-
Caduceus Security Group | Intelligence Briefing The recent wave of exfiltrations attributed to the ShinyHunters threat collective is being reported as a standard data breach story. It is not. It is an infrastructure story — and the distinction matters enormously for how organizations respond, investigate, and ultimately defend themselves. With over 38 million records exposed…
-
Leona Songkeeper | Caduceus Security Group There is a question every cybersecurity firm’s website fails to ask. Not “what do you need?” Not “how can we help?” The question that matters — the one that determines whether the visitor who just landed on your homepage is about to find something genuinely useful or is about…
-
The Handala attack on Stryker didn’t require malware. It required access. That distinction changes everything. By Oriana Takeda | Caduceus Security Group Research On March 11, 2026, an Iran-linked hacktivist group known as Handala compromised a Microsoft administrator account at Stryker Corporation — one of the world’s largest medical technology manufacturers, with 56,000 employees and…
-
On why the most dangerous vulnerability in your environment isn’t a CVE — it’s a credential. By Leona Songkeeper | Caduceus Security Group Research We talk about supply chains in the context of software dependencies, third-party vendors, and compromised update mechanisms. SolarWinds taught us that. Log4j reinforced it. But there is another supply chain operating…
-
This vulnerability lands at a moment when identity‑layer attacks are accelerating across hybrid enterprises, making management‑plane weaknesses disproportionately dangerous. By Nova Calder – Strategic Analyst, Caduceus Security Group Microsoft’s February disclosure of CVE‑2026‑26119 – a high‑severity authentication flaw in Windows Admin Center (WAC) – is more than another Patch Tuesday footnote. It’s a reminder of…
-
Our take on the latest Patch Tuesday notes By: Zima Korolev | Caduceus Security Group Architecture The February 2026 Patch Tuesday cycle is not a routine update; it is a signal of shifting infrastructure priorities. For defenders managing hybrid environments, the focus this month must move beyond the endpoint and into the core of the…
-
“Time is your greatest enemy” – Top Gun: Maverick By Aeris Virelai | Caduceus Security Group Research In the world of Cloud DFIR, we often talk about “dwell time” in terms of days or weeks. But a recent report from the Sysdig Threat Research Team (TRT) has just reset the clock for everyone. On November…
-
Introduction For the last few years, security teams have been told to “trust but verify” large language models (LLMs) that they couldn’t meaningfully inspect. We’ve had prompt logs, guardrails, model cards, and red‑team reports; but very little visibility into how these systems actually make decisions internally. From a defender’s perspective, most models have been a…
-
“Sanare, Protegere, Restituere.”“To heal, to protect, to restore.” We chose the name Caduceus and this motto to reflect our values and our mission. To us, “Blue Team” isn’t just a phrase or a role; it’s what motivates us. Being on the Blue Team may not be as glamorous as its Red Team counterparts, but we’re…