Research, insights, and updates from the isMalicious team.

The PeopleSoft CVE-2026-35273 exploitation reports show how vulnerability response, ransomware intelligence, IP enrichment, and incident response must work together.

Les vulnérabilités exploitées activement ne doivent pas rester dans le backlog standard. KEV et GCVE aident à distinguer la dette technique du risque immédiat.

Les CVE ne sont pas seulement un sujet patch management : elles structurent la priorisation SOC, le threat hunting, les contrôles compensatoires et la communication de crise.

Understand how CVEs are born—from initial vulnerability discovery through CNA assignment, coordinated disclosure, and publication—plus how this pipeline shapes defender priorities and SEO-visible vulnerability data.

A practical guide to the CVE ecosystem, CVSS scoring, exploitability signals, and how security teams prioritize vulnerabilities without drowning in scanner noise.

Master the Common Vulnerability Scoring System v4.0 with a practical breakdown of base, threat, environmental, and supplemental metrics—and learn how to translate CVSS into real-world risk decisions.

Often confused, these two security practices serve very different purposes. Discover when to use automated scanning and when to invest in a manual penetration test.

Zero-day vulnerabilities pose one of the greatest cybersecurity challenges. Learn how to detect exploitation attempts, respond effectively, and leverage threat intelligence to protect your organization from unknown threats.
Our blog features in-depth analysis from our threat research team. Each article is backed by real data from our analysis of millions of malicious domains, IPs, and URLs across the global threat landscape. Topics include ransomware campaigns, phishing techniques, malware distribution networks, and emerging threat trends. We publish actionable intelligence that security teams can immediately use to improve their defenses.
Beyond threat analysis, we share practical guidance for security practitioners. Our tutorials cover API integration, SIEM configuration, threat hunting techniques, and building effective threat intelligence programs. Whether you're a SOC analyst, security engineer, or CISO, you'll find content tailored to your role and experience level.
The threat landscape evolves constantly. Our blog keeps you informed about the latest attack techniques, newly discovered vulnerabilities, and emerging threat actors. Subscribe to our newsletter for weekly digests of the most important developments in cybersecurity.
Weekly threat intelligence insights delivered to your inbox.