Going to be spinning up a little series of posts with some Blue Team specific Claude tips - follow along with #ClaudeForBlueTeam First tip - ATT&CK can be downloaded as a JSON file, which Claude loves to work with. Remember, ATT&CK has a Data Source component - use Claude to

Criminals hijack thousands of devices to create never-before-seen cyber weapon the-independent.com/tech/security/…

Cracked a YARA for all LATAM fincrime threats! rule Delphi_usage_Straight_to_Jail { meta: acc="99.9%" strings: $d1 = "DVCLAL" $v1 = "TForm" $v2 = "TDataModule" $v3 = "TEdit" condition: uint16(0)==0x5A4D and 3 of them } // #100DaysOfYara

someone just open-sourced a tool that converts pdfs to markdown at 100 pages per second. 100% free. runs entirely on cpu. no expensive gpus needed.

Inside the Infostealer Economy: Credential Threats in 2025 recordedfuture.com/blog/identity-…

this new feature in Kagi, which converts English into LinkedIn Speak, works like a charm translate.kagi.com/?from=en&to=li…

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

The new security frontier for LLMs; SIEM evasion blog.vulnetic.ai/the-new-securi…

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure - securityaffairs.com/189585/securit… #securityaffairs #hacking #China

New blog post: Building a Pipeline for Agentic Malware Analysis Agentic RE + malware analysis with custom skills, MCP tooling, and persistent case state to automate intial triage Link: synthesis.to/2026/03/18/age… Github: github.com/mrphrazer/agen…

New Blog! The Beast Returns: Analysis of a Beast Ransomware Server 👹 In March 2026, @TeamCymru detected a Beast operator’s server that enabled us to understand the flow of their attacks from start, to middle, to the end, including ransomware binaries. team-cymru.com/post/beast-ran…

C'est une petite révolution pour les utilisateurs de Firefox : le navigateur va bientôt inclure un VPN gratuit sans aucun abonnement requis 👉 l.numerama.com/m8v

🛡️Vers une nation cyber-résiliente 📅 L'ANSSI rassemblait hier l'écosystème cyber pour lancer la dynamique de sécurisation induite par NIS 2. ⚙️Le Référentiel Cyber France (ReCyF) ainsi que des ressources et outils concrets ont été dévoilés. + d'infos : cyber.gouv.fr/actualites/nis…

This one is important, folks: Make sure that *all* of your API requests to urlscan.io are using authentication starting May 4th, otherwise your stuff *will* break: urlscan.io/blog/2026/03/1…

ledieu-avocats.fr/anssi-projet-d…

extrahop.com/blog/chaos-in-…

linkedin.com/redir/redirect…

#ESETresearch analyzed more than 80 EDR killers, seen across real-world intrusions, and used ESET telemetry to document how these tools operate, who uses them, and how they evolve beyond simple driver abuse. welivesecurity.com/en/eset-resear… 1/6

How many sign-in logging bypasses can Azure Entra ID contain? At least 4.

clubic.com/actualite-6047…