SentinelOne Blog

On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-controlled infrastructure. The attack ran for approximately 19 hours. Users who navigated directly to the official site received a legitimate, properly […]

FBI disrupts GRU router hijacking operation, ClickFix sidesteps Apple's Terminal mitigation, and Iranian actors exploit PLCs across U.S. infrastructure.

Edge devices are prime targets — learn how attackers exploit the perimeter to gain access, persist, and pivot to identity.

SentinelOne stops LiteLLM supply chain attack in real time, attackers weaponize Axios to deploy RAT, and Chrome zero-day enables RCE.

Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.

Identity attacks are rising as trust expands — learn how to detect misuse, close gaps, and defend beyond authentication.

Our new blog post explores the ‘cognitive rust belt’ — how AI friction masks skill loss and why organizations must act now.

Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.

Alleged RedLine operator faces 30 years, FAUX#ELEVATE compromises enterprises in 30 seconds, and TeamPCP launches cascading supply chain attacks.

Interpol disrupts cybercrime networks, DarkSword steals iOS personal data, and Interlock exploits Cisco 0-day to breach enterprise firewalls.

Ransomware negotiator charged with aiding BlackCat, actors exploit FortiGate firewalls to breach networks, and Iran hacktivists wipe Stryker systems.

FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.

Authorities seize Tycoon2FA & LeakBase, researchers expose Coruna iOS exploits, and hacktivists launch DDoS attacks after U.S.-Israel strikes.

Iran-linked cyber activity may surge after strikes, targeting US and Israeli sectors; SentinelOne provides intel and urges vigilance.

Authorities convict malicious insider, MuddyWater spreads malware in MENA, and Cisco SD-WAN flaw exposes critical networks to attackers.

SentinelOne secures human and non-human identities with continuous behavioral validation across AI, browsers, and endpoints.

Authorities arrest hundreds of financial scammers, threat actors target Iran protest supporters, and infostealers exfiltrate OpenClaw secrets.

Prompt Security from SentinelOne turns hidden agent activity into clear, actionable governance intelligence with the release of OneClaw.

SentinelOne secures AI from infrastructure to agents, delivering visibility, governance, and control at scale.

Authorities crack down on global cyber scams, state-backed APTs weaponize Gemini AI for attacks, and PRC-based UNC3886 targets major telcoms.