Research Archives | Page 3 of 12

New Malware Approaches, Same Key Indicators

Thought Leadership

New Malware Approaches, Same Key Indicators

Table of contentsKey TakeawaysIntroductionThe Industrialization of MaliceAI as the Producer, and Emerging Director, of MalwareAI-Written MalwareAI-Powered MalwareNo Matter How It’s...

Eden Nagel

Mar 10, 2026

HackerBot-Claw: An AI-Assisted Campaign Targeting GitHub Actions Pipelines

‘Orca Watch’ Series

HackerBot-Claw: An AI-Assisted Campaign Targeting GitHub Actions Pipelines

Table of contentsExecutive summaryIntroductionWhy GitHub Actions Are a New Frontier for AttackersWhat Happened?What Is the Impact?How HackerBot-Claw Works (Attack Chain)Scan...

Roi Nisimi

Mar 04, 2026

Post-Exploitation at Scale: The Rise of AILM

Research

Post-Exploitation at Scale: The Rise of AILM

AILM (AI-Induced Lateral Movement) is a new post-exploitation attack-vector where the pivot mechanism isn’t a subnet or an identity, but...

Roi Nisimi Saurav Hiremath

Feb 26, 2026

Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access

‘Orca Watch’ Series

Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access

SolarWinds has released Serv-U 15.5.4 to address four critical vulnerabilities — CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541 (CVSS 9.1) — that...

Eden Nagel

Feb 24, 2026

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

Discovered Vulnerabilities

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

A high-severity vulnerability (CVE-2026-2441, CVSS pending vendor confirmation) has been disclosed in Google Chrome and the Chromium engine, allowing attackers...

Eden Nagel

Feb 23, 2026

Critical CVE-2026-1731 Vulnerability in BeyondTrust Remote Support and PRA Exposes Systems to Remote Code Execution

‘Orca Watch’ Series

Critical CVE-2026-1731 Vulnerability in BeyondTrust Remote Support and PRA Exposes Systems to Remote Code Execution

Introduction A critical vulnerability (CVE-2026-1731, CVSS 9.9) was publicly disclosed on February 6, 2026 affecting BeyondTrust Remote Support (RS) and...

Igor Stepansky

Feb 16, 2026

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

Discovered Vulnerabilities

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

We forced GitHub to prompt-inject itself. It allowed us to control Copilot’s responses and exfiltrate Codespaces’ GITHUB_TOKEN secret. The end...

Roi Nisimi

Feb 16, 2026

Path Traversal in Rancher Local Path Provisioner Enables Host Filesystem Compromise Across K3s Clusters

‘Orca Watch’ Series

Path Traversal in Rancher Local Path Provisioner Enables Host Filesystem Compromise Across K3s Clusters

Introduction A critical vulnerability (CVE-2025-62878, CVSS 10.0) was disclosed on February 4, 2026 affecting all versions of Rancher's Local Path...

Igor Stepansky

Feb 10, 2026

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Discovered Vulnerabilities

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Executive Summary The Orca Research Pod has uncovered multiple attack vectors in GitHub Codespaces that allow remote code execution (RCE)...

Roi Nisimi

Feb 04, 2026

Research

New Malware Approaches, Same Key Indicators

HackerBot-Claw: An AI-Assisted Campaign Targeting GitHub Actions Pipelines

Post-Exploitation at Scale: The Rise of AILM

Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

Critical CVE-2026-1731 Vulnerability in BeyondTrust Remote Support and PRA Exposes Systems to Remote Code Execution

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

Path Traversal in Rancher Local Path Provisioner Enables Host Filesystem Compromise Across K3s Clusters

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons