Threat Research​

  • Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Do you know why Shai-Hulud should raise your hackles? Unless you’ve spent time on Arrakis in Frank Herbert’s Dune or the npm ecosystem this month, the name Shai-Hulud might not ring a bell. In...

    Read Blog

  • CyberArk Named a Leader in the 2024 Gartner® Magic Quadrant™ for Privileged Access Management – again.

    View the Report
  • Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

    Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

    A sprawling cyber campaign is turning gamers’ hunger to gain an edge into a massive payday for threat actors who are leveraging over 250 malware samples to steal credentials and cryptocurrencies....

    Read Blog
  • Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

    Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

    Introduction Not too long ago I read an interesting blogpost by SpecterOps about Microsoft EPM that got my attention as I was not aware of this Microsoft product/feature. It was interesting to...

    Read Blog
  • Identity Security in 2025 Top Trends from 2,600 Security Decision-Makers32:55

    Identity Security in 2025 Top Trends from 2,600 Security Decision-Makers

    CyberArk Chief Strategy Officer Clarence Hinton explores trends, market dynamics and other issues shaping the 2025 identity security landscape.

    Watch Video
  • Securing the Rise of Agentic AI: Insights from CyberArk Labs34:23

    Securing the Rise of Agentic AI: Insights from CyberArk Labs

    Discover AI's risks and rewards in this CyberArk Labs webinar with real attacks, insights and tips for IT security leaders.

    Watch Video
  • Reimagining Access Management The Threat Landscape6:49

    Reimagining Access Management The Threat Landscape

    Lavi Lazarovitz reveals how attackers target identity systems—and why it’s time to rethink access management in today’s evolving threat landscape.

    Watch Video
  • ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    Understanding the ‘Plague’ Pluggable Authentication Module (PAM*) backdoor in Linux systems ‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional...

    Read Blog
  • Scattered Spider Tactics Revealed45:55

    Scattered Spider Tactics Revealed

    CyberArk experts uncover Scattered Spider’s latest identity attacks and review how to detect threats and defend against privilege abuse.

    Watch Video
  • C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware...

    Read Blog
  • Organizations Largely Unprepared to Manage 47-Day TLS Certificates

    Organizations Largely Unprepared to Manage 47-Day TLS Certificates

    This research report reveals how IT and security leaders are thinking about shortening TLS certificate lifespans and 47-day certificate management.

    Read More
  • Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...

    Read Blog
  • Poison everywhere: No output from your MCP server is safe

    Poison everywhere: No output from your MCP server is safe

    The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or...

    Read Blog
  • AI, Human Behavior and the Identity Security Risks You Can’t Ignore33:53

    AI, Human Behavior and the Identity Security Risks You Can’t Ignore

    Learn about identity security trends from the CyberArk 2025 Identity Security Landscape Report and risk reduction guidance.

    Watch Video
  • Unlocking New Jailbreaks with AI Explainability

    Unlocking New Jailbreaks with AI Explainability

    TL;DR In this post, we introduce our “Adversarial AI Explainability” research, a term we use to describe the intersection of AI explainability and adversarial attacks on Large Language Models...

    Read Blog
  • Pre-Mortem: AI Agents and the Next Major Breach26:50

    Pre-Mortem: AI Agents and the Next Major Breach

    In this keynote with CyberArk’s Lavi Lazarovitz, learn how AI agents expose new threats and what organizations can learn from these insights.

    Watch Video
  • Agents Under Attack: Threat Modeling Agentic AI

    Agents Under Attack: Threat Modeling Agentic AI

    Introduction The term “Agentic AI” has recently gained significant attention. Agentic systems are set to fulfill the promise of Generative AI—revolutionizing our lives in unprecedented ways. While...

    Read Blog
  • Captain MassJacker Sparrow: Uncovering the Malware’s Buried Treasure

    Captain MassJacker Sparrow: Uncovering the Malware’s Buried Treasure

    Cryptojacking malware—a type of malware that tries to steal cryptocurrencies from users on infected machines. Curiously, this kind of malware isn’t nearly as famous as ransomware or even...

    Read Blog
  • Let’s Be Authentik: You Can’t Always Leak ORMs

    Let’s Be Authentik: You Can’t Always Leak ORMs

    Introduction Identity providers (IdPs) or Identity and Access Management (IAM) solutions are essential for implementing secure and efficient user authentication and authorization in every...

    Read Blog
  • How Secure Is Your OAuth? Insights from 100 Websites

    How Secure Is Your OAuth? Insights from 100 Websites

    You might not recognize the term “OAuth,” otherwise known as Open Authorization, but chances are you’ve used it without even realizing it. Every time you log into an app or website using Google,...

    Read Blog
  • The US Treasury Dept Breach: Analysis of the Attack43:10

    The US Treasury Dept Breach: Analysis of the Attack

    Watch this CyberArk Labs webinar for an in-depth analysis of the Dec. 2024 U.S. Treasury cyberattack, its causes and mitigation strategies.

    Watch Video
  • loading
    Loading More...
Load More