Email Security

Phishing kit teardowns, malware research, and AI-powered BEC discovery

Email remains the primary attack vector for most organisations. We produce original threat research that uncovers new phishing kits, malware toolkits, and BEC techniques before they hit the mainstream press. Our email security work for Varonis and SlashNext has earned coverage in The Hacker News, TechRadar, Scientific American, and 250+ other publications.

Published Work (14)
Stanley Malware ToolkitModular malware toolkit used to deploy infostealers and RATs via phishing campaignsResearchVaronis Spiderman Phishing KitSophisticated phishing kit targeting European banks with real-time credential theft and OTP captureResearchThe Hacker NewsVaronis 5 Ways Cybercrime Has Become a Subscription BusinessHow cybercrime tools are sold as SaaS, from phishing kits to ransomware buildersContentVaronis Atroposia RATNewly discovered remote access trojan with keylogging, screen capture, and data exfiltrationResearchVaronis MatrixPDFCybercrime toolkit weaponising PDF documents for malware delivery and phishingResearchSC WorldVaronis SpamGPTAI-powered phishing platform with SMTP rotation, inbox monitoring, and automated campaign managementResearchTechRadarVaronis AI Deepfakes and Voice ClonesHow threat actors use generative AI to create convincing deepfake videos and cloned voicesContentVaronis How Threat Actors Use AI to Hide Malicious SitesTechniques for using AI-generated content to evade detection and build trustContentVaronis Decoding ClickFixResearch into the ClickFix social engineering technique tricking users into running malicious commandsResearchVaronis SessionSharkMFA bypass phishing-as-a-service kit that steals session tokens through adversary-in-the-middle attacksResearchVaronis Xanthorox AICriminal AI platform generating deepfakes, phishing emails, malware, and ransomwareResearchScientific AmericanVaronis Astaroth Phishing KitAdvanced phishing kit with real-time session hijacking capabilitiesResearchVaronis Session Shark Sponsored PostSponsored campaign exposing how Session Shark bypasses Office 365 MFA protectionsSponsored356K viewsSlashNext WormGPT DiscoveryOriginal discovery of a malicious AI trained on malware code and phishing templatesResearch250+ media mentionsSlashNext
Get Started See All Work
Lisa O’Reilly
“Daniel is extremely knowledgeable about the cybersecurity and threat landscape. His research is thorough, and his writing is publishing-ready.”
Lisa O’Reilly, VP of Marketing, SlashNext
250+ Media Mentions