Normal view

Overname Emmi AI moet Mistral sterker maken in Europese chip- en auto-industrie

20 May 2026 at 15:18
Het Franse bedrijf Mistral AI neemt het Oostenrijkse AI-bedrijf Emmi AI over. Dat bedrijf maakt industriële toepassingen, bijvoorbeeld voor de simulatie van fysica. Mistral wil zich met de overname profileren als AI-leverancier voor Europese industriële bedrijven, waaronder halfgeleidergiganten als ASML.

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies

Slowaakse ESET koopt Nederlandse ESET

20 May 2026 at 14:36
Het Nederlandse cybersecuritybedrijf ESET wordt overgenomen door ESET. De Nederlandse tak was altijd een apart bedrijf dat slechts opereerde onder de naam ESET, vergelijkbaar met een franchisehouder. Nu koopt het Slowaakse moederbedrijf het Nederlandse Cyber Defense Group.

Gamegigant Embracer splitst opnieuw: Tomb Raider en LOTR gaan naar 'Fellowship'

20 May 2026 at 14:32
De Zweedse gamegigant Embracer Group gaat zich wéér opsplitsen, waarna het onafhankelijke bedrijf Fellowship Entertainment ontstaat. Het enorme bedrijf splitste zich eerder al op in drie kleinere bedrijven en ontsloeg de laatste jaren veel werknemers na herstructureringen.

DEW #157 - Shai Hulud Goes Open Source, How Anthropic uses Claude and Underground Internet Cables

20 May 2026 at 14:03

Welcome to Issue #157 of Detection Engineering Weekly!

Every week, I read, watch and listen to all the Detection Engineering content so you can consume it all in 10 minutes. Subscribe and get a weekly digest of the latest and greatest in threat detection engineering!

✍️ Musings from the life of Zack:

  • Spring in Maine is finally here, and it feels like a Disney movie at the Allen household with all of the animals coming out. We have two bird nests, a family of deer, and now a woodchuck named Chippy prancing around

  • Speaking of Maine, I had the most Maine dinner with some friends the other night. They hunted a Moose and cooked Moose steaks for the family. Afterward, we had dessert with maple syrup tapped from trees in their yard. Moose was not that gamey, and I’d try it again!

  • Sabres lost :( But I’m super excited to watch this young team in the coming years, so if you are a hockey fan, don’t tease me too much because I’m still hurting from the loss

Sponsor: Adaptive Security

The best threat intelligence is generated by your coworkers

Security Operations teams rely heavily on detection rules and threat intelligence to stay ahead of threats. But, the AI of today focuses on social engineering your coworkers, such as deep fake interviews, voice phishing, and impersonating executives. Training your employees to spot and report AI attacks can provide valuable signals that no security product can match.

Adaptive trains your organization to spot, report, and stop these AI threats before they reach your perimeter.

Take A Tour


💎 Detection Engineering Gem 💎

Shai-Hulud Goes Open Source by Ryan Simon, Sebastian Obregoso and Greg Foss

~ Note, Datadog is my current place of employment, and the authors here are my colleagues ~

I’ve covered several supply chain attacks linked to TeamPCP and one of their worm-based toolsets, Shai-Hulud. This week, GitHub repositories popped up and were quickly taken down, hosting the potential source code for Shai-Hulud.
The team here did a deep dive on its architecture, how it deploys loaders and malware, its C2 infrastructure, and its credential exfiltration techniques.

Shai-Hulud framework architecture showing the pipeline from loaders through providers, collector, dispatcher, senders, and mutators (click to enlarge)

The Mutator step, which enables Shai-Hulud’s propagation and worm-like capabilities, is super interesting. There are three propagation mechanisms: one I was familiar with, npm credential publishing, and two I wasn’t familiar with, cache poisoning and developer environment poisoning. Every stolen secret can be used to propagate malware across various developer environments and IDEs, such as Claude Code and VSCode.

The two npm-related techniques rely on insecure configurations for publishing npm packages. For example, if you store npm publishing tokens in your GitHub Actions pipeline, it’ll automatically download the latest version of your release, increment the semver to make it the latest branch, then deploy it, causing the post-install hooks to run, which contain the malware.

“Leaks” of malware source code like this help provide insight into how threat actors think about exploiting misconfigurations and security gaps in their targets. It’s hard to say whether this is the “real one”, but there is threat intelligence floating around social media that TeamPCP & cybercriminal forums are teaming up for a Supply Chain Competition to see who pulls off the most impactful breach with Shai-Hulud.


🔬 State of the Art

Wiring Live Threat Intel into Sigma Detection with Dynamic Pipelines by Mostafa Moradian

Most SIEMs let you manage threat intelligence as lookup tables or reference lists that detection rules can query against. A rule checks a destination IP against a known C2 list; the list is updated by a feed; the rule stays the same. It is one of the more practical parts of how enterprise detection pipelines handle the IOC lifecycle. It’s also VERY hard to manage, and without understanding the underlying engineering required to handle dynamic tables, you can produce stale IOCs for your detections, or worse, miss emerging IOCs and fall victim to false negatives.

Moradian has been building toward the same capability in his RSigma project. I first covered the project in #149, when it was a Rust CLI for evaluating Sigma rules against JSON logs without any infrastructure. By #154, it had grown into a streaming daemon with NATS and HTTP log inputs, stateful correlation windows, and Prometheus metrics.

The latest addition here is dynamic pipelines: instead of hardcoding IOC values in rule YAML, you declare external sources in the pipeline config, and RSigma fetches and injects them at evaluation time. This works very similarly to how I’ve seen SIEMs implement threat intelligence pipelines, but since it’s RSigma, it’s self-contained within its ecosystem.

Architecture diagram showing two threat intelligence sources (Feodo Tracker HTTP feed providing C2 IPs, and a CISA Advisory processed by ioc-finder providing C2 domains) feeding into a Dynamic Pipeline that resolves and expands placeholders in Sigma Rules, which are then evaluated by the RSigma Daemon against incoming Firewall and DNS log events to produce Detections.

The practical demo is a firewall detection rule with a single field: DestinationIp: “%c2_ips%”. The pipeline pulls the Feodo Tracker C2 blocklist, a public JSON feed covering Emotet, Dridex, TrickBot, and QakBot updated every five minutes, extracts the IP array, and expands that placeholder before the rule evaluates. If the feed is unreachable, RSigma falls back to the last cached data so you do not lose coverage during a transient outage. The rule author never touches an IOC value again.


I thought this was a neat video by the Anthropic team, featuring a friend of the newsletter, Jackie Bow, on how their internal detection & response team uses Claude! They built a tool called CLUE, which they first featured at BSides SF in 2025. It looks similar to a co-pilot tool from AI SOC vendors, but it's their own internal version. I think it helps make the case for those who choose to go build versus buy, by offering control over which features go in and out of the tool, an integration catalog focused on systems you deploy for your organization, and a tighter feedback loop.

The case against is a capacity-and-cost problem. It is attractive to buy AI SOC-like tools if you are budget-constrained or don’t have the talent to build and maintain one.


Ok, a lot of media on this issue, but hear me out. Odd Lots is a Top 3 podcast for me, and its focus is Finance topics. They bring on amazing guests that talk about everything from the economics of milk to tarriff refunds at shipping ports and even cybersecurity.

I chose this episode because its about the history and economics of deep-sea cables, with a particular focus on Internet cabling. We seriously don’t appreciate how complicated and opaque this process is for the end user. So, if you want to learn about Internet-scale issues, you must learn about the physical nature of operating the Internet!


The Ultimate Guide to Detection Engineering with Censys by Alex Gartner

In this post, Censys detection engineer and security researcher Alex Gartner helps readers understand how to integrate detection engineering concepts into Censys’ internet-wide scanning data. This is especially interesting to me in a few ways:

  • I’ve rarely read posts on how to integrate Internet scan data as correlation rules with traditional telemetry from the endpoint or network

  • Understanding how attacker infrastructure can be fingerprinted is a valuable skill in itself; it’s not all just IP address and domain matching

  • Speaking of IP addresses: threat intelligence is much more useful when it’s clustered and used as an enrichment, and we leave out a lot of interesting threat intelligence indicators

I’ve been a big fan of Censys since they started their company several years ago. And luckily, many of the concepts Gartner discusses are available in community edition accounts. I typically don’t link to vendor blogs that talk about their products unless they offer free or community-edition access, so you can try these concepts out by signing up.


☣️ Threat Landscape

Grafana, an observability company with a large open-source following, disclosed a security breach in which attackers obtained an administrative-level GitHub access token. They don’t specifically say if it’s a long-lived token, which GitHub has urged customers to use, but it’s likely if it survived a CI/CD build run. The group behind the incident, Coinbase Cartel, also likely used a pwn request to take the token and subsequently exfiltrate their entire codebase.

The group tried to extort Grafana with a ransom demand, but Grafana said in their tweet that they refused to pay. This is the right approach, since paying doesn’t guarantee that the thiefs won’t sell it to someone else.


Oh look, a VPS I purchased 8 months ago. by Jonathan Canlas

In this post, Canlas, a detection engineer, stumbled upon a VPS they had purchased several months ago and had accidentally left running. They turned it into a honeypot to understand what kinds of attacks it attracts, using subsequent telemetry to learn more about the research and detection workflow. I appreciated reading this post because most honeypot stories I read follow a formula: a lab that deploys a honeypot. This one, in particular, offers much more insight into Canlas’ experience as a detection engineer and how they approached the deployment through a lens of hypothesis-driven research.


Novel Evilginx Frontend - Lowering the barrier for token theft reuse by Paul Newton

Evilginx is a legitimate open-source framework that helps red-teamers build and deploy phishing pages with easy-to-use templates. There is a pro version where the company behind Evilginx vets prospects to ensure they aren’t evil, but the open-source version gets a lot of traction from bad guys. In this post, Newton was hunting for M365-related phishing kits and found a cleverly built M365-themed management interface. IMHO, it makes the post way more interesting since it’s about this peculiar management tool.

The potential threat actor built this front end to manage stolen M365 tokens at scale. They can switch between victim tokens within a single interface, import stolen tokens from their Telegram bot, and execute attacks with a single click.

Diagram showing the three-tier AiTM attack chain: Evilginx phishing server, operator panel, and Microsoft Graph API

A single stolen token grants the operator access to several products in the M365 suite, up to and including pivoting to take over the Entra environment.

When AI doomers or marketers post about the onset of dangerous, vibe-coded malware at scale, I roll my eyes because most malware is a commodity at this point. Evilginx is so good, so why switch how it works? I worry more about the organizational scale that vibe-coding offers threat actors.

Before Claude Code, creating an interface like this would have taken months, either with a professional front-end developer or with someone who spent a lot of time learning front-end coding. Front-end coding with coding agents is AWESOME, so it’s now much more accessible for people to build things like this without spending their capacity on learning.


Project Glasswing: what Mythos showed us by Grant Bourzikas

Cloudflare ran Mythos Preview on more than 50 of its own repositories as part of Project Glasswing and published the results. Much like what Anthropic noted about Mythos in their Glasswing blog, Cloudflare said it was excellent at generating exploit chains and generating proof, via a PoC, that it found a bug. The harness architecture they built around it is worth reading too: they created narrowly scoped parallel agents, each focused on a single attack class, and then used an independent adversarial agent whose only job is to disprove the original finding.

Nothing in here really surprised me regarding the applicability of Mythos to real-world code environments. An agent is only as good as its harness, and although Mythos has fewer guardrails and is tuned for security findings, it still requires work to operationalize.


🔗 Open Source

vinsk0h/KQLab

KQLab is a self-hosted platform for storing, protecting, and indexing KQL rules. It has an impressive full-stack architecture and is built to provide strong authentication and verification measures for users, and even includes RBAC capabilities to scope certain rule sets to specific teams.


OWASP/DockSec

DockSec is an OWASP Incubator project that builds a vulnerability scanning report from several open-source tools and generates human-readable reporting leveraging an LLM harness. It’s smart enough to prioritize vulnerabilities based more on CVSS scores, and you can stick it in your CI/CD pipeline so it can recommend fixes that developers understand, rather than a massive findings report.


phylecorp/gabo

Gabo is a Nebula:Fog hackathon project built for threat intelligence analysts. It uses the CIA’s Structured Analytical Techniques playbook to provide users a tool where they can ask it questions, and it’ll provide rigorous feedback based on their analysis. It has an MCP server as well, so you can point your local coding agent or stack at it.


microsoft/AntiSSRF

AntiSSRF is a security component library from Microsoft that helps developers deploy apps without worrying about the underlying techniques used to prevent SSRF attacks. It has a robust URL parsing library, which are always a headache to work with, to validate incoming HTTP requests and reject any that look like SSRF attacks.

Every week, I read, watch and listen to all the Detection Engineering content so you can consume it all in 10 minutes. Subscribe and get a weekly digest of the latest and greatest in threat detection engineering!

Agent AI is Coming. Are You Ready?

New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot 2026. Among the findings, "identity dark matter" (the unseen, unmanaged elements of identity) now overshadows the visible elements 57% vs. 43%. And it couldn't have occurred at a worse time, with enterprises embracing Agent AI with both arms (and unfortunately, as

Firefox 151 packs big privacy upgrades into a small update

20 May 2026 at 13:46

Mozilla has published release notes for Firefox browser version 151.0, and this update includes several genuinely meaningful privacy and security improvements.

Three changes stand out in particular:

  • Stronger anti‑fingerprinting
  • Broader protection for local network access
  • More control over private sessions and permissions

Note that Mozilla says several Firefox 151 features are “part of a progressive roll out,” meaning they will appear for some users first and be expanded over time. So, you may not see all of them immediately.

Privacy

One of the more visible additions is a new “end private session” control in Private Browsing Mode. Instead of closing every private window to clear your traces, you now get a dedicated fire‑icon button next to the address bar that wipes the current private session’s data and immediately starts a fresh one.

End private session button
End private session button

Under the hood, this clears the usual private browsing artifacts for that session, including history, cookies, cached files, and other site data that would normally disappear only when the last private window closes.

For people who routinely mix normal and private windows, this is safer and less error‑prone than hunting down every private tab before you walk away from the machine.

Firefox 151 also tightens its defenses against browser fingerprinting in the default “Standard” Enhanced Tracking Protection (ETP) mode. Mozilla says Firefox now limits the amount of device and browser information exposed to websites in a way that reduces the number of uniquely identifiable users by about 14% overall, and by roughly 49% on macOS.

This makes it harder for trackers to pick you out of the crowd, especially on platforms with fewer users to begin with (like certain macOS configurations). This reduces the privacy risk surface by default, which makes it harder for phishing and landing pages that redirect visitors to “categorize” you.

Another important change is Firefox’s “local network access restrictions,” which are now rolling out to all users, not just those who turned Enhanced Tracking Protection to Strict.

This means that when a website wants to communicate with devices on your local network, or with apps and services running on your machine, Firefox now asks for permission first. Chrome and Edge have been rolling out similar permission prompts.

Security

Firefox 151 also quietly fixes several security vulnerabilities.

The most notable example is CVE‑2026‑8953, a sandbox escape due to a use‑after‑free in the Disability Access APIs component. While there are currently no reports of in‑the‑wild exploitation for this specific bug at the time of writing, this is the kind of bug cybercriminals love.

A use-after-free (UAF) is a software memory vulnerability where a program attempts to access a memory location after it has been freed. If the program fails to clear the pointer to that freed memory, attackers can manipulate the error to crash the system or execute arbitrary code. A memory corruption leading to a sandbox escape is exactly the kind of link attackers want to complete a browser exploit chain.

How to update

If you’re running Firefox in a home or small‑office environment, we recommend updating to Firefox 151 as soon as possible to get the fingerprinting protections, local network access prompts, and security patches.

To update Firefox:

  • Open Firefox
  • Click the menu (three stacked lines) in the upper-right corner
  • Go to Help > About Firefox
  • Firefox will automatically check for updates and begin downloading them
  • Restart the browser when prompted to complete the update

Once your Firefox browser has been updated, it will show a green checkmark along with the message: “Firefox is up to date.”

Firefox is up to date

Let’s face it, an incognito window can only do so much. 
 
Breaches, dark web trading, credit fraud. Malwarebytes Identity Theft Protection monitors for all of it, alerts you fast, and comes with identity theft insurance. 

Firefox 151 packs big privacy upgrades into a small update

20 May 2026 at 13:46

Mozilla has published release notes for Firefox browser version 151.0, and this update includes several genuinely meaningful privacy and security improvements.

Three changes stand out in particular:

  • Stronger anti‑fingerprinting
  • Broader protection for local network access
  • More control over private sessions and permissions

Note that Mozilla says several Firefox 151 features are “part of a progressive roll out,” meaning they will appear for some users first and be expanded over time. So, you may not see all of them immediately.

Privacy

One of the more visible additions is a new “end private session” control in Private Browsing Mode. Instead of closing every private window to clear your traces, you now get a dedicated fire‑icon button next to the address bar that wipes the current private session’s data and immediately starts a fresh one.

End private session button
End private session button

Under the hood, this clears the usual private browsing artifacts for that session, including history, cookies, cached files, and other site data that would normally disappear only when the last private window closes.

For people who routinely mix normal and private windows, this is safer and less error‑prone than hunting down every private tab before you walk away from the machine.

Firefox 151 also tightens its defenses against browser fingerprinting in the default “Standard” Enhanced Tracking Protection (ETP) mode. Mozilla says Firefox now limits the amount of device and browser information exposed to websites in a way that reduces the number of uniquely identifiable users by about 14% overall, and by roughly 49% on macOS.

This makes it harder for trackers to pick you out of the crowd, especially on platforms with fewer users to begin with (like certain macOS configurations). This reduces the privacy risk surface by default, which makes it harder for phishing and landing pages that redirect visitors to “categorize” you.

Another important change is Firefox’s “local network access restrictions,” which are now rolling out to all users, not just those who turned Enhanced Tracking Protection to Strict.

This means that when a website wants to communicate with devices on your local network, or with apps and services running on your machine, Firefox now asks for permission first. Chrome and Edge have been rolling out similar permission prompts.

Security

Firefox 151 also quietly fixes several security vulnerabilities.

The most notable example is CVE‑2026‑8953, a sandbox escape due to a use‑after‑free in the Disability Access APIs component. While there are currently no reports of in‑the‑wild exploitation for this specific bug at the time of writing, this is the kind of bug cybercriminals love.

A use-after-free (UAF) is a software memory vulnerability where a program attempts to access a memory location after it has been freed. If the program fails to clear the pointer to that freed memory, attackers can manipulate the error to crash the system or execute arbitrary code. A memory corruption leading to a sandbox escape is exactly the kind of link attackers want to complete a browser exploit chain.

How to update

If you’re running Firefox in a home or small‑office environment, we recommend updating to Firefox 151 as soon as possible to get the fingerprinting protections, local network access prompts, and security patches.

To update Firefox:

  • Open Firefox
  • Click the menu (three stacked lines) in the upper-right corner
  • Go to Help > About Firefox
  • Firefox will automatically check for updates and begin downloading them
  • Restart the browser when prompted to complete the update

Once your Firefox browser has been updated, it will show a green checkmark along with the message: “Firefox is up to date.”

Firefox is up to date

Let’s face it, an incognito window can only do so much. 
 
Breaches, dark web trading, credit fraud. Malwarebytes Identity Theft Protection monitors for all of it, alerts you fast, and comes with identity theft insurance. 

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer information stored outside of GitHub's internal repositories (such as our customers' enterprises,

❌