Incident Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 25.4.26 | Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft | While many ransomware groups rely on off-the-shelf utilities such as Rclone or MegaSync to steal victim data, recent attacks involving the Trigona ransomware used a custom-developed tool designed to provide attackers with granular control over the data theft process. | Incident blog | SECURITY.COM |
| 18.4.26 | That data breach alert might be a trap | Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot | Incident blog | Eset |
| 11.4.26 | Axios npm package compromised to deploy malware | On March 30, 2026, a supply chain security attack targeted Axios, a widely used JavaScript HTTP client for web and Node.js applications. Third-party researchers identified that Axios versions 1.14.1 and 0.30.4 published to the npm registry were compromised following the apparent takeover of a legitimate maintainer account. An attacker published unauthorized package updates that appeared legitimate. | Incident blog | SOPHOS |
| 11.4.26 | From the field to the report and back again: How incident responders can use the Year in Review | The Year in Review distills Talos IR's observations into structured intelligence, but defenders should also be feeding this report back into their own preparation cycles. Here's how. | Incident blog | CISCO TALOS |
| 11.4.26 | Axios NPM supply chain incident | Overview of the recent Axios NPM supply chain incident including details of the payloads delivered from actor-controlled infrastructure. | Incident blog | CISCO TALOS |
| 4.4.26 | Mitigating the Axios npm supply chain compromise | On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean state actor Sapphire Sleet. | Incident blog | Microsoft blog |
| 4.4.26 | Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads | A supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, making detection challenging. | Incident blog | Trend Micro |
| 4.4.26 | Axios NPM supply chain incident | Overview of the recent Axios NPM supply chain incident including details of the payloads delivered from actor-controlled infrastructure. | Incident blog | CISCO TALOS |
| 1.2.26 | Identity & Beyond: 2026 Incident Response Predictions | DFIR expert Jamie Mamroe shares 2026 Incident Response Predictions around Identity and Cloud attacks | Incident blog | Cybereason |
| 17.1.26 | Brushstrokes and breaches with Terryn Valikodath | Terryn’s path to cybersecurity started with a fascination for criminal forensics and a knack for jailbreaking his family's tech — interests that eventually steered him toward the fast-paced world of digital investigations. | Incident blog | |
| 10.1.26 | Credential stuffing: What it is and how to protect yourself | Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts | Incident blog | Eset |