Search for a command to run...
Series
Defense isn't passive. It's a fight.
Content Delivery Networks (CDNs) like jsDelivr, Webflow CDN, CloudFront, and Google APIs are trusted internet infrastructure – and attackers are abusing that trust. By hosting malicious pages and payloads on CDN domains, adversaries exploit the domai...
Alert Overview On May 8, 2025, analysts at the FPT SOC identified a cluster of outbound HTTP requests from several internal endpoints targeting the domain cdn.jsdelivrs[.]com. This domain, which resolves to IP 91.195.240.12, is registered under AS478...
![Threat Analysis: Investigating Suspicious Outbound Connections to cdn.jsdelivrs[.]com (Adware or Supply Chain Foothold?)](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1753931320526%2F96970cc3-2372-4aa3-a7ef-79db43716d51.png&w=3840&q=75)
Introduction Modern security operations rely on automated alerting to detect reconnaissance activities within enterprise networks. However, when certain alerts trigger frequently, distinguishing between benign system behavior and true security threat...
Introduction As cyber threats evolve, the ability to detect and respond to adversarial activity effectively depends on well-structured and frequently updated detection rules. The MITRE ATT&CK® framework provides a standardized way to classify adversa...
