The Good, the Bad and the Ugly in Cybersecurity – Week 21
Cops seize First VPN and share intel on users, Reaper spoofs multiple brands to infect Macs, and two Microsoft Defender zero-days exploited in the wild.
SentinelOne Blog
20 articles
Sentinels League 2026: Live Rankings for the Threat Hunting World Championship
Sentinels League 2026 brings global threat hunters together to battle across AI, Endpoint, Cloud, and SIEM surfaces for $100K in prizes and more.
Sentinels League 2026: Live Rankings for the Threat Hunting World Championship
Sentinels League 2026 brings global threat hunters together to battle across AI, Endpoint, Cloud, and SIEM surfaces for $100K in prizes and more.
Turn Blind Trust into Verified Control with Prompt Security for Agentic AI
Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
SHub Reaper bypasses Apple's Terminal mitigation, steals credentials and documents, and plants a persistent backdoor for continued access after infection.
Breaking the Black Box: A Case Study in Red-Teaming a Government Education AI
In a new red-teaming exercise, social engineering moved to advanced tunneling attacks, revealing a critical lesson in today's AI security.
Living Off the Pipeline: Defending Against CI/CD Subversion
Learn how adversaries weaponize CI/CD pipelines and how continuous behavioral monitoring helps protect against software supply chain attacks.
The Good, the Bad and the Ugly in Cybersecurity – Week 20
Police dismantle dark web markets, threat actors weaponize AI for zero-day exploits, and ShinyHunters extorts an edutech giant via XSS flaws.
The Convergence of Cloud Secrets & AI Risk
SentinelOne’s latest report examines the evolving 'secrets' threatscape, showing how modern cloud and AI infrastructures are being exploited.
The Good, the Bad and the Ugly in Cybersecurity – Week 19
Karakurt and DPRK facilitators sentenced, PCPJack worm steals cloud credentials while evicting rivals, and attackers exploit an unpatched PAN-OS zero-day.
Hypersonic Supply Chain Attacks: One Solution That Didn’t Need to Know the Payload
Learn how SentinelOne has stopped three recent zero-day supply chain attacks with AI-driven defense built for machine-speed threats.
Automation at Machine Speed: Rethinking Execution in Modern Cybersecurity
Machine-speed threats demand machine-speed defense—see how AI and automation cut dwell time and outpace attackers.
Frontier AI Reinforces the Future of Modern Cyber Defense
As OpenAI and Anthropic advance frontier AI, SentinelOne delivers AI-native, machine-speed cyber defense at global scale.
Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack
On April 9, 2026, cpuid.com was actively serving malware through its own official download button.
Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions
Edge devices are prime targets — learn how attackers exploit the perimeter to gain access, persist, and pivot to identity.
Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously
Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.
The Identity Paradox: The Hidden Risks in Your Valid Credentials
Identity attacks are rising as trust expands — learn how to detect misuse, close gaps, and defend beyond authentication.
The Implementation Blind Spot | Why Organizations Are Confusing Temporary Friction with Permanent Safety
Our new blog post explores the ‘cognitive rust belt’ — how AI friction masks skill loss and why organizations must act now.
How SentinelOne’s AI EDR Autonomously Discovered and Stopped Anthropic’s Claude from Executing a Zero Day Supply Chain Attack, Globally
Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.
FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise
FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.