ALL POSTS

Key Findings A Russian-speaking, financially motivated threat actor has compromised over 600 FortiGate devices located in 55 countries between January 11 and February 18, 2026. The threat actor leveraged multiple commercial generative AI tools to automate various stages of the attack cycle, including tool development, attack planning, and command generation. No exploitation of FortiGate vulnerabilities was observed - the campaign succeeded by exploiting exposed management por

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profile employees and craft tailored social engineering lures. However, AI can also be leveraged by defenders to turn the tables on threat actors and use their own tools against them. Background Threat actors are leveraging the advancements in AI, particularly generative AI and agentic

Key Findings BreachLock expands its Adversarial Exposure Validation (AEV) solution to support autonomous red teaming at the web application layer. BreachLock AEV's generative AI-powered engine can now emulate real-world attacker behavior and validate exploitable weaknesses in web applications. AEV goes beyond identifying theoretical risks and validates their real-world exploitability and business impact. The solution provides deep contextual insights to help security teams pr