ExtraHop

This retailer was stuck with core security challenges like… ❌👁️ Lack of real-time visibility 💸 Reactive and costly troubleshooting processes 🧩A fragmented forensic process Then ExtraHop changed the game: https://xtra.li/4vNqQOS

Once attackers get by endpoint defenses, they’re free to extend dwell time and cause chaos. Just look at what happened in the Change Healthcare attack. Using stolen credentials, ALPHV/BlackCat hung around the network for nine days, resulting in the exfiltration of 6TB of data and a $22 million ransom payment: https://xtra.li/40PbStL

⚠️ IN THE HEADLINES: A sophisticated new campaign is tricking users into pasting malicious code to deploy MIMICRAT -- a RAT built for long-term espionage. MIMICRAT is built to evade detection by blending its Command and Control (C2) traffic with normal web activity and disabling EDR logging. With endpoint visibility actively compromised by the malware, defenders need network-level telemetry to keep an eye out for: → Disguised HTTP/S traffic → Domain fronting → Anomalous internal-to-external proxy activity More details here: https://xtra.li/3ORw5wj

Traditional AI metrics prioritize output speed and volume. But neither helps security teams understand what AI will do and whether its decision integrity will be up to par when real threats come knocking. Chief Scientist and Co-Founder Raja Mukerji shares where security teams should be looking instead: https://xtra.li/4tCVdph

A "by design" flaw in the Anthropic Model Context Protocol (MCP) allows attackers to weaponize normal AI workflows. The core issue? The protocol... ⚠️ Executes commands before validating if they are legitimate. ⚠️ Bypasses EDR and firewalls by hiding in uninspected east-west AI traffic. ⚠️ Weaponizes normal workflows to quietly exfiltrate sensitive data. Stop relying on signature-based rules. Learn the how you can better secure your agentic future: https://xtra.li/3P6j4PG

Between June and December 2025, the Lotus Blossom threat group took control of Notepad++’s update infrastructure. The resulting supply chain hijack compromised major players in the public sector, telecommunications, and aviation across the globe. The lynchpin of the attack? The Chrysalis Backdoor: https://xtra.li/3QrH940

🛰️ Before ExtraHop, this aerospace leader was facing a real "Houston, we have a problem" moment: visibility gaps and high labor costs from manual forensics hindered both the security and performance of its mission-critical systems. Now, thanks to automated telemetry analysis and real-time monitoring from ExtraHop, their network stability and security are truly out of this world. 🚀 https://xtra.li/3P0SLdH

Because legacy security tools operate in silos and only monitor surface-level activity, they create critical visibility gaps. Attackers are primed to take advantage of this disconnect to move laterally with ease: https://xtra.li/4vEgH7n

In six years, CL-UNK-1068 has collected a who’s who of high-value victims across aviation, government, telecommunications, and technology sectors in South and Southeast Asia. Their primary objective? Establishing an easy access point to the region’s most critical systems through deep-rooted persistence. See how CL-UNK-1068 get it done: https://xtra.li/411Nsx8

150GB of Mexican taxpayer, voter, and civil registry data – exposed in just two months. The catalyst? AI-driven cyberattacks: https://xtra.li/40yO1OM