blogs

Insights at Cloud Speed

How threat actors are using self-hosted GitHub Actions runners as backdoors

Alberto Pellitteri
|
January 13, 2026
How threat actors are using self-hosted GitHub Actions runners as backdoors

EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2

Sysdig Threat Research Team
|
December 16, 2025
EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2

Introducing runtime file integrity monitoring and response with Sysdig FIM

Paolo Polidori
|
December 16, 2025
Introducing runtime file integrity monitoring and response with Sysdig FIM

EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks

Sysdig Threat Research Team
|
December 8, 2025
EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks
join our newsletter

Stay up to date– subscribe to get blog updates now

Thank you!

We’ve received your submission and will be in touch soon.

SYSDIG FEATURES
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Protecting sensitive business data in preparation for the organization's Gen AI
January 21, 2026
Conor Sherman

Protecting sensitive business data in preparation for the organization's Gen AI

No items found.
Protecting sensitive business data in preparation for the organization's Gen AI
VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits
January 16, 2026
Sysdig Threat Research Team

VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits

Threat Research
VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits
AI is still a workload: A practical guide to securing AI workloads
January 14, 2026
Alejandro Villanueva

AI is still a workload: A practical guide to securing AI workloads

Cloud Security
AI is still a workload: A practical guide to securing AI workloads
How threat actors are using self-hosted GitHub Actions runners as backdoors
January 13, 2026
Alberto Pellitteri

How threat actors are using self-hosted GitHub Actions runners as backdoors

Threat Research
How threat actors are using self-hosted GitHub Actions runners as backdoors
How Sysdig Sage delivers AI-powered, real-world vulnerability management
January 7, 2026
Matt Kim

How Sysdig Sage delivers AI-powered, real-world vulnerability management

No items found.
How Sysdig Sage delivers AI-powered, real-world vulnerability management
Security briefing: December 2025
January 6, 2026
Crystal Morin

Security briefing: December 2025

Threat Research
Security briefing: December 2025

Like what you see?

GET A DEMO