Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.
Should governments ban ransomware payments? The debate intensified through 2023 as attacks escalated, with strong arguments on both sides and no clear consensus.
Clop's exploitation of MOVEit Transfer compromised over 2,500 organizations in one campaign, demonstrating a shift from traditional ransomware to mass vulnerability exploitation.
Double extortion transformed ransomware from a reversible nuisance into an irreversible data breach. The evolution from encryption-only to data theft fundamentally changed the threat model.
CVE-2023-27350 in PaperCut NG/MF allowed unauthenticated RCE through the print management server. Cl0p and LockBit ransomware groups jumped on it within days.
Royal ransomware emerged from the ashes of Conti to become one of the most aggressive operations targeting healthcare organizations in 2022 and 2023.
LockBit 3.0 introduced bug bounties, new extortion tactics, and industrial-scale operations that made it the dominant ransomware group through 2022 and 2023.
BlackCat (ALPHV) brought Rust programming, triple extortion, and supply chain targeting to the ransomware-as-a-service model, raising the bar for both attackers and defenders.
When Conti's internal communications leaked in early 2022, they exposed the operational playbook of a top-tier ransomware gang — including how they targeted supply chains.
Weekly insights on software supply chain security, delivered to your inbox.