GachiLoader adopts AI skill lure
AI skills are threat actors' newest and most dangerous lures.
5 minutes
Threats
The Attacks Hiding in Your Identity Logs
Every identity-driven attack leaves behind traces. The problem isn’t the absence of signals. It’s that most organizations aren’t really looking…
5 minutes
The identity nobody is watching
Your next serious breach will likely start with an identity that nobody was watching.
3 minutes
Weaponizing autonomy: The rise of malicious AI agent skills
Imagine your AI coding assistant quietly reading your AWS credentials while helping you refactor a function. Or silently downloading a…
5 minutes
Why identity-based threats are the new battleground for cybersecurity
Cybersecurity has changed. The question is: has your defense strategy changed with it?
10 minutes
CastleRAT attack first to abuse Deno JavaScript runtime to evade enterprise security
ThreatDown has discovered a sophisticated new infection chain that installs the CastleRAT malware without leaving a trace on disk.
4 minutes
100% malware detection at 1.7% CPU: how ThreatDown stops Mac info stealers
Mac info stealers like AMOS and Poseidon can harvest credentials in seconds. ThreatDown delivers 100% detection against the Objective-See malware…
6 minutes
Machine-scale cybercrime: The 2026 State of Malware report
The ThreatDown 2026 State of Malware report captures a unique moment of transition—when the established world of human-driven intrusion meets…
3 minutes
AI-orchestrated cyberattacks
Sophisticated attackers once struggled to scale. Now, experienced groups can scale by adding agents to their workforce, and inexperienced or…
4 minutes
Tracking remote ransomware attacks at their source
When ransomware strikes, many are watching it happen through the wrong lens.
5 minutes
Inside EDR-Freeze: How ThreatDown stops the attack before it spreads
EDR-Freeze exploits legitimate Windows functionality to suspend security software, and it works entirely in user-mode using native Windows components.
11 minutes
How NIST is going to secure AI
AI is becoming as commonplace as spreadsheets in business, but security is lagging behind. NIST aims to fix that.
2 minutes
AI has “fully defeated” most of the ways people authenticate
In a recent interview at the Federal Reserve, OpenAI CEO Sam Altman warned of "a significant impending fraud crisis" driven…
4 minutes
Atomic Stealer now using clipboard hijacking to target Macs
The infamous ClickFix campaign is targeting Mac users with Atomic Stealer (AMOS).
2 minutes
Ransomware in April 2025—RansomHub is gone
While DaVita and Marks & Spencer reel from devastating attacks, the most dominant ransomware group of the last year has…
1 minute
Ransomware in March 2025
March 2025 saw a huge number of ransomware attacks, and the Pennsylvania State Education Association quietly notify over 500,000 current…
1 minute
Why YOUR software is the new malware
Cybercriminals are increasingly turning away from malware and shifting to a stealthier approach known as Living Off the Land (LOTL).
1 minute
Ransomware in February 2025—Cl0p and RansomHub run riot
The Cl0p ransomware group posted data on 335 victims in February 2025, by far the largest one month total any…
2 minutes
Phishing, now available on your favorite app store!
Although we tend to associate phishing attacks with emails, on Android they often come from innocent-looking apps.
1 minute
Cybercrime Has Gone Machine-Scale
AI is automating malware faster than security can adapt.
Get the facts Read the 2026 State of Malware