Skip to content
Latest
Siemens ROX II Zero-Day Chain Shows Why OT Switches Need Asset-Level DefenseJscrambler npm Compromise Shows Build Pipelines Need Runtime ControlsGhost Phishing Shows Why Email Security Must Follow the BrowserPakistani Police Intrusions Show Why Public-Sector Data Systems Are Strategic TargetsBad Epoll Shows Linux Kernel LPEs Belong in the Patch Priority QueueFake Payment SDKs Show Why Dependency Risk Is Credential RiskCritical UniFi Flaws Put Network Control Planes Back in the Patch QueueVidar Stealer Campaign Shows Why File Size and Fake Signatures Still Beat Weak ControlsADFS Signing Keys Show Why Federation Servers Are Tier-Zero Identity InfrastructureUAT-7810 Shows Edge Devices Are Becoming China-Nexus Relay InfrastructureFortiBleed Shows Firewall Credentials Are Ransomware FuelNetNut and Popa Takedown Shows Residential Proxies Are Now Attack InfrastructureVect and TeamPCP Show Supply-Chain Credentials Are Ransomware FuelOusaban Shows Banking Trojans Are Learning to Hide From Sandboxes

Cyber Threat Intelligence

Daily threat reporting, custom software, and remote tech help from a veteran-owned (SDVOSB) studio.

Updated most weekdays

Contractor Codex SaaS · Web app

Quote. Contract. Bill. Get Paid.

Send a quote in 60 seconds, get it signed online, and auto-invoice every stage of the job.

Start free →
SAMscout AI SaaS · Web app

The federal proposal team you can afford.

Turn a SAM.gov opportunity into a reviewable, Shipley-grade proposal draft in minutes.

Start free →
VA Disability Calc & Track iOS · iPhone & iPad

Know your rating. Track your claim.

BVA-accurate combined-rating math and claim tracking, private on your device.

Download free →

This Week in Threats

Latest Threat Intelligence

Cyber Security Blog
Fake Payment SDKs Show Why Dependency Risk Is Credential Risk
Cyber Security Blog·Jul 8, 2026·62 IOCs

Fake Payment SDKs Show Why Dependency Risk Is Credential Risk

Socket uncovered malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs. Here is what SMBs and government contractors should do now to protect CI secrets, developer machines, and payment integrations.

Read report →

Nation-State Tracking

Intelligence by Region

Russian Threat Intelligence

View all Russian intel →

Chinese Threat Intelligence

View all Chinese intel →

North Korean Threat Intelligence

View all North Korean intel →

Iranian Threat Intelligence

View all Iranian intel →

Newsletter

The Bulwark Brief.

Cyber threat intel, AI, and tech worth your attention, what we're tracking that day, with a "why it matters" line on every item. Most weekdays. No fluff.