SURIQBrowse
Topics
Every topic we cover, from ransomware and edge security to supply-chain attacks and AI security. Pick one to see the latest research and news.
Detection & threat hunting 11 posts Detection engineering, threat hunting, and the SIEM and endpoint signals that catch attacks the network can't see. AI & LLM security 8 posts Security of AI systems: agent and large-language-model vulnerabilities, prompt injection, model supply chain, and Model Context Protocol (MCP) tooling. Malware & C2 8 posts Backdoors, web shells, rootkits, loaders, and the command-and-control tradecraft behind active intrusions. Remote code execution 7 posts The most dangerous class of bug: flaws that let an attacker run their own code on your systems, often with no login required. Active exploitation 6 posts Vulnerabilities under attack right now: CISA KEV additions, in-the-wild exploitation, and what to patch first. Edge & VPN security 6 posts Vulnerabilities in the internet-facing gear attackers hit first: firewalls, VPNs, and load balancers from Fortinet, Citrix, Ivanti, Palo Alto, and more. Privilege escalation 6 posts Flaws that let an attacker gain admin, root, or kernel-level control from a lesser foothold. Data breaches 5 posts Confirmed breaches and large-scale data theft: what was taken, how it happened, and what exposed organizations should do next. Ransomware 5 posts Ransomware attacks, extortion crews, and the intrusions that end in encryption. What happened, who is behind it, and how to cut off the path before the payload runs. Supply-chain attacks 5 posts Compromised packages, poisoned updates, and vendor integrations turned hostile across the software and SaaS supply chain. WordPress security 5 posts Core and plugin vulnerabilities, backdoors, and account-takeover flaws across WordPress, the web's most-deployed CMS, plus the patches that actually matter. Patch management 4 posts Patch Tuesday roundups, update guidance, and the operational reality of keeping fleets current. Vulnerable drivers (BYOVD) 4 posts Bring-your-own-vulnerable-driver attacks that load a signed but flawed driver to disable endpoint defenses from the kernel. Takedowns & law enforcement 3 posts Botnet disruptions, infrastructure seizures, and coordinated law-enforcement operations against cybercrime. OAuth & SaaS tokens 2 posts OAuth token abuse, connected-app compromise, and the identity layer behind SaaS integrations. Zero-days 2 posts Previously unknown vulnerabilities exploited or disclosed before a patch existed.
Ready to meet the Guardians?
Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.