Netskope's Hubert WS Lin (林悟生) is featured in Hitachi Systems Security Journal Vol. 77, where you can read all about his latest project, SaucePot, which he presented at Code Blue! お見事!
www.hitachi-systems.com/report/speci...
The commoditization of ClickFix continues with a new MaaS Jan Michael Alcantara at Netskope Threat Labs has uncovered, this one featuring a nodeJS implementation, a modular windows RAT, and C2 over Tor.
www.netskope.com/blog/from-cl...
Did the Docker scaffolding you used to install OpenClaw also install an infostealer? Netskope Threat Labs is tracking an AI-assisted lure factory to mass-generate over 300 polished, poisoned packages targeting developers looking for open-source AI tools. www.netskope.com/blog/opencla...
On my way to #RSAC2026. Be sure to check out my colleague Gianpietro Cutolo's presentation on MCP security on Tuesday morning and stop by the Netskope booth 1127 in Moscone South. I hope to see you there!
path.rsaconference.com/flow/rsac/us...
Phishing URL: invite[.]komiku[.]my[.]id/Teams/Windows/invite.php
Notes: This is the latest in a wave of fake meeting invites delivering RMM tools that we have tracking. This time, it was a Datto RMM Agent.
www.netskope.com/blog/attacke...
Shadow AI remains a significant challenge in the healthcare sector, with 32% of users opting for shadow AI apps, despite promising trends toward managed enterprise AI platform adoption. Read more in the new Netskope Threat Labs Healthcare Report.
www.netskope.com/resources/th...
The Netskope AI Index let's you explore AI adoption trends for individual sectors, geos, and org sizes with weekly updates to track the latest trends.
ai-index.netskope.com
We have seen the fake meeting invites slow down this week at Netskope Threat Labs, but they are still out there. The latest one I saw was a Teams meeting that downloaded a LogMeIn executable. www.netskope.com/blog/attacke...
Since we at Netskope Threat Labs published our blog post about how to block/alert on OpenClaw installs, we have seen at least 65 new installs on managed devices. Playing with new tech is fun, but you need guardrails in place before you start running OpenClaw.
www.netskope.com/blog/moltbot...
Didn't DOGE fix this already?
Stop installing OpenClaw in production systems.
We are still seeing an unsettling number of new installs across multiple industries. Link has details on how to use Netskope to identify rogue installs and setup a block policy.
www.netskope.com/blog/moltbot...
Netskope Threat Labs is tracking a tech support scam campaign using malicious Bing ads to successfully drive traffic to the payloads hosted in Azure Blob Storage.
www.netskope.com/blog/malicio...
I'm really interested to know what the other 2/3 were. Porn? Clickbait? I can't remember the last time I've seen an ad on Facebook that wasn't utter garbage.
In all the containers, we have so far only seen two phone numbers so far:
1-866-520-2041
1-833-445-4045
Among the surprises in the report:
(1) Japanese organizations are doing an excellent job reducing Shadow AI.
(2) ChatGPT has been dethroned as the most popular AI App!
Updated this post today after they renamed it again to OpenClaw. More stuff to block...
MoltBot/ClawdBot is an open-source, self-hosted personal AI agent. It enables unauthenticated remote control by default and has privileged host access. For these reasons, we at Netskope recommend you review how it is being used at your org
www.netskope.com/blog/moltbot...
I got my first E-ZPass phishing text message of the new year! These seem to have cooled off for a while and are not coming back strong. We've seen 48 new E-ZPass phishing domains targeting our customers at Netskope Threat Labs so far this year. The latest: ezpass[.]gov-hmp[.]cc
Netskope's 2026 Canada report shows the number of genAI users has increased 3.3x year-over-year, causing a proportional rise in the amount of sensitive data (including intellectual property, secrets, regulated data, and source code) sent to genAI apps. www.netskope.com/resources/th...
#RSAC2026 is less than 2 months away! Gianpietro Cutolo from Netskope Threat Labs will be there presenting his latest research on MCP security! I hope to see you there!
www.netskope.com/netskope-thr...
“X is a post-apocalyptic cesspool of bots, pedophilia and political illiteracy.” That might be my favorite quote about X.
www.politico.com/news/magazin...
First Netskope Threat Labs report of 2026: GenAI users have tripled, prompts have increased six-fold, and data violations have doubled, but 50% of orgs lack enforceable data policies. Meanwhile, personal apps, phishing, and malware remain persistent challenges.
www.netskope.com/resources/cl...
Even the capitalization is stupid.
Is writing malware that generates all of its malicious routines on the fly from prompts using ChatGPT possible? Read more on the Netskope Threat Labs blog. www.netskope.com/blog/the-fut...
Netskope's manufacturing threat report highlights growing incidents of sensitive data exposure as AI apps gain popularity, malware coming in over trusted cloud apps, and more...
www.netskope.com/resources/th...
If you are in Tokyo for Code Blue next week, checkout Hubert Lin's workshop. It is a lot of fun! #netskope #infosec
Netskope Threat Labs' newest member is Vini Egerland! I look forward to sharing some of the awesome projects Vini is cooking up in the near future!
Our Netskope Private Access team has an opening for a Distinguished Engineer in the US. Please reach out if you have questions: www.linkedin.com/jobs/view/42...
The messaging on the website is hilarious. The premise here is that the 2020 census was somehow manipulated by Biden, who wasn't president yet.
