Magic Quadrant™ for Privileged Access Management

    View the Report
  • CVE-2025-60021 (CVSS 9.8): command injection in Apache bRPC heap profiler

    CVE-2025-60021 (CVSS 9.8): command injection in Apache bRPC heap profiler

    This research is published following the public release of a fix and CVE, in accordance with coordinated vulnerability disclosure best practices. CVE‑2025‑60021, a critical command injection issue...

    Read Blog
  • UNO reverse card: stealing cookies from cookie stealers

    UNO reverse card: stealing cookies from cookie stealers

    Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. In the case of StealC, the thin line between attacker and victim turned out to be...

    Read Blog
  • Ponemon Institute Trends in PKI Security: A Global Study of Trends, Challenges & Business Impact

    Ponemon Institute Trends in PKI Security: A Global Study of Trends, Challenges & Business Impact

    New global Ponemon study quantifies PKI risk, outages, and operational strain revealing why PKI modernization is now a business priority.

    Read More
  • Inside CyberArk Labs: the evolving risks in AI, browsers and OAuth

    Inside CyberArk Labs: the evolving risks in AI, browsers and OAuth

    In 2025, we saw attackers get bolder and smarter, using AI to amplify old tricks and invent new ones. The reality is, innovation cuts both ways. If you have tools, AI is going to make...

    Read Blog
  • Racing and Fuzzing HTTP/3: Open-sourcing QuicDraw(H3)

    Racing and Fuzzing HTTP/3: Open-sourcing QuicDraw(H3)

    This blog post provides a dive into HTTP/3’s evolution for security engineers, an overview of our research journey, and what led us to develop the open-source tool QuicDraw, which can be used for...

    Read Blog
  • Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Do you know why Shai-Hulud should raise your hackles? Unless you’ve spent time on Arrakis in Frank Herbert’s Dune or the npm ecosystem this month, the name Shai-Hulud might not ring a bell. In...

    Read Blog
  • Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

    Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

    A sprawling cyber campaign is turning gamers’ hunger to gain an edge into a massive payday for threat actors who are leveraging over 250 malware samples to steal credentials and cryptocurrencies....

    Read Blog
  • Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

    Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

    Introduction Not too long ago I read an interesting blogpost by SpecterOps about Microsoft EPM that got my attention as I was not aware of this Microsoft product/feature. It was interesting to...

    Read Blog
  • Identity Security in 2025 Top Trends from 2,600 Security Decision-Makers32:55

    Identity Security in 2025 Top Trends from 2,600 Security Decision-Makers

    CyberArk Chief Strategy Officer Clarence Hinton explores trends, market dynamics and other issues shaping the 2025 identity security landscape.

    Watch Video
  • Securing the Rise of Agentic AI: Insights from CyberArk Labs34:23

    Securing the Rise of Agentic AI: Insights from CyberArk Labs

    Discover AI's risks and rewards in this CyberArk Labs webinar with real attacks, insights and tips for IT security leaders.

    Watch Video
  • Reimagining Access Management The Threat Landscape6:49

    Reimagining Access Management The Threat Landscape

    Lavi Lazarovitz reveals how attackers target identity systems—and why it’s time to rethink access management in today’s evolving threat landscape.

    Watch Video
  • ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    Understanding the ‘Plague’ Pluggable Authentication Module (PAM*) backdoor in Linux systems ‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional...

    Read Blog
  • Scattered Spider Tactics Revealed45:55

    Scattered Spider Tactics Revealed

    CyberArk experts uncover Scattered Spider’s latest identity attacks and review how to detect threats and defend against privilege abuse.

    Watch Video
  • C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware...

    Read Blog
  • Organizations Largely Unprepared to Manage 47-Day TLS Certificates

    Organizations Largely Unprepared to Manage 47-Day TLS Certificates

    This research report reveals how IT and security leaders are thinking about shortening TLS certificate lifespans and 47-day certificate management.

    Read More
  • Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...

    Read Blog
  • Poison everywhere: No output from your MCP server is safe

    Poison everywhere: No output from your MCP server is safe

    The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or...

    Read Blog
  • AI, Human Behavior and the Identity Security Risks You Can’t Ignore33:53

    AI, Human Behavior and the Identity Security Risks You Can’t Ignore

    Learn about identity security trends from the CyberArk 2025 Identity Security Landscape Report and risk reduction guidance.

    Watch Video
  • Unlocking New Jailbreaks with AI Explainability

    Unlocking New Jailbreaks with AI Explainability

    TL;DR In this post, we introduce our “Adversarial AI Explainability” research, a term we use to describe the intersection of AI explainability and adversarial attacks on Large Language Models...

    Read Blog
  • loading
    Loading More...
Load More