Moving up the Assemblyline: Exposing malicious code in browser extensions Red Canary By: Tre Wilkins 12 March 2026 at 14:00 How to use the open source Assemblyline tool to track browser extension updates and detect malicious code
Hunting for malicious OpenClaw AI in the modern enterprise Red Canary By: Brittany Sattler 5 March 2026 at 15:42 We deconstruct a multi-step threat hunt for malicious OpenClaw AI agents, outlining our approach to identifying and mitigating risks posed by unauthorized AI skills.
Breaking down a supply chain attack leveraging a malicious Google Workspace OAuth app Red Canary By: Tre Wilkins 4 March 2026 at 15:30 How to detect and respond to OAuth consent attacks in Google Workspace
ChatGPT in your inbox? Investigating Entra apps that request unexpected permissions Red Canary By: Matt Graeber 24 February 2026 at 15:05 How to observe, detect, investigate and mitigate against overly permissive Entra app consent
Bun and done: The second coming of the Shai-Hulud worm Red Canary By: The Red Canary Team 10 December 2025 at 17:58 Everything you need to know to detect and prevent npm compromises from Shai-Huludβs latest campaign