A New Detection Approach Reduces Noise in Endpoint Telemetry
SOC teams are turning to behavioral correlation and risk scoring to separate real attack signals from heavy alert streams faster.
Cybersecurity News
Track threats in the language of defense teams.
Orbitron Blog publishes concise, operational news on detection engineering, cloud security and identity security.
Latest News
Analysis-focused security agenda
Miasma Campaign Shows How npm Trust Can Be Abused Through CI/CD
Wiz Research found a supply chain compromise that hit Red Hat cloud service npm packages. The malicious releases used installation-time execution and valid-looking provenance to reach developer environments.
SideCopy Campaign Targets Afghan Finance Entities with Xeno RAT
A Pakistan-linked espionage group is using Pashto-language phishing lures and a multi-stage Windows infection chain to deploy Xeno RAT against Afghan government finance targets.
Container Runtime Risk Moves to the Center of Cloud Security
Runtime visibility in container environments is moving beyond image scanning and focusing on real attack behavior.
Post-Phishing Movement Is Becoming More Critical in Identity Attacks
In campaigns where phishing detection alone is not enough, login anomalies and token usage patterns are becoming more important.