SentinelOne Blog

BlackCat insider faces 20 years, China-linked actors hide attacks via hijacked home routers, and ShadowBrokers leak links to pre-Stuxnet sabotage framework.

Learn how SentinelOne has stopped three recent zero-day supply chain attacks with AI-driven defense built for machine-speed threats.

Machine-speed threats demand machine-speed defense—see how AI and automation cut dwell time and outpace attackers.

Authorities take down W3LL phishing ring, AgingFly malware steals Ukrainian government data, and actors exploit Nginx flaw to hijack servers.

As OpenAI and Anthropic advance frontier AI, SentinelOne delivers AI-native, machine-speed cyber defense at global scale.

On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-controlled infrastructure. The attack ran for approximately 19 hours. Users who navigated directly to the official site received a legitimate, properly […]

FBI disrupts GRU router hijacking operation, ClickFix sidesteps Apple's Terminal mitigation, and Iranian actors exploit PLCs across U.S. infrastructure.

Edge devices are prime targets — learn how attackers exploit the perimeter to gain access, persist, and pivot to identity.

SentinelOne stops LiteLLM supply chain attack in real time, attackers weaponize Axios to deploy RAT, and Chrome zero-day enables RCE.

Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.

Identity attacks are rising as trust expands — learn how to detect misuse, close gaps, and defend beyond authentication.

Our new blog post explores the ‘cognitive rust belt’ — how AI friction masks skill loss and why organizations must act now.

Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.

Alleged RedLine operator faces 30 years, FAUX#ELEVATE compromises enterprises in 30 seconds, and TeamPCP launches cascading supply chain attacks.

Interpol disrupts cybercrime networks, DarkSword steals iOS personal data, and Interlock exploits Cisco 0-day to breach enterprise firewalls.

Ransomware negotiator charged with aiding BlackCat, actors exploit FortiGate firewalls to breach networks, and Iran hacktivists wipe Stryker systems.

FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.

Authorities seize Tycoon2FA & LeakBase, researchers expose Coruna iOS exploits, and hacktivists launch DDoS attacks after U.S.-Israel strikes.

Iran-linked cyber activity may surge after strikes, targeting US and Israeli sectors; SentinelOne provides intel and urges vigilance.

Authorities convict malicious insider, MuddyWater spreads malware in MENA, and Cisco SD-WAN flaw exposes critical networks to attackers.