Five years ago, @labscon_io started as an ambitious experiment. Could we build a brand-new conference centered entirely on original security research? Could we create a venue where the work spoke louder than the marketing, where researchers challenged assumptions, shared discoveries, and pushed the industry forward? The answer has been an emphatic yes. As we prepare for LABScon 2026, we're excited to announce that this will be the final edition of LABScon. If we're going to close this chapter, we're going to do it the only way we know how: by putting together the strongest program we've ever had. This year, we're looking for the work that will define what's next. The boldest ideas, the uncomfortable findings, the research that changes how we think about this unknown era that’s upon us. The final LABScon CFP is open now and closes June 19. To everyone who has spoken, attended, sponsored, volunteered, debated, argued, collaborated, and helped make LABScon what it became, thank you. What started as a conference became a real community, and we're incredibly proud of what we built together. Every project has a lifecycle. We're ending this one on our terms, at its peak, with gratitude for everything it accomplished and excitement for what comes next ;) See you in Phoenix! Submit at labscon.io

"Don't look at it as CTI. It's intelligence for your organization." In this clip, @TomHegel explains why threat intel shouldn't live in a silo. The best programs support business decisions, investments, sales, recruiting, and more (not just security operations). #CTI #CyberSecurity #ThreatIntel hubs.la/Q04jZLQJ0

Such a fun conversation with the legends at @vtxproject, listen in here:

New Signals & Stories episode with @TomHegel from @SentinelOne and @invisig0th from The Vertex Project. We discuss: 🔹DPRK IT workers posing as job applicants 🔹Cross-functional intelligence sharing 🔹AI in CTI 🔹And more! Really fun conversation on where CTI is headed. #CyberSecurity #CTI #ThreatIntelligence hubs.la/Q04jJT3j0

A new macOS stealer called Reaper — a SHub variant tracked by @LabsSentinel — runs an infection chain where each stage hides behind a different trusted brand: - The lure: a fake WeChat or Miro installer - The delivery: a typo-squatted domain, mlcrosoft[.]co[.]com - The execution: dressed up as an Apple XProtectRemediator security update - The persistence: a fake Google Software Update directory, beaconing every 60 seconds Microsoft, Apple, Google — in that order, in one chain. The victim never sees a single unfamiliar name.

🚨 LABScon25 Replay 🚨 Breach Alpha: Trading on Cyber Fallout sentinelone.com/labs/labscon…

LABScon25 Replay 📺 Joe Fitzpatrick: Please Connect to the Foreign Entity to Enhance Your User Experience (@securelyfitz) sentinelone.com/labs/labscon…

In this @WIRED video about fast16, @a_greenberg walks through the whole arc: A 2005 sabotage malware that sat in plain sight for 20 years, the NSA leak that named it, and what @LabsSentinel's @vkamluk and @juanandres_gs (JAGS) finally figured out it was doing. The closing question alone is worth your time. 📄 Full SentinelLABS’s report: s1.ai/fast16 🗞️ WIRED's full story: s1.ai/WIRED-F16

Threat actors are in a turf war for ownership of your infrastructure. @LabsSentinel has uncovered PCPJack, a predatory cloud credential worm that hunts its own kind. Its first move? A scorched-earth eviction of rival group TeamPCP. s1.ai/pcpjack This isn’t a theory—it’s in the code. PCPJack specifically kills TeamPCP processes and even reports a "PCP replaced" metric back to its C2.

Fantastic conversation on our Fast16 research 👇 carry on.

We are press-release official! ✍️ sentinelone.com/press/the-wo…

“Nothing to see here – carry on” 🫣

Fresh research from the team (@vkamluk / @juanandres_gs) - this one goes back quite awhile! fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet sentinelone.com/labs/fast16-…

The history of cyberwar just got rewritten with a new @LabsSentinel discovery by @vkamluk and @juanandres_gs. Stuxnet wasn't the beginning of nation-state sabotage through software. It was just the first one we caught. Meet fast16 — compiled in 2005, five years before Stuxnet. It isn't espionage. It's not ransomware. It's a precision instrument designed to make scientists trust math that's been quietly broken. Silently. Precisely. Across an entire network. The implications reach into advanced physics, cryptographic research, and nuclear programs. Read the full @WIRED story below by @a_greenberg👇

CFP now open! You will regret not submitting to this one.. Stay tuned!

🚨 The LABScon 2026 Call for Papers is officially OPEN! 🗓️ Deadline to submit: June 19, 2026 🔗 labscon.io <- find the button here

While it's hard to get numbers on frequency and costs of ransomware and criminal cyberattacks in China, we do know they happen. This makes the politics of losers in China cybersecurity particularly interesting. 1/x cnn.com/2026/04/08/china/chi…

This stirred a lot of thinking and emotion. I'd read it closely 👇🏽

The Cognitive Rust Belt - If you wait for the technology to settle before you address this, you will find there is nothing left to save. sentinelone.com/blog/the-imp…

Last week, a new initiative was launched under @NATO DEEP to develop a Reference Curriculum on Artificial Intelligence as a Tool for Military Power. Honored to work alongside a distinguished group of experts and help define how AI is addressed within military education!