SentinelOne

🔥 🟣 Purple AI is here and now generally available! To learn more about the industry’s leading AI security analyst, watch the video below. 👉 Ready to transform your security operations? Get a demo: sentinelone.com/platform/purpl…

@Brandon_J_Pugh, principal cyber adviser to the Army secretary: "We don't have the luxury of sitting around or having long acquisition pipelines." Lt. Gen. Christopher Eubank, @ARCYBER: the AI threat once mapped 12-to-18 months out "has arrived today." Read the full article by Axios's @samsabin923 → s1.ai/Axios-TTE

🗞️ In @Axios: When the U.S. Army needs to move at the speed of AI, it called a room. And SentinelOne was honored to be at the table—and ready for the question. Last week, our leadership joined the Army's second AI tabletop exercise. The assignment: a hypothetical Indo-Pacific crisis, and how AI agents could defend Army networks against continuous, AI-driven attack. The pace says everything.

Identity is the entry point attackers are walking through right now while your tools argue about whose problem it is. SentinelOne's Melissa K. Smith and @silverfort's Ben Goodman on why the single-vendor black box is the thing that's actually failing: 🔸 Non-human identity growth is outpacing human identity growth. Service accounts, APIs, AI agents — no MFA, no session, no one watching. 🔸 Identity tools that don't talk to the endpoint are a roadmap, not a defense. 🔸 Attackers aren't waiting. SentinelOne killed a trojaned LiteLLM package mid-execution in under 44 seconds. The Axios npm compromise? First infection 89 seconds after publication. That's the speed. Humans aren't in that loop. Siloed tools aren't either. Silverfort + SentinelOne fuses runtime identity enforcement with autonomous endpoint and AI detection — one control plane, real-time, across human, machine, and agent identities. Chocolate and peanut butter. Except the alternative is getting breached in 89 seconds. Learn more about our strategic partnership with Silverfort to secure identities in the AI era: s1.ai/Silverfrt

🤢 UGLY - Official SAP npm packages compromised in supply chain attack - Attackers targeted developer credentials and authentication tokens Full breakdown → s1.ai/GBU9-Wk18

⚠️ BAD - FTC reports Americans lost over $21B to social media scams in 2025 - Fraud at scale shows how platforms are becoming primary attack surfaces

Authorities extradited a Silk Typhoon-linked hacker, dismantled a €50M crypto fraud ring, and sentenced a money launderer tied to a $230M heist. Meanwhile, Americans lost $21B to social media scams — and SAP npm packages were compromised in a supply chain attack. This is the Good, Bad & Ugly. ⬇️

In the era of frontier AI models, the question isn't what vulnerabilities exist. It's what an adversary can actually chain together to exploit today. The answer lives not in the model or the SOC, but in the loop between them. And that loop is what we're unveiling today. Introducing Wayfinder Frontier AI Services, powered by @AnthropicAI's Claude Security, delivered by SentinelOne’s elite cybersecurity pros. Continuous discovery using the most advanced frontier models. Real exploitability, not paper risk. Mitigations that break attack chains before adversaries finish them. Frontier model. Frontier operators. Real threats, stopped before they become attacks. 🔗 Learn more: s1.ai/Claude-WF

That's us! 👇

@labscon_io 2026 Call for Papers is open. Sept 16–19, Scottsdale. Invite-only. Fifth year. Hosted by @LabsSentinel. A program committee with reviewers from Google, Netflix, Dartmouth, Johns Hopkins, and SentinelLABS. Malware, exploits, APTs, cybercrime — any platform. Original work only. No vendor theater. Bring the paper. Deadline June 19. labscon.io

We often chase what’s new(or can hype): triaging the latest threats, pushing quick analysis, applying mitigations, and moving on. In that cycle, it’s easy to overlook the value of continuity and historical context in ongoing campaigns. This research from @vkamluk is a good reminder of what you can uncover by revisiting past activity with a fresh lens. Starting from a single observation, the work expands through amazing hunting and pivoting, leveraging YARA in a way that surfaces broader connections and previously missed signals. If you have a few minutes, highly recommend read this: sentinelone.com/labs/fast16-my…

Authorities secure guilty pleas from a crypto hacker and a ransomware negotiator, international cyber agencies warn of large-scale botnet abuse by China-linked actors, and a 2005-era sabotage framework reshapes how we think about cyber-physical attacks today. This is the Good, Bad & Ugly. ⬇️ ✅ GOOD - U.K. national and leader of UNC3944 pleads guilty to hacking companies and stealing $8M+ in cryptocurrency - Florida-based ransomware negotiator pleads guilty to helping deploy BlackCatransomware attacks - Both cases highlight how ransomware ecosystems extend beyond attackers to brokers and facilitators, too ⚠️ BAD - International agencies warn of China-linked actors using botnets of compromised, internet-connected devices - Operations leverage scale and distributed infrastructure to evade detection - Consumer IoT is increasingly being weaponized for stealthy, persistent campaigns 🤢 UGLY - SentinelLABS uncovers fast16, a cyber sabotage framework dating back to 2005 - Targets high-precision computing by silently altering calculation results across facilities - Predates Stuxnet and signals early nation-state interest in scientific and industrial sabotage Full breakdown → s1.ai/GBU9-Wk17

@gcloudpartners @googlecloud 🍾

@SentinelOne @googlecloud You absolutely crushed it! We're raising a toast to you! 🥂

A partnership built to deliver the decisive advantage in AI Security. We're honored to be named the 2026 @googlecloud Partner of the Year for Security: Google Threat Intelligence. By anchoring SentinelOne's AI-native protection to Google Cloud's global scale, we're delivering the unrivaled resilience that modern enterprises need. Security leaders aren't just defending endpoints anymore — they're securing high-velocity environments where cloud, data, and AI collide. Together with @GoogleCloudSec, this is the standard we've been building toward. Here's what that looks like: 🧠 Intelligence-Led Defense: Every alert in the Singularity Platform is now enriched by the fusion of SentinelOne proprietary data and Google Threat Intelligence. ⚡ Agentic Response: Wayfinder Managed Services — combining elite human expertise with advanced agentic AI to redefine detection and response. 🔒 AI Stack Protection: Delivering the specialized security required to adopt GenAI and AI agents with absolute confidence. 🌍 Sovereignty at Scale: Global availability across strategic regions, including the Kingdom of Saudi Arabia, to meet the strictest regulatory requirements. Nearly one-fifth of the Fortune 500 trusts SentinelOne to stop attacks at machine speed. Together with Google Cloud, we're giving defenders the decisive advantage. Read the full announcement: s1.ai/GCP-26

Read the full @LabsSentinel report by @vkamluk and @juanandres_gs: s1.ai/fast16

Here's what we found: - This wasn’t built to steal files or lock screens. It was built to corrupt math. - Specifically: high-precision calculation software used in nuclear research, physics simulations, and structural engineering. - It spreads across a facility's network to make sure every machine gets the wrong answer — consistently. - It was referenced in the ShadowBrokers' leak of NSA's own deconfliction tools. The evasion message left for operators? "Nothing to see here — carry on." - It sat in VirusTotal for nearly a decade. Almost zero detections.

⚠️ The history of cyberwar just got rewritten. 🔬 @LabsSentinel has discovered fast16 — a state-grade sabotage framework from 2005. Five years before Stuxnet. With implications that reach into advanced physics, cryptographic research, and nuclear programs. fast16 isn't espionage. It's not ransomware. It's a precision instrument designed to make scientists trust math that's been quietly broken.

Read the full SentinelLABS report by @vkamluk and @juanandres_gs: s1.ai/fast16

The history of cyberwar just got rewritten with a new @LabsSentinel discovery by @vkamluk and @juanandres_gs. Stuxnet wasn't the beginning of nation-state sabotage through software. It was just the first one we caught. Meet fast16 — compiled in 2005, five years before Stuxnet. It isn't espionage. It's not ransomware. It's a precision instrument designed to make scientists trust math that's been quietly broken. Silently. Precisely. Across an entire network. The implications reach into advanced physics, cryptographic research, and nuclear programs. Read the full @WIRED story below by @a_greenberg👇