The CRITICALSTART® Cyber Research Unit is tracking TeamPCP, a financially motivated threat actor behind a sustained software supply chain campaign that has compromised Aqua Security Trivy, Checkmarx KICS, LiteLLM, the TanStack ecosystem, and GitHub's own internal repositories — now confirmed by FBI FLASH reporting. This advisory consolidates 17 sources into prioritized detection, mitigation, and response guidance.
Every MDR vendor claims AI speed — Critical Start's SOC AI pairs five purpose-built agents with mandatory human validation, contractual per-alert SLAs, and full audit trails on every decision.
An Iranian state-directed campaign is actively exploiting a CVSS 9.8 authentication bypass in Rockwell Automation Logix controllers — with no vendor patch available. Critical Start's CRU breaks down the threat, the vulnerability surface, and what OT organizations need to do now.
Zero-day exploitation now precedes disclosure by an average of seven days. Critical Start's Cyber Research Unit breaks down the 2026 threat landscape, the Nightmare Eclipse campaign, and what defenders can actually do when no patch exists.
Critical Start's VP of Product and Principal Operations Engineer walk through their real-world approach to AI in the SOC including the Laws of AI, live agent demos, and honest TTI metrics.
"AI-first" SecOps sounds compelling — until it breaks at scale. Critical Start explains why deterministic systems belong in the first layer, and where AI actually belongs in the stack.