Latest
The SMB Security Gap: What Comes After Antivirus
CrowdStrike's State of SMB Cybersecurity Survey just confirmed what we hear in every customer call. Small businesses know the risks, most have a plan, but cost and complexity stop them from deploying anything beyond antivirus. There is a missing layer between the AV baseline and a full SOC. This post walks through the survey numbers and what belongs in that gap.
The SAP CAP npm Compromise: 1,969 Marker Repos, 41 Actual Victims
Four official SAP CAP packages were trojanised on npm to sweep developer credentials. The GitHub search for the marker description returns about 2,400 hits, which sounds like a mass-compromise event. Verifying every one and tracing them back to GitHub accounts gives a very different picture: 41 distinct victims, almost all of them SAP CAP developers and consultants.
Can You Trust What Your AI Coding Agent Is Doing?
AI coding agents run in your user context and can read files anywhere you can. A quick test with ZeroExfil running in the background shows exactly what that looks like at the kernel level, and why the chat UI alone is not a sufficient audit trail.
Are You Aware of Your Monitoring Gaps?
Microsoft Defender is a powerful platform, but every system operating at scale makes trade-offs about which telemetry it captures. A small experiment on what file activity actually surfaces in DeviceFileEvents, and what that means for detecting exfiltration.