16 December, 2025

Will 2026 Be the Year of Agentic AI and Automated Attacks?

Agentic Insider Threats Useful production AI implementations are still far from everywhere, but...

Candid Wüest

• 6 min read

12 December, 2025

New Phishing Wave Exploits Google's Application Integration Service

Attackers are abusing Google's Application Integration service to send phishing emails from...

Threat Analysis team

• 2 min read

10 December, 2025

Yutani Loop: Building an Agentic Malware PoC to Understand Tomorrow's Threats

This post accompanies one of our talks at Black Hat Europe 2025. For broader context on AI-powered...

Candid Wüest

• 3 min read

10 December, 2025

From Vibe Hacking to Agentic Threats: The Truth About AI Malware

This post is based on a talk by our resident researcher Candid Wüest at Black Hat Europe 2025....

Candid Wüest

• 7 min read

3 December, 2025

Man-in-the-Middle Attack Prevention Strategies for Financial Institutions

A man-in-the-middle (MITM) attack happens when a bad actor intercepts traffic as it’s transmitted...

xorlab team

• 4 min read

16 August, 2025

It's cyber week in Las Vegas: Impressions from Black Hat, BSidesLV, and DEF CON

Earlier this month, Las Vegas was once again flooded with thousands of cybersecurity enthusiasts in...

Candid Wüest

• 3 min read

14 August, 2025

CVE-2025-8088: How xorlab stops this WinRAR zero-day before it hits the inbox

CVE-2025-8088 is a newly disclosed zero-day vulnerability in WinRAR’s file parsing logic that...

Threat Analysis team

• 2 min read