On Tuesday, James Talarico, On Tuesday, James Talarico, a 36-year-old Presbyterian seminarian and state representative from Austin, Texas, defeated congresswoman Jasmine Crockett in what has become one of the most closely watched primary races so far this year.

While both candidates boast immense social media followings—Talarico with 1.6 million followers and Crockett with 2.6 million followers on TikTok—it wasn’t just the candidates who drove the conversation. It was the creators around them, who offer a preview of the digital fights to come throughout the midterms and, ultimately, the 2028 presidential race.

The Talarico and Crockett campaigns ran distinctly different digital strategies. Crockett has built her congressional brand on confrontation, going massively viral last year after calling out Marjorie Taylor Greene for having a “bleach-blonde, bad-built, butch body” and telling Elon Musk to “fuck off.” Talarico’s digital presence reads more like a populist sermon delivered over his own social media accounts. He’s carried these preachings to unconventional platforms, like the Joe Rogan Experience, that rewarded him with countless viral clips.

But for the most part, the incendiary aspects of the digital-focused campaigns came from outside the candidates. In January, the hosts of “Las Culturistas,” a pop-culture and comedy podcast, set off a firestorm of criticism after discouraging listeners from supporting Crockett in an episode of the show. “Don’t waste your money sending to Jasmine Crockett, do not do it,” Matt Rogers, one of the hosts said at the time. The show faced immediate backlash from members of its audience and Crockett backers, forcing them to apologize.

It was the first in a series of online spats that would reach a fever pitch in February, when a Dallas-based creator named Morgan Thompson claimed that Talarico called Colin Allred, a former House representative, a “mediocre Black man.” The video shared with her nearly 200,000 TikTok followers went viral, breaking out from pro-Crockett communities online and into the mainstream press. Responding to the allegation, the Talarico campaign called the comment a “mischaracterization” of an off-the-record conversation the candidate had with Thompson in which he called Allred’s method of campaigning “mediocre,” not the man himself.

“I would never attack him [Allred] on the basis of race,” Talarico said at the time. “As a Black man in America, Congressman Allred has had to work twice as hard to get where he is. I understand how my critiques of the Congressman’s campaign could be interpreted given this country’s painful legacy of racism, and I care deeply about the impact my words have on others.”

This episode illuminated a key question amongst strategists going into the heat of the 2026 midterms and the next presidential race: What role should creators play in campaigns? And how do you manage them? While working with creators has become commonplace in both Republican and Democratic campaigns, the relationships are often loosely defined and difficult to control.

“There are so many factors that the campaign staff themselves have to deal with and think about,” says Kyle Tharp, who writes the Chaotic Era newsletter that focuses on digital politics. “Do I put them in the press risers at the rally, or do I give them upfront VIP access? Do I give them a couple minutes with the candidate? Am I going to be screening their questions? Or do I just let them riff and hope for the best?”

President Donald Trump’s 2024 reelection campaign relied heavily on creators and podcasters to reach young, predominantly male voters. But many of those very same creators have turned against Trump over the last year. In the leadup to the 2024 election, Trump appeared on “Flagrant,” a popular podcast hosted by comedian Andrew Schulz. But Schulz’s support for Trump quickly evolved into ire. Last summer, Schulz took issue with the administration’s failure to release files related to Justice Department investigations into convicted sex offenderJeffrey Epstein. Since then, Schulz has repeatedly leveraged his platform to criticize the administration.

from the words-are-but-wind dept

We’ve noted repeatedly how Trump FCC boss Brendan Carr has been abusing the FCC’s “equal opportunity” (or “equal time”) rule to try and threaten daytime and late night talk shows with government retribution if they refuse to enthusiastically coddle Republicans.

Late night shows had historically been exempt from the dated rules, which required that any airing of a political candidate on “publicly owned” airwaves is countered with the appearance from a candidate from the opposing party. But Carr isn’t interested in equilibrium; he’s interested abusing FCC authority to try and silence critics of Donald Trump and his increasingly unpopular policies.

But folks have increasingly noted that Brendan Carr doesn’t appear to have any interest in enforcing the same standard on radio, where (especially on AM), listeners are constantly served up a lopsided dose of race-baiting agitprop pretending to be news. When he’s been asked about this inconsistency, Carr has been painfully and curiously vague:

“In a press conference after the FCC’s February 18 meeting, Deadline reporter Ted Johnson asked Carr why he has not expressed “the same concern about broadcast talk radio as broadcast TV talk shows.”

The Deadline reporter pointed out that “Sean Hannity’s show featured Ken Paxton in December.” Paxton, the Texas attorney general, is running for a US Senate seat in this year’s election. Carr claimed in response that TV broadcasters have been “misreading” FCC precedents while talk radio shows have not been.

Advertisement

“It appeared that programmers were either overreading or misreading some of the case law on the equal-time rule as it applies to broadcast TV,” Carr replied. “We haven’t seen the same issues on the radio side, but the equal-time rule is going to apply to broadcast across the board, and we’ll take a look at anything that arises at the end of the day.”

It’s of course far worse on the radio side, which has been utterly dominated by outright right wing propaganda since the early 90s. And he will, of course, not be “taking a look at anything that arises,” because, again, he’s not remotely interested in abusing this rule consistently because he’s an authoritarian hack.

Ars Technica spoke to Gigi Sohn, whose appointment to the FCC under Biden was, if you’ll recall, dismantled by a telecom and media company homophobic smear campaign:

“Carr’s claim that TV but not radio broadcasters have misread FCC precedents is “a bunch of nonsense,” said Gigi Sohn, a longtime lawyer and consumer advocate who served as counselor to then-FCC Chairman Tom Wheeler during the Obama era. Carr “was responding to criticism from people like Sean Hannity that the guidance would apply to conservative talk radio just as much as it would to so-called ‘liberal’ TV,” Sohn told Ars. “It doesn’t matter whether a broadcaster is a radio broadcaster or a TV broadcaster, the Equal Opportunities law and however the FCC implements it must apply to both equally.”

This is very typical Carr. The law and earthly logic are malleable constructs that easily bend to whatever his goal is at any given moment. This blatant, mindless inconsistency has always been absolutely central to who he is, even before he became the authoritarian government’s top censor. It was evident way back during the fights over net neutrality and telecom oversight.

It’s why anybody with sense (including this website) recommended that the man be allowed nowhere near actual levers of power and policy-making.

Filed Under: brendan carr, censor, censorship, equal time, fcc, first amendment, partisan hack, radio, sean hannity, tv

Photo credit: Igor Bogdanov
The leaked Quick Start Guide for the DJI Osmo Pocket 4 has finally been discovered, and every page reveals exactly what DJI plans to achieve next with its tiny handheld gimbal camera. At first sight, this update appears to be very similar, however there have been some significant changes. The body remains the same compact design that fits easily into a jacket pocket, but there are a few useful hardware buttons to replace the incessant screen swiping.

A zoom rocker has been added right next to the rotatable 2 inch OLED screen, along with a shutter button that also powers the device, a 5 way joystick for super-precise gimbal motions, some status LEDs, and a C button that you can customize to quickly access your favorite settings. There is a USB-C port for charging and data transfer, and the microSD card remains available in case you need it. These enhancements address widespread complaints from the previous model, in which touchscreen-only navigation simply wasn’t fast enough for rapid-paced photography.

Sale

DJI Osmo Pocket 3, Vlogging Cameras with 1” CMOS & 4K/120fps Vlog Camera, 3-Axis Stabilization, Fast…

• Capture Stunning Footage – This vlogging camera features a 1-inch CMOS sensor and records in 4K resolution at an impressive 120fps. Capture…
• Effortlessly Frame Your Shots – Get the ideal composition with Osmo Pocket 3’s expansive 2-inch touch screen that rotates for both horizontal and…
• Ultra-Steady Footage – Say goodbye to shaky videos. Osmo Pocket 3’s advanced 3-axis mechanical stabilization delivers superb stability. Enjoy smooth…

Video-wise, this little camera actually takes a step forward, since it uses a 1 inch CMOS sensor, with some fairly apparent improvements in low-light handling and dynamic range. Compared to the Pocket 3’s 4K/60fps restriction, you can now record at 4K at 120 frames per second, enabling you to produce gorgeous slow-motion recordings that capture every detail in incredibly fluid motion. Even when your subjects are zooming around a lot, autofocus maintains a solid hold on faces and objects. You can now stroll or turn while still getting smooth footage thanks to stabilization, which is based on their proven three-axis mechanical gimbal, now tuned for steadier handheld results during walks or quick turns. The battery life is increased from 1300 mAh to 1545 mAh, which should allow you to record for more than 200 minutes on a single charge in a variety of situations—what I like to refer to as “all day shoots.”

As Wi-Fi 6 replaces the previous standard, connectivity is evolving. With the DJI Mimo app, you can transfer all of your footage to your phone or tablet really quickly. You can now instantly post to YouTube and stream live using the same app, so your journey from capture to audience is complete.

The Creator Combo adds some useful extras, such as an extended battery handle for longer shots, a wide-angle lens attachment for capturing more of the scene, a mini tripod grip, a protective case, and possibly a magnetic fill light or wireless microphone depending on how the final kit looks. In terms of bundles, the standard version is essentially the essentials for the casual creator. Additionally, the cost of these items appears to be between $599 and $699 for the standard model and between $699 and $749 for the loaded Creator Combo. DJI appears poised to announce the standard Osmo Pocket 4 in China on March 26, 2026, with global availability following shortly after.
[Source]

In their recent announcement, NASA has made official what pretty much anyone following the Artemis lunar program could have told you years ago — humans won’t be landing on the Moon in 2028.

It was always an ambitious timeline, especially given the scope of the mission. It wouldn’t be enough to revisit the Moon in a spidery lander that could only hold two crew members and a few hundred kilograms of gear like in the 60s. This time, NASA wants to return to the lunar surface with hardware capable of setting up a sustained human presence. That means a new breed of lander that dwarfs anything the agency, or humanity for that matter, has ever tried to place on another celestial body.

Unsurprisingly, developing such vehicles and making sure they’re safe for crewed missions takes time and requires extensive testing. The simple fact is that the landers, being built by SpaceX and Blue Origin, won’t be ready in time to support the original Artemis III landing in 2028. Additionally, development of the new lunar extravehicular activity (EVA) suits by Axiom Space has fallen behind schedule. So even if one of the landers would have been ready to fly in 2028, the crew wouldn’t have the suits they need to actually leave the vehicle and work on the surface.

But while the Artemis spacecraft and EVA suits might be state of the art, NASA’s revised timeline for the program is taking a clear step back in time, hewing closer to the phased approach used during Apollo. This not only provides their various commercial partners with more time to work on their respective contributions, but critically, provides an opportunity to test them in space before committing to a crewed landing.

Artemis II Remains Unchanged

Given its imminent launch, there are no changes planned for the upcoming Artemis II mission. In fact, had there not been delays in getting the Space Launch System (SLS) rocket ready for launch, the mission would have already flown by now. Given how slow the gears of government tend to turn, one wonders if the original plan was to announce these program revisions after the conclusion of the mission. The launch is currently slated for April, but could always slip again if more issues arise.

At any rate, the goals for Artemis II have always been fairly well-aligned with its Apollo counterpart, Apollo 8. Just like the 1968 mission, this flight is designed to test the crew capsule and collect real-world experience while in the vicinity of the Moon, but without the added complexity of attempting a landing. Although now, as it was then, the decision to test the crew capsule without its lander wasn’t made purely out of an abundance of caution.

As originally envisioned, Apollo 8 would have seen both the command and service module (CSM) and the lunar module (LM) tested in low Earth orbit. But due to delays in LM production, it was decided to fly the completed CSM without a lander on a modified mission that would put it into orbit around the Moon. This would give NASA an opportunity to demonstrate the critical translunar injection (TLI) maneuver and gain experience operating the CSM in lunar orbit — tasks which were originally scheduled to be part of the later Apollo 10 mission.

In comparison, Artemis II was always intended to be flown with only the Orion crew capsule. NASA’s goal has been to keep the program relatively agnostic when it came to landers, with the hope being that private industry would furnish an array of vehicles from which the agency could chose depending on the mission parameters. The Orion capsule would simply ferry crews to the vicinity of the Moon, where they would transfer over to the lander — either via directly docking, or by using the Lunar Gateway station as a rallying point.

There’s no lander waiting at the Moon for Artemis II, and the fate of Lunar Gateway is still uncertain. But for now, that’s not important. On this mission, NASA just wants to demonstrate that the Orion capsule can take a crew of four to the Moon and bring them back home safely.

Artemis III Kicks the Tires

For Artemis III, the previous plan was to have the Orion capsule mate up with a modified version of SpaceX’s Starship — known in NASA parlance as the Human Landing System (HLS) — which would then take the crew down to the lunar surface. While the HLS contract did stipulate that SpaceX was to perform an autonomous demonstration landing before Artemis III, the aggressive nature of the overall timeline made no provision for testing the lander with a crew onboard ahead of the actual landing attempt — a risky plan even in the best of circumstances.

The newly announced timeline resolves this issue by not only delaying the actual Moon landing until 2028, to take place during Artemis IV, but to change Artemis III into a test flight of the lander from the relative safety of low Earth orbit in 2027. The crew will liftoff from Kennedy Space Center and rendezvous with the lander in orbit. Once docked, the crews will practice maneuvering the mated vehicles and potentially perform an EVA to test Axiom’s space suits.

This new plan closely follows the example of Apollo 9, which saw the CSM and LM tested together in Earth orbit. At this point in the program, the CSM had already been thuroughly tested, but the LM had never flown in space or had a crew onboard. After the two craft docked, the crew performed several demonstrations, such as verifying that the mated craft could be maneuvered with both the CSM and LM propulsion systems.

The two craft then separated, and the LM was flown independently for several hours before once again docking with the CSM. The crew also performed a brief EVA to test the Portable Life Support System (PLSS) which would eventually be used on the lunar surface.

While the Artemis III and Apollo 9 missions have a lot in common, there’s at least one big difference. At this point, NASA isn’t committing to one particular lander. If Blue Origin gets their hardware flying before SpaceX, that’s what they’ll go with. There’s even a possibility, albeit remote, that they could test both landers during the mission.

Artemis IV Takes a Different Path

After the success of Apollo 9, there was consideration given to making the first landing attempt on the following mission. But key members of NASA such as Director of Flight Operations Christopher C. Kraft felt there was still more to learn about operating the spacecraft in lunar orbit, and it was ultimately decided to make Apollo 10 a dress rehearsal for the actual landing.

The CSM and LM would head to the Moon, separate, and go through the motions of preparing to land. The LM would begin its descent to the lunar surface, but stop at an altitude of 14.4 kilometers (9 miles). After taking pictures of the intended landing site, it would return to the CSM and the crew would prepare for the return trip to Earth. With these maneuvers demonstrated, NASA felt confident enough to schedule the history-making landing for the next mission, Apollo 11.

But this time around, NASA will take that first option. Rather than do a test run out to the Moon with the Orion capsule and attached lander, the plan is to make the first landing attempt on Artemis IV. This is partially because we now have a more complete understanding of orbital rendezvous and related maneuvers in lunar orbit. But also because by this point, SpaceX and Blue Origin should have already completed their autonomous demonstration missions to prove the capabilities of their respective landers.

Entering Uncharted Territory

At this point, the plans for anything beyond Artemis IV are at best speculative. NASA says they will work to increase mission cadence, which includes streamlining SLS operations so the megarocket can be launched at least once per year, and work towards establishing a permanent presence on the Moon. But of course none of that can happen until these early Artemis missions have been successfully executed. Until then it’s all just hypothetical.

While Apollo was an incredible success, one can only follow its example so far. Despite some grand plans, the program petered out once it was clear the Soviet Union was no longer in the game. It cemented NASA’s position as the preeminent space agency, but the dream of exploring the lunar surface and establishing an outpost remained unfulfilled. With China providing a modern space rival, and commercial partners rapidly innovating, perhaps Artemis may be able to succeed where Apollo fell short.

TikTok will not introduce end-to-end encryption for direct messages (DMs) on its platform, according to a new report from the BBC. The social media giant says end-to-end encryption would make users less safe, as it believes the technology would prevent police and safety teams from accessing messages when necessary.

TikTok told the outlet that this is a deliberate decision to distinguish itself from rivals and protect users, particularly younger ones, from harm.

With end-to-end encryption, only the sender and recipient of a direct message can view its contents.

The company said direct messages are still protected with standard encryption, similar to services like Gmail. Only authorized employees can access direct messages, and only under specific circumstances, such as in response to a valid law enforcement request or a user report of harmful behavior.

End-to-end encryption is the default technology used in popular apps like Signal, WhatsApp, Facebook Messenger (for 1:1 personal chats and calls), Apple’s Messages, and Google Messages.

The federal directive ordering all U.S. government agencies to cease using Anthropic technology comes with a six-month phaseout window. That timeline assumes agencies already know where Anthropic’s models sit inside their workflows. Most don’t today.

Most enterprises wouldn’t, either. The gap between what enterprises think they’ve approved and what’s actually running in production is wider than most security leaders realize.

AI vendor dependencies don’t stop at the contract you signed; they cascade through your vendors, your vendors’ vendors, and the SaaS platforms your teams adopted without a procurement review. Most enterprises have never mapped that chain.

The inventory nobody has run

A January 2026 Panorays survey of 200 U.S. CISOs put a number on the problem: Only 15% said they have full visibility into their software supply chains, up from just 3% a year ago. And 49% had adopted AI tools without employer approval, according to a BlackFog survey of 2,000 workers at companies with more than 500 employees; 69% of C-suite members said they were fine with it.

That’s where undocumented AI vendor dependencies accumulate, invisible to the security team until a forced migration makes them everyone’s problem.

“If you asked a typical enterprise to produce a dependency graph that includes second- and third-order AI calls, they’d be building it from scratch under pressure,” said Merritt Baer, CSO at Enkrypt AI and former Deputy CISO at AWS, in an exclusive interview with VentureBeat. “Most security programs were built for static assets. AI is dynamic, compositional, and increasingly indirect.”

When a vendor relationship ends overnight

The directive creates a forced migration unlike anything the federal government has attempted with an AI provider. Any enterprise running critical workflows on a single AI vendor faces the same math if that vendor disappears.

Shadow AI incidents now account for 20% of all breaches, adding as much as $670,000 to average breach costs, IBM’s 2025 Cost of Data Breach Report found. You can’t execute a transition plan for infrastructure you haven’t inventoried.

Your contract with Anthropic may not exist, but your vendors’ contracts might. A CRM platform could have Claude embedded in its analytics engine. A customer service tool might call it on every ticket you process. You didn’t sign for that exposure, but you inherited it, and when a vendor cutoff hits upstream, it cascades downstream fast. The enterprise at the end of that chain doesn’t know the dependency exists until something breaks or the compliance letter shows up.

Anthropic has said eight of the 10 largest U.S. companies use Claude. Any organization in those companies’ supply chains has indirect Anthropic exposure, whether they contracted for it or not. AWS and Palantir, which hold billions in military contracts, may need to reassess their commercial relationships with Anthropic to maintain Pentagon business.

The supply chain risk designation means any company doing business with the Pentagon now has to prove its workflows don’t touch Anthropic.

“Models are not interchangeable,” Baer told VentureBeat. “Switching vendors changes output formats, latency characteristics, safety filters, and hallucination profiles. That means revalidating controls, not just functionality.”

She outlined a sequence that starts with triage and blast radius assessment, moves to behavioral drift analysis, and ends with credential and integration churn. “Rotating keys is the easy part,” Baer said. “Untangling hardcoded dependencies, vendor SDK assumptions, and agent workflows is where things break.”

The dependencies your logs don’t show

A senior defense official described disentangling from Claude as an “enormous pain in the ass,” according to Axios. If that’s the assessment inside the most well-resourced security apparatus on the planet, the question for enterprise CISOs is straightforward. How long would yours take?

The shadow IT wave that followed SaaS adoption taught security teams about unsanctioned technology risk. Most caught up. They deployed CASBs, tightened SSO, and ran spend analysis. The tools worked because the threat was visible. A new application meant a new login, a new data store, a new entry in the logs.

AI vendor dependencies don’t leave those traces.

“Shadow IT with SaaS was visible at the edges,” Baer said. “AI dependencies are embedded inside other vendors’ features, invoked dynamically rather than persistently installed, non-deterministic in behavior, and opaque. You often don’t know which model or provider is actually being used.”

Four moves for Monday morning

The federal directive didn’t create the AI supply chain visibility problem. It exposed it.

“Not ‘inventory your AI,’ because that’s too abstract and too slow,” Baer told VentureBeat. She recommended four concrete moves that a security leader can execute in 30 days.

1. Map execution paths, not vendors. Instrument at the gateway, proxy, or application layer to log which services are making model calls, to which endpoints, with what data classifications. You’re building a live map of usage, not a static vendor list.

2. Identify control points you actually own. If your only control is at the vendor boundary, you’ve already lost. You want enforcement at ingress (what data goes into models), egress (what outputs are allowed downstream), and orchestration layers where agents and pipelines operate.

3. Run a kill test on your top AI dependency. Pick your most critical AI vendor and simulate its removal in a staging environment. Kill the API key, monitor for 48 hours, and document what breaks, what silently degrades, and what throws errors your incident response playbook doesn’t cover. This exercise will surface dependencies you didn’t know existed.

4. Force vendor disclosure on sub-processors and models. Your AI vendors should be able to answer which models they rely on, where those models are hosted, and what fallback paths exist. If they can’t, that’s your fourth-party blind spot. Ask the questions now, while the relationship is stable. Once a cutoff hits, the leverage shifts, and the answers come too late.

The control illusion

“Enterprises believe they’ve ‘approved’ AI vendors, but what they’ve actually approved is an interface, not the underlying system,” Baer told VentureBeat. “The real dependencies are one or two layers deeper, and those are the ones that fail under stress.”

The federal directive against Anthropic is one organization’s weather event. Every enterprise will eventually face its own version, whether the trigger is regulatory, contractual, operational, or geopolitical. The organizations that mapped their AI supply chain before the storm will recover. The ones that didn’t will scramble.

Map your AI vendor dependencies to the sub-tier level. Run the kill test. Force the disclosure. Give yourself 30 days. The next forced migration won’t come with a six-month warning.

American data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some customer and business information.

The company’s data breach confirmation comes as a threat actor named FulcrumSec leaked 2GB of files on various underground forums and sites.

LexisNexis L&P is a global provider of legal, regulatory, and business information, research tools, and analytics used by lawyers, corporations, governments, and academic institutions in more than 150 countries worldwide.

Cloud breach via unpatched React app

The threat actor says that on February 24 they gained access to the company’s AWS infrastructure by exploiting the React2Shell vulnerability in an unpatched React frontend app.

LexisNexis L&P admitted that hackers breached its network, noting that the stolen information was old and consisted mostly of non-critical details.

“Our investigation has confirmed that an unauthorized party accessed a limited number of servers,” the company told BleepingComputer.

“These servers contained mostly legacy, deprecated data from prior to 2020, including information such as customer names, user IDs, business contact information, products used, customer surveys with respondent IP addresses, and support tickets,” a spokesperson said.

“The impacted information did not contain Social Security numbers, driver’s license numbers, or any other sensitive personally identifiable information; credit card, bank accounts, or any other financial information; active passwords; or customer search queries, customer client or matter information, or customer contracts.”

Based on its investigation, LexisNexis believes that the intrusion has been contained and found no evidence that products or services were impacted by the intrusion.

In a public post detailing the hack, FulcrumSec claims that they stole information related to more than 100 users with .gov email addresses, which included U.S. government employees, federal judges and law clerks, U.S. Department of Justice attorneys, and U.S. SEC staff.

The threat actor detailed the intrusion, saying that they “exfiltrated 2.04 GB of structured data from LexisNexis AWS infrastructure” via a vulnerable React container with access to:

• 536 Redshift tables
• 430+ VPC database tables
• 53 AWS Secrets Manager secrets in plaintext
• 3.9M database records
• 21,042 customer accounts
• 5,582 attorney survey respondents
• 45 employee password hashes
• Complete VPC infrastructure mapping

FulcrumSec said that they also had access to around 400,000 cloud user profiles that included real names, emails, phone numbers, and job functions. According to the hackers, 118 users had .gov addresses belonging to U.S. government employees, federal judges and law clerks, U.S. Department of Justice attorneys, and U.S. SEC staff.

FulcrumSec said that they contacted LexisNexis, but the company “decided not to work with us on this.” They also criticized the company’s security practices that permitted a single ECS task role “read access to every secret in the account, including the production Redshift master credential.”

LexisNexis has notified law enforcement and contracted an external cybersecurity expert to assist with the investigation and implementation of containment measures.

The company has taken responsibility for the breach and informed current and previous customers of the intrusion.

Last year, the company disclosed another breach after hackers compromised a corporate account and accessed sensitive information belonging to 364,000 customers.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report