Resources

Threat intelligence, case studies, and security research from the Intruex team.

Featured Article

AI-enabled attacks surged 89% year-over-year, and nearly a third of CVEs are exploited within 24 hours of disclosure. The gap between attacker speed and investigation speed is where breaches live.

89%
YoY Surge in AI-Enabled Attacks
28.3%
CVEs Exploited Within 24 Hours
170+
npm Packages Hit by Shai-Hulud
11,000
Daily Alerts vs Human Triage

When Exploits Arrive Before Patches: The AI-Enabled Attack Surge

AI-enabled adversary activity surged 89% year-over-year per CrowdStrike’s 2026 Global Threat Report, and Mandiant reports 28.3% of CVEs are exploited within 24 hours of disclosure. From deepfake help-desk attacks to self-propagating npm worms — how AI is compressing attacker timelines beyond what human-speed investigation can match.

Jul 2026 · 9 min read Read Article
Article

Talking Through the Walls: DragonForce Teams C2

DragonForce built the first malware using Microsoft Teams TURN relay for command-and-control. Why the C2 channel passes network inspection — and why cross-telemetry correlation is the only way to catch it.

Jul 2026 · 8 min read Read Article
Article

Living in the Walls: Volt Typhoon and Salt Typhoon

Two Chinese state-sponsored campaigns with five-year dwell times inside US critical infrastructure and every major US telecom. The alerts fired — the investigation didn’t happen.

Apr 2026 · 12 min read Read Article
Article

The 2026 Ransomware Surge

Ransomware operators are shutting down trauma centers, paralyzing city governments, and disrupting medical device supply chains. An analysis of four early-2026 attacks and why traditional SOC models can’t contain them before detonation.

Apr 2026 · 10 min read Read Article
Article

SIEM vs SOAR vs XDR vs AI SOC

What each security operations technology actually does, where they overlap, and how to choose the right combination for your organization.

2026 · 12 min read Read Article
Article

How One Hacker Used AI to Breach an Entire Government

A single attacker used a $20/month AI subscription to breach 9 government agencies and exfiltrate 150GB of sensitive data. We break down every phase and show where AI-powered SOC detection would have intervened.

Feb 2026 · 12 min read Read Article
Article

How Attack Narrative Correlation Works

Learn how Intruex automatically correlates related security alerts into unified attack campaigns, maps them to MITRE ATT&CK kill chain phases, and generates analyst-ready narratives.

2025 · 8 min read Read Article
Article

The AI SOC Buyer's Guide

What to look for when evaluating AI-powered SOC platforms. Covers agent architecture, deployment flexibility, compliance mapping, and the difference between AI-assisted and AI-autonomous operations.

2025 · 10 min read Read Article
Article

Air-Gapped AI: Securing Classified Environments

How Intruex delivers the same AI-powered security operations in fully disconnected networks using self-hosted LLMs and local inference — no cloud dependency required.

2025 · 7 min read Read Article

See Intruex in Action

Want to see how AI-powered SOC operations detect threats that traditional tools miss? Let's talk.