Menlo Labs

Threats Outsmarted. Enterprises Liberated

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

Learn More
close up photo of handshake
90%

of attack vectors avoided

80%

reduction in SecOps alerts

Zero

breaches from email and web

100%

protection against browser patching delays

Latest Post

The Evolution of ClickFix: From Cleartext to Server Side Polymorphism

Menlo has identified ~4,500 domains that belong to a Polymorphism campaign, demonstrating a massive infrastructure powering these evasive ClickFix attacks.

Read More
Hacker in purple hoodie with digital code face next to a Microsoft sign-in screen and floating PDF icons.
Threat Trends & Research

Inside Attacker's Defensive Funnel: How Sneaky 2FA Cloaks Itself from Security Scanners

Browser window with text CAMP.24.061 CYBERCRIME WEB over laptop and red coding background.
Threat Trends & Research

Browser-Based Threats: Inside the CAMP.24.061 Cybercrime Web

Network of red server icons with skulls linked behind a laptop displaying VexTrio in a browser window.
Threat Trends & Research

VexTrio: Inside a global cybercrime ring

Black Hat USA 2024 logo above colorful neon outline of Las Vegas skyline on purple background.
Company News

Black Hat 2024: The Menlo Recap

Phishing graphic showing fake Amazon login and security checkup forms on a fishing hook with warning icons.
Threat Trends & Research

Decoding a Google Drawings and WhatsApp open redirection phish

Browser window with rotating letter dials spelling LOCKBIT 3.0 with a red binary code skull on the right.
Threat Trends & Research

Takedown Attempt and Resilience of Lockbit: Insight into Operation Cronos

Laptop displaying medical RX and pills with stethoscope, Black Cat icon, and locked folder with chains.
Threat Trends & Research

Swindled Blackcat affiliate wants money from Change Healthcare ransom

Purple robot holding a green shield with lock icon beside large AI letters and digital circuit lines.
Cybersecurity Strategy

How GenAI risks continue to impact security posture

Phishing concept: computer window with skull, fishing hook, hacker, unlocked padlock with key, and warning sign.
Threat Trends & Research

EvilProxy Phishing Attack Strikes Indeed

See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs
See More Blogs

Threat Bulletins

Menlo Labs Threat Bulletin about Threat Actor TA551 from November 2021 with alert icon on purple background.
Threat Bulletin

Threat Actor - November 2021 - TA551

Menlo Labs Threat Bulletin on Browser Zero Day for Apple and Chrome, February 2022 CVE-2022-0609.
Threat Bulletin

Browser Zero Day - Apple & Chrome - February 2022 - CVE-2022-0609 |

Menlo Labs Threat Bulletin on SolarMarker malware campaign from September 2021.
Threat Bulletin

Malware Campaign - September 2021 - SolarMarker

Menlo Labs Threat Bulletin text with malware campaign November 2021 ICEDID on dark code background.
Threat Bulletin

Malware Campaign - November 2021 - ICEDID

Menlo Labs Threat Bulletin on Malware Campaign February 2022 featuring GootLoader.
Threat Bulletin

Malware Campaign February 2022 - GootLoader

Menlo Labs Threat Bulletin for Browser Zero Day Chrome March 2022 CVE-2022-1096 alert
Threat Bulletin

Browser Zero Day - Chrome - March 2022 - CVE-2022-1096

Menlo Labs Threat Bulletin with server vulnerability details for Confluence June 2022 on purple code background.
Threat Bulletin

Server Zero Day - Confluence - June 2022 - CVE-2022-26134

Menlo Labs Threat Bulletin text with alert icon and Office Zero Day June 2022 CVE-2022-30190 reference.
Threat Bulletin

Office Zero Day - June 2022 - CVE-2022-30190

More Threat Bulletins