Welcome to the Red Canary Threat Detection Report Our Threat Detection Report takes a close look at the top techniques, threats, and trends to help security teams focus on what matters most.

Red Canary's 2025 Threat Detection Report is live! A ton of work went into this report and it's awesome to be able to share it with y'all. If you're curious about our top 10 threats for the year, trends we've seen, or what our color + bird threats are, answers are here!
redcanary.com/threat-detec...

Sorry for the delay in responding to your question! We do not, to my knowledge.

Hey y'all, this month's Intelligence Insights is out! We had two new birds make the list:
- Infrared Ibis == how we track behavior related to malicious chrome extensions
- Saffron Starling == our name for a loader that delivers Danabot/DarkGate/Matanbuchus

redcanary.com/blog/threat-...

Tangerine Turkey mines cryptocurrency in global campaign | Red Canary Named by Red Canary, Tangerine Turkey is a VBS worm delivered via USB that ultimately drops a cryptomining payload

Exciting update to our blog! As part of our ongoing research we identified some public Github repos being leveraged that, I'm happy to say, are no longer active! More details--plus some IOCs for still-active sites--in the update.

redcanary.com/blog/threat-...

Tangerine Turkey mines cryptocurrency in global campaign | Red Canary Named by Red Canary, Tangerine Turkey is a VBS worm delivered via USB that ultimately drops a cryptomining payload

Hey folks! Kicking off my Bluesky debut with a new Red Canary bird debut. This month we introduced Tangerine Turkey, Red Canary's name for a VBS worm that is delivered via an infected USB and uses a printui DLL hijack to deliver a cryptomining payload. Here's our blog!

redcanary.com/blog/threat-...