Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

Beyond the Hype: Moltbot’s Real Risk Is Exposed Infrastructure, Not AI Superintelligence

February 9, 2026

Beyond the Hype: Moltbot’s Real Risk Is Exposed Infrastructure, Not AI Superintelligence
While the world debates Moltbook’s role in the AI ecosystem, it is just the tip of the iceberg of Titanic risk. SecurityScorecard’s STRIKE team uncovered what lurks beneath: Thousands of exposed OpenClaw (Moltbot) control panels vulnerable to takeover through misconfigured access and known exploits.
STRIKE Team
What Are Moltbot and Moltbook and What Happens When Agentic AI Assistants Scale Without Security

February 3, 2026

What Are Moltbot and Moltbook and What Happens When Agentic AI Assistants Scale Without Security
Moltbot AI assistants and their social media platform Moltbook have sparked AGI fears in recent days, but the real risk is access. Learn what Moltbook and Moltbot are (now OpenClaw and formerly known as Clawdbot), why it’s not artificial general intelligence (AGI), and how to reduce security exposure.
The Quiet Siege II

January 23, 2026

The Quiet Siege II
Explore a fictional depiction of a DDoS attack in The Quiet Siege Part II: Life, Interrupted. The scenario described does not represent a real attack, organization, or incident.
The Quiet Siege I

January 23, 2026

The Quiet Siege I
Explore a fictional depiction of a DDoS attack. The scenario described does not represent a real attack, organization, or incident.
Latin America as a Proving Ground: Cybercriminal Innovation and Escalation

January 23, 2026

Latin America as a Proving Ground: Cybercriminal Innovation and Escalation
The Conti ransomware group, active since late 2019, quickly became one of the most aggressive forces in the world of cybercrime. Known for “big game hunting” and its double-extortion model: stealing data before encrypting systems, Conti targeted major institutions in healthcare, education, and infrastructure.
Operation WrtHug Exposed: The Router Hack You Need to Know

December 10, 2025

Operation WrtHug Exposed: The Router Hack You Need to Know
SecurityScorecard STRIKE threat intelligence researchers uncovered a suspected China-backed campaign by chasing an extremely unusual 100‑year certificate that kept appearing on routers. Here is how the research team hunted the signal, what they found, and the practical steps security teams can take to protect themselves.
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router

November 19, 2025

Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
SecurityScorecard’s STRIKE team uncovers how attackers turned thousands of ASUS routers into a worldwide spy network.
STRIKE Team
When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise

September 10, 2025

When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise
The STRIKE team has been analyzing the Salesloft Drift breach that spread into Salesforce environments. Discover what the breach tells us about supply chain security, how attackers abused OAuth tokens, what data is exposed, and defensive actions to take next.
STRIKE Team
From the Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War

August 5, 2025

From the Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War
From reconnaissance to propaganda to payloads, this is how Iran’s digital foot soldiers mobilized across borders and platforms during the war with Israel in June 2025.
STRIKE Team
9 Year Old Vulnerability Still Affecting Thousands (CVE-2016-10033)

July 7, 2025

9 Year Old Vulnerability Still Affecting Thousands (CVE-2016-10033)
On July 07, 2025, CVE-2016-10033 was added to CISA’s list of Known Exploited Vulnerabilities (CISA-KEV).
STRIKE Alert
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign

June 23, 2025

Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.
STRIKE Team
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433) Added to CISA KEV

June 10, 2025

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433) Added to CISA KEV
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433)
STRIKE Alert
SecurityScorecard Advisory: Synacor Zimbra Collaboration Suite XSS Vulnerability (CVE-2024-27443) Added to CISA KEV

May 20, 2025

SecurityScorecard Advisory: Synacor Zimbra Collaboration Suite XSS Vulnerability (CVE-2024-27443) Added to CISA KEV
SecurityScorecard Advisory: Synacor Zimbra Collaboration Suite XSS Vulnerability (CVE-2024-27443)
STRIKE Alert
SecurityScorecard Advisory: Apache HTTP Server Improper Escaping of Output Vulnerability (CVE-2024-38475) Added to CISA KEV

May 6, 2025

SecurityScorecard Advisory: Apache HTTP Server Improper Escaping of Output Vulnerability (CVE-2024-38475) Added to CISA KEV
SecurityScorecard Advisory: Apache HTTP Server Improper Escaping of Output Vulnerability (CVE-2024-38475) \r\n
STRIKE Alert
SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV

April 7, 2025

SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV
SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590)
STRIKE Alert