Insights
Analysis, risk intelligence, and practitioner perspective — on the threats, environments, and decisions that matter to our clients.
20 articles
Hall Donovan Welcomes Intelligence Community Executive Shelby Pierson
Hall Donovan
Hall Donovan welcomes Shelby Pierson, a 25-year veteran of the U.S. Intelligence Community who led large-scale analytic operations at ODNI and NGA, as a new partner.
Hall Donovan Welcomes Ex-CIA Veteran Bob Dougherty
Hall Donovan
Hall Donovan welcomes Bob Dougherty, a 25-year CIA veteran who ran operations against ISIS, Al-Qaeda, Hezbollah, and Hamas across four continents, as a new partner.
Hall Donovan Risk Assessment: The World Changed Overnight
HD Intelligence Desk
A risk advisory for American citizens at home and abroad following Operation Epic Fury — the joint U.S.-Israel military campaign targeting Iran — and the domestic shooting in Austin, Texas that followed within 24 hours.
IoT Devices Are Not As Secure As You Think
Brandon Thomas, Managing Partner
A software engineer accidentally gained control of 7,000 DJI robot vacuums across 24 countries — including live camera feeds, microphone audio, and 2D floor plans — exposing how AI coding tools are lowering the barrier for IoT security probing.
Google AI Search Results Not Vetted For Scams
HD Intelligence Desk
Google's AI Overviews feature is being actively exploited by scammers to inject fraudulent phone numbers, phishing links, and deceptive recommendations into what users perceive as authoritative, Google-endorsed answers.
Cybercrime Is Now the World's Third-Largest Economy. You're a Target.
Brandon Thomas, Managing Partner
Bank of America's 'The World in 2030' report names cybercrime's $10.5 trillion annual cost as a top-three global economic force — and warns that AI is about to make it exponentially worse for individuals, not just enterprises.
Risk Report: OpenClaw Integrates VirusTotal Scanning After Security Firms Flag Enterprise Risks
HD Intelligence Desk
OpenClaw, the viral open-source AI agent flagged by security firms as "insecure by default," has integrated VirusTotal malware scanning into its ClawHub skills marketplace following documented malicious extensions and unauthorized enterprise deployments.
Your AI Agent May Already Be Compromised
Brandon Thomas, Managing Partner
341 malicious skills, 7.1% of the ClawHub marketplace compromised, and 22% of enterprises running OpenClaw without IT approval — the AI agent attack surface is exploding and most organizations have zero visibility into it.
Nine Crypto Kidnappings In 2026 (So Far)
HD Intelligence Desk
January 2026 saw nine publicly reported physical attacks against crypto holders — averaging one every three days — with home invasions, kidnappings, and family targeting escalating worldwide.
V2X Security: How to Protect Vehicle-to-Infrastructure Communications Before Attackers Exploit Them
Brandon Thomas, Managing Partner
The first time you see a V2X-enabled intersection in action — traffic signals dynamically adjusting to approaching emergency vehicles, connected vehicles negotiating right-of-way through digital handshakes — it feels like the future finally arrived. Then you start thinking like an attacker.
Insider Threat: Google Engineer Convicted of AI Secrets Theft
Brandon Thomas, Managing Partner
A former Google engineer was convicted of stealing thousands of confidential AI files to support an AI startup in China — part of a broader pattern of insider-driven economic espionage targeting U.S. technology firms.
Urgent Security Warning: AI Deepfake Phishing Campaign Targeting Bitcoin Holders
HD Intelligence Desk
A sophisticated, active social-engineering campaign is targeting Bitcoin users through AI-generated deepfake video calls, designed to bypass even security-aware individuals by impersonating trusted contacts in real time.
Risk Report: Under Armour Investigating Breach — 72 Million Records Surface Online
HD Intelligence Desk
Under Armour is investigating claims that 72 million customer records were exposed after the Everest ransomware group allegedly breached the company, obtaining 343GB of data now posted on hacking forums and listed on Have I Been Pwned.
Securing the Autonomous Innovation Center: Lessons from the Largest AV Deployment in the US
Brandon Thomas, Managing Partner
When Jacksonville's Autonomous Transit System went live, it became the first fully autonomous public transit network in the United States. What most people don't realize is that the vehicles themselves represent only one attack surface in a much larger ecosystem.
Why Autonomous Vehicle Operators Face a Different Cybersecurity Problem Than Everyone Else
Brandon Thomas, Managing Partner
AV operators inherit the cyber risk of transportation, IT, and OT simultaneously — and most standard security frameworks were not built for that convergence.
Risk Report: Fake GrubHub Emails Targeting Bitcoin Holders — Brand Impersonation at Scale
HD Intelligence Desk
Fraudulent emails posing as official GrubHub communications promised recipients a tenfold Bitcoin return — using what appeared to be legitimate company subdomain addresses to bypass email authentication and boost credibility.
Risk Report: MetaMask Exploit Actively Draining EVM Wallets — What Crypto Holders Must Do Now
HD Intelligence Desk
A coordinated exploit is actively draining funds from hundreds of EVM-compatible wallets across Ethereum, BNB Chain, and Polygon — using fake MetaMask update prompts to trick users into signing malicious approvals.
Risk Report: Spike in AI-Driven Phishing Emails — Threat Actors Exploit Holiday Urgency
HD Intelligence Desk
A sharp rise in AI-driven phishing emails and social scams is targeting users with fake promotions and holiday-themed offers, using sophisticated social engineering that makes scams increasingly difficult to distinguish from legitimate communications.
Risk Report: Chinese AI-Enabled Hack — State Actors Weaponize AI for Cyber Espionage
HD Intelligence Desk
Chinese state-linked hackers successfully jailbroke an AI model to assist in a large cyber-espionage campaign targeting roughly 30 global organizations across tech, financial, and government sectors.
Risk Report: Microsoft 365 Accounts Targeted in Wave of OAuth Phishing Attacks
HD Intelligence Desk
Threat actors are abusing the OAuth device code authorization flow to hijack Microsoft 365 accounts — bypassing MFA entirely by tricking users into authorizing malicious applications through legitimate Microsoft login pages.
READY TO GO DEEPER?
Schedule a confidential consultation to discuss your specific security posture and threat environment.
Schedule Confidential Consultation