The world’s first Dynamic Threat Detection Platform
Learn about MixMode’s Dynamic Threat Detection Solutions
MixMode’s use cases for your cyber initiatives
How customers in different industries utilize MixMode
The Cookie-Bite attack is an advanced evolution of Pass-the-Cookie exploits. This tactic bypasses Multi-Factor Authentication (MFA) by leveraging stolen authentication cookies—such as Azure Entra ID’s ESTSAUTH and ESTSAUTHPERSISTENT—to impersonate users.
Understanding the Cookie-Bite MFA Bypass Risk Read More →
SAP systems are the backbone of enterprise finance—and they’re under attack. As economic pressures rise, so do attempts to exploit financial platforms. From insider threats to ransomware and zero-day vulnerabilities, SAP’s critical role in handling billions of dollars daily makes it a high-value target. The recent disclosure of CVE-2025-31324, a critical zero-day in SAP NetWeaver (CVSS 10.0), exposed just
Safeguarding SAP Systems Amid Rising Financial Fraud and Economic Stress Read More →
China’s state-sponsored cyber operations, driven by groups like Volt Typhoon, Salt Typhoon, Brass Typhoon, and APT41, and amplified by techniques like Fast Flux DNS, are not chasing Hollywood apocalypse—they’re seizing America’s networks, turning our infrastructure into a weapon against us.
WarGames – it’s not 1983 anymore Read More →
The 2025 PyPI supply chain attack is a stark reminder of just how vulnerable cloud ecosystems remain to sophisticated, stealthy, and evolving threats.
Why the 2025 PyPI Attack Signals a New Era in Cloud Risk Read More →
Recently, Palo Alto Networks identified and patched a critical zero-day vulnerability in their next-generation firewalls (NGFWs). This vulnerability, tracked as CVE-2024-0012, allowed attackers to execute code on vulnerable devices remotely. This vulnerability has been actively exploited in attacks dubbed “Operation Lunar Peek.”
A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones.
Alarming Intrusion: Chinese Government Hackers Target US Internet Providers Read More →
A severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. This security flaw in the Windows MSHTML Platform allows remote code execution, potentially compromising numerous organizations worldwide.
Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year Read More →
Summertime isn’t just for vacations and barbecues—it’s also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting previously unknown vulnerabilities in software, are a significant concern for national security and cybersecurity professionals.
Nation-States and Zero-days Cranking Up the Heat Read More →
Zero-day threats continue to wreak havoc on organizations worldwide, with recent attacks targeting corporate and government networks. In the last few weeks, government-sponsored threat actors have targeted Palo Alto Networks and Cisco ASA (Adaptive Security Appliance).
Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack Read More →
There’s bad news and not-so-bad news in the world of cybersecurity. In a recent report, Google revealed a significant rise in zero-day attacks, those exploiting previously unknown software vulnerabilities. However, despite the increase, there’s a silver lining.
Zero-Day Attacks on the Rise: Google Reports 50% Increase in 2023 Read More →
As cyber threats grow more sophisticated, organizations are starting to turn to artificial intelligence (AI) to reinforce their security operations. But how widespread is the adoption of AI, and how effectively is it being leveraged?
The Current State of SOC Operations Shows The Escalating Need for AI in Cybersecurity Read More →
Hackathon events like Pwn2Own Automotive 2024 play a crucial role in shedding light on zero-day attacks and significantly benefit security teams in several ways. These events bring together talented security researchers, ethical hackers, and industry professionals to uncover and demonstrate vulnerabilities in automotive technologies, including zero-day exploits.
Driving Towards Zero-Days: Hackers Take Turns Uncovering Exploits at Pwn20wn Read More →
“Zero-day Summer” refers to the period during summertime when cybercriminals take advantage of the vulnerabilities in software, applications, and computer systems that remain undetected and unpatched by security teams.
Zero Day Summer is No Vacation Read More →
We discuss a real-life example of a zero-day exploit, focusing on the MOVEit Transfer Software, and how MixMode can detect and mitigate such threats before they become widespread.
Detecting the MOVEit Zero-Day: How MixMode AI Stays Ahead of Threats Read More →
Zero-day attacks are considered the number one cybersecurity threat to company networks large and small. Understand what they are, why it’s so hard to detect them, and how artificial intelligence (AI) is helping to solve this modern problem.
A Proven Strategy For Defending Against Zero-Day Exploits And Attacks — Updated for 2023 Read More →
Hosted by Mark Ehr, Senior Consulting Analyst for 451 Research Advisors and Igor Mezic, Chief Scientist and CTO for MixMode on Tuesday, November 1st at 1pm EST / 10am PST, they will discuss why security analytics needs to include advanced Third-Wave AI, which autonomously learns normal behavior and adapts to constantly changing network environments, to address the next generation of cyberthreats and increase SOC productivity.
Webinar On Demand: Stopping Novel Attacks – Secure Your Business Against Unknown Threats Read More →
In the report, 451 Research explains why security analytics needs to include advanced Third-Wave AI, which autonomously learns normal behavior and adapts to constantly changing network environments, to address the next generation of cyberthreats and increase SOC productivity.
Of all the challenges facing the modern SOC, two stand out among the most persistent and difficult to overcome: an overwhelming volume of false positive alerts and an alarming escalation in zero-day and novel threats that are often imperceptible by legacy systems.
The number of zero-day exploit discoveries hit record numbers in 2021, according to Google Project Zero. Instances of “in-the-wild 0-days” were up nearly double versus 2020, when only 25 0-day exploits were detected. In 2021, the total was 58.
Zero-day Exploit Discoveries Hit Record Numbers in 2021 Read More →
Experts have warned that the Russia-Ukraine conflict poses an unprecedented cyber risk for U.S. organizations as well as State and local governments and municipalities.
Local U.S. Governments and Municipalities at Risk of Foreign Nation Cyber Attacks Read More →