Panther

A malicious npm and PyPI package is targeting Kubernetes environments. It looks like a node health tool, and it installs like one too. Once installed, it drops a binary that opens a persistent reverse tunnel back to the attacker. From there, it’s not just the host that’s exposed. Developer machines and CI/CD systems often have: • kubeconfig access • cloud credentials • service account tokens That’s enough to move from one machine to full cluster access. Read the full post → https://lnkd.in/gBsKazFF #ThreatResearch #Panther #Kubernetes #npm

👀 Caught in the wild: Anthropic using Panther as part of their agent-driven investigation workflows.

A new npm package was published targeting developers running Polymarket trading bots. It presents as a simple logging utility. The payload runs on require(). Once executed, it: • reads .env files and project configs • looks for Polymarket SDK files like createClobClient.ts and clob.ts • exfiltrates API keys and wallet data • installs an SSH key for persistent access on Linux The targeting is specific to how these bots are built, not a broad scan for secrets. If those credentials are exposed, it’s direct access to the accounts the bot is trading on. Read the full blog → https://lnkd.in/e_edk5mx

Panther’s #ThreatResearch team tracked an OtterCookie campaign using npm packages that look legitimate on the surface, because they are. The top-level package is a clean wrapper, cloning a real library. The malicious logic sits one dependency deeper in the install chain. On install, a postinstall hook executes the payload and starts pulling data immediately: • credentials and environment files • wallet keys and config files • a full filesystem scan based on remote config On Linux, it goes further, adding an SSH key for persistent access. The package itself looks clean. The behavior lives underneath it. Full breakdown → https://lnkd.in/g3EPweh3

In this special episode of the Detection at Scale podcast, our CPO Julian Giuca turns the mic on Panther founder and CEO Jack Naglieri. The conversation covers the full journey of building Panther's AI SOC platform: the 2018 architectural bets on security data lakes and detection-as-code that turned out to be exactly the foundation AI agents needed, and what security teams have learned deploying these systems in production. Topics include: • Why detections written for human analysts fail AI agents • The three-part inflection (reasoning models, tool calling, and MCP) that made agentic SOC work real • What it means to close the loop rather than just close an alert • How teams should think about agent autonomy across different workflow risk levels • What going from 50% to 110% alert coverage actually looks like in practice One frame from the episode worth sitting with: the risk of not adopting AI in the SOC is now greater than the risk of an agent making a mistake. That changes the calculus for how quickly security teams should be moving. Listen now. Link in the comments.

⏰ 𝐋𝐢𝐯𝐞 𝐭𝐨𝐦𝐨𝐫𝐫𝐨𝐰: On 𝐌𝐚𝐲 12 𝐚𝐭 10𝐚𝐦 𝐏𝐓 / 1𝐩𝐦 𝐄𝐓, John Hammond and Jack Naglieri are walking through how agentic workflows are being used across triage, investigation, and detection. You’ll see what agents actually need to do the job well, and how investigation output feeds back into detection coverage. We hope you can join us! Save your spot → https://lnkd.in/ghTTx8tQ

This is what a modern npm supply chain attack looks like. Panther’s Threat Research team traced a campaign across 27 npm packages designed to blend into real dependency trees. They install clean. Execution happens later, on require(). At that point, a loader pulls an obfuscated payload and executes it at runtime. In practice, this leads to a full Node.js RAT: • credential theft • filesystem access • remote control None of this is new once it’s running. The difference is how it gets there, and how cleanly it avoids install-time visibility. Full breakdown → https://lnkd.in/gQHhN2wp

Channel and technology partners — the 𝐏𝐚𝐧𝐭𝐡𝐞𝐫 𝐏𝐚𝐫𝐭𝐧𝐞𝐫 𝐏𝐨𝐫𝐭𝐚𝐥 is now live 👇 A central hub for sales resources, deal collaboration, and enablement to help you support security teams modernizing their SOC. 𝑵𝒐𝒕 𝒚𝒆𝒕 𝒂 𝑷𝒂𝒏𝒕𝒉𝒆𝒓 𝒑𝒂𝒓𝒕𝒏𝒆𝒓? Chat with our team to become one today, and get access to the portal. Learn more: https://bit.ly/4eaWbox

The Complete AI SOC Platform is here! AI agents are changing how security teams handle triage, detection, investigation, and response, but the real shift is what happens when those workflows start to improve the system over time. In our blog post, we break down: • How agents operate across the SOC lifecycle • What it takes to give them full context (data, detections, history) • How investigation outcomes feed back into detection logic • What it looks like when your SOC gets better with every alert 🔗 Read the full breakdown → https://bit.ly/3PU2Ysk

John Hammond is joining Panther Founder & CEO Jack Naglieri for a live conversation on how agentic workflows are redefining the SOC operating model. AI agents are changing how security teams handle triage, detection, investigation, and reporting. But the real shift is what happens when those workflows start to improve the system over time. 𝐓𝐡𝐞𝐲’𝐥𝐥 𝐜𝐨𝐯𝐞𝐫: 👉 How the human role in the SOC is shifting 👉 What agents need to work effectively 👉 How triage decisions and investigation findings can improve detection coverage 👉 Where agentic security is headed Join us on May 12 at 10am PT / 1pm ET. Register here → https://lnkd.in/ghTTx8tQ