3 articles
Background In late 2025, the ransomware group known as “BlackHawk” deployed a novel EDR‑killer that combined two tactics: (1) exploitation of CVE‑2026‑48689—a newly disclosed vulnerability in Windows kernel memory management—to inject a malicious driver into the system, and (2) use of the legitimate Microsoft “Windows
Edgerunner
9 min read
Background The threat landscape around WordPress plugin authentication has shifted from opportunistic exploits to coordinated supply chain compromises. On April 7, 2026, WordPress.org permanently closed thirty-one plugins from the Essential Plugin portfolio after discovering a PHP deserialization backdoor planted eight months earlier. The attacker, identified as an individual with
Edgerunner
3 min read
The Stryker attack underscores wiper malware's resurgence in 2026. Hacktivist tactics mimic nation-state actors, raising concerns about the evolving threat landscape.
Edgerunner
2 min read
