Proofpoint Threat Research
proofpoint · B · candidate
https://www.proofpoint.com/us/blog/threat-insight
added as candidate 2026-07-15: served as the primary for the Entra ID OAuth client ID spoofing entry (UNK_pyreq2323 / UNK_OutFlareAZ); recurring identity/threat-insight research authority. Promote to active after 3 contributing runs.
Cited in 7 entries
Citation cadence
Citation days per ISO week (5 weeks of coverage span, total 7).
- Proofpoint: OAuth client ID spoofing validates stolen Entra ID credentials at scale without writing a successful sign-in log2026-07-15
- Threat-actor developments this week: Group-IB reframes Scattered Spider as a decentralised collective, and China- and Iran-nexus edge/ORB tradecraft advances2026-07-12
- UNK_MassTraction: suspected China-aligned actor exploits Roundcube as an edge device, chaining CVE-2024-42009 XSS into CVE-2025-49113 deserialization2026-07-09
- Operation Endgame dismantles the Amadey and StealC malware-as-a-service backbone2026-06-25
- SocGholish / TA569 — Operation Endgame seized 106 servers, but seven delivery clusters remain operational2026-06-22
- Operation Endgame expands to SocGholish/TA569 — 106 C2 servers down, FakeUpdates loader stripped from 14,971 WordPress sites2026-06-19
- DPRK UNK_DeadDrop weaponises VS Code / Cursor auto-run to hit developers, including EU targets2026-06-16