Context.ai OAuth Token Compromise | Wiz Blog Compromised Context.ai OAuth tokens enabled attackers to perform a supply chain attack via trusted SaaS integrations. Learn how to assess the risk in your environment and how to prevent the next attac...

A solid article from #Wiz regarding the Vercel incident: www.wiz.io/blog/context...

Our team received a report of intermittent app outages at about 11:40pm PDT on April 15, 2026. They worked through the night to mitigate a sophisticated Distributed Denial-of-Service (DDoS) attack, which intensified throughout the day.

Marimo RCE weaponised w/ NKAbuse blockchain botnet via Hugging Face. Nginx UI auth-bypass CVE-2026-33032 actively exploited. ShinyHunters leak 13.5M McGraw Hill records from Salesforce misconfig. UAC-0247 hits Ukraine hospitals
Full brief: intel.overresearched.net/2026/04/16/c...
#Daily #ThreatIntel

First CTI Monthly: March 2026, 1,320 reports / 39 batches.

TeamPCP supply-chain siege
CanisterWorm K8s wiper, Iran
Handala wipes 80k Stryker via Intune
DarkSword iOS → KEV
Chrome 0-days, SharePoint RCE

Full brief: intel.overresearched.net/2026/04/16/c...
#Monthly #ThreatIntel #InfoSec

Adobe Acrobat zero-day (CVE-2026-34621) added to CISA KEV. DPRK Lazarus npm package targets Polymarket traders. FBI & Indonesia take down W3LL PhaaS.

Full brief: intel.overresearched.net/2026/04/13/c...

#Daily #ThreatIntel #CTI #Lazarus #Ransomware

MS April Patch Tuesday: 167 flaws, 2 zero-days SharePoint CVE-2026-32201 actively exploited; Defender CVE-2026-33825 disclosed. Interlock ransomware hits Cisco FMC zero-day
Full brief: intel.overresearched.net/2026/04/14/c...
#Daily #ThreatIntel #CVE #Ransomware #InfoSec #CyberSecurity #PatchTuesday

15 critical OSS CVEs - wolfSSL (X.509 bypass, TLS 1.3 UAF), XZ Utils, Go, libinput. Huntress: signed "Dragon Boss" adware killed AV on 23,500+ hosts. Trust Wallet USDT drainer + NWHStealer active.
Full brief: intel.overresearched.net/2026/04/15/c...
#Daily #ThreatIntel #CVE #InfoSec

We publish hyper-detailed APT reports so defenders can stay ahead and we absolutely should keep doing that.

But also just handing script kiddies a prompt: “move like Fancy Bear”

It seems like the ceiling and the floor are growing ever closer as time goes on with AI.

Any particular examples?

Urgh…

Even after the editing phase you suddenly then had a brain wave that changes how you could approach the topic and then have to spend an hour weighing up either going back to developing or write it up as a blog post afterwards and make a quick comment at the end stating it as future work

Create two threat intelligence accounts, one on bsky and the other on X, so that I can provide new threat reports as a feed, check it out at:

BSky - bsky.app/profile/inte...
X - x.com/ORIntelligence

#ThreatIntel #InfoSec

#threatintel report released highlighting IoC and SOC actions for a number of threats especially, axios. Check it out at: intel.overresearched.net/2026/03/31/c...

Seeing an obvious improvement to language model processing on the GPU through my threat pipeline, however, there is definitely some elements for future tuning.

Cognitive CTI - Building a Scalable, Self-Hosted Threat Intelligence Pipeline with AI Introduction Threat Intelligence is a fairly superfluous component to security for most individuals or organisations that are growi...

Finished writing my next blog post. It focuses on engineering a scalable platform that leverages local language models to summarise and correlate threat feeds.

Check it out at: blog.overresearched.net/2026/03/cogn...

#Infosec #ThreatIntel #OpenSource #LocalLLM #N8N #OpenCTI #CyberSecurity

With the range of frameworks out there these days what do I even go for as a solo dev with an ambitious project?

- RoR?
- Django?
- NextJS?
- Laravel?

Decisions...

WannaCry — Campaign Intelligence, Reverse Engineering, and Detection During 2017, WannaCry became a national headline for the United Kingdom and many other nations targeting companies, such as FedEx, Honda, Ni...

Finished writing my first post for my new blog, it focuses on WannaCry but across multiple different areas of the campaign. This was to brush the rust off my writing and malware analysis skills.

#WannaCry #MalwareAnalysis #ReverseEngineering

blog.overresearched.net/2026/02/wann...

The mental change from running a #proxmox homelab to a #k3s has been something. I finally broke through and got PiHole installed and running.

Look Back At Every Default Ubuntu Wallpaper, Ever This is every Ubuntu default wallpaper, presented in one scrollable post. Come look back over 19 years of iconic backgrounds, all unique to Ubuntu.

Running through the old #Ubuntu wallpapers and seeing breezy Badger sent me back to the first installation of a Linux distro: www.omgubuntu.co.uk/every-ubuntu...

Learn JavaScript, React, and TypeScript to Node.js, Fullstack, and Backend Advance your web development and software engineering skills from front-end to full-stack!

An area that could have applications would be towards data visualisation. I found the intersection between d3.js and react quite a deep area and to get it right is a journey.

Frontendmasters.com has two or three courses by Shirley Wu who covers basics of d3 and then the integration with React.

Any particular domain you are interested about, security, performance, or wanting to go broad?

React Compiler RC – React The library for web and native user interfaces

React Compiler RC is now available! We've added support for swc and are working towards a stable release react.dev/blog/2025/04...

Discord does not let me send a message over a particular word count, which is fairly annoying when trying to send snippets of code to a friend. Having to resort to images as a work around is fairly annoying.

To paraphrase, a screenshot is worth 1000+ chars after all.

or I could use nitro...

Bluesky Starter Packs: Find the Best Bluesky Accounts Find the best Bluesky accounts to follow with curated starter packs. Browse 35,000+ packs across tech, art, music & more.

Damn, the blueskystarter packs are a godly: blueskystarterpack.com

An interesting concept, I would love for forums to come back into the mainstream.

rendezvous with cassidoo A weekly newsletter with web development content for everyone, from beginners to pros.

Got a fresh off the presses newsletter issue coming your way! 🗞️

This is my last issue before I give birth later this week (!) so come one, come all!

Check out the archive and subscribe here:
cassidoo.co/newsletter/

An interesting concept, I would love for forums to come back into the mainstream.

That cathartic feeling of cleaning out the dust from your desktop case, slapping the side panel back as if you were larping as Phil swift with flex tape.

Finally having some time to catch-up on some study, man React 18 ~> React 19 has made some leaps forward in the ecosystem.

#react #webdev

#Astro is incredibly enjoyable to start from scratch and get something out of the door.