threat-intelligence
Safeguard articles tagged "threat-intelligence" — guides, analysis, and best practices for software supply chain and application security.
47 articles
APT29 Cloud Supply Chain Tradecraft 2025
APT29's 2024-2025 cloud-native tradecraft — from Midnight Blizzard's Microsoft intrusion to the Teams phishing pivots — shows how SVR targets identity as supply chain.
Akira Ransomware VPN Appliance Exploitation
Akira has industrialized VPN appliance exploitation. Here is the tradecraft, the advisories that document it, and what defenders must do about edge software supply chain risk.
What is Threat Intelligence
Threat intelligence turns raw indicators into actionable defense. Here's what it actually is, its four types, and how it applies to software supply chains.
What is a Honeypot
A honeypot is a decoy system or credential built to lure attackers so defenders can detect, delay, and study intrusions before real assets are touched.
What is MITRE ATT&CK
MITRE ATT&CK catalogs real attacker behavior into 14 tactics and 200+ techniques. Here's how it works, how it differs from CVE/CWE, and how to use it.
Go binary malware distribution trends
Go binaries are now a preferred malware delivery format — statically linked, cross-platform, and hard to fingerprint. Here's what the trend data shows.
Best open source vulnerability database and threat intell...
A practical buyer's guide to open source vulnerability database tools, CVE aggregation, and threat intel feeds for tracking OSS risk.
The Jailbreaking Economy: How Model Vulnerabilities Get D...
Jailbreak prompts now trade like exploits: sold as $200/month "dark" chatbots, bountied by vendors for up to $15,000. Here's how that market actually works.
Software Supply Chain Attacks: H1 2025 Report
A data-driven breakdown of supply chain attacks from January through June 2025, covering attack vectors, targeted ecosystems, and emerging trends.
Qilin Ransomware Group: Dissecting a Rising Threat Actor
Qilin has rapidly become one of the most active ransomware operations, targeting healthcare, manufacturing, and critical infrastructure. A technical breakdown of their methods.
Medusa Ransomware: How Supply Chain Tactics Fuel a Growing Threat
Medusa ransomware has evolved beyond traditional encryption schemes, leveraging supply chain compromise to infiltrate victims. Here's what defenders need to know.
Vulnerability Exploitation Trends in 2024: What the Data Shows
Analysis of 2024 vulnerability exploitation patterns reveals faster weaponization timelines, shifting target profiles, and the growing importance of edge device vulnerabilities.