Skip Navigation
Get a Demo
 
Share
 
 
 
 
 
 
 
 
Resources Videos
Security operations

Red Canary Office Hours: Episode 45 – Unwrapping the mysteries of Shai Hulud

Air Date: December 16, 2025

Unwrapping the mysteries of Shai Hulud

Keith is joined by guest host, Principal Security Researcher Brian Donohue and Red Canary Senior Intelligence Analyst Stef Rand to discuss the threats we’ve seen over the past month.

Stef touches on several items from December’s Intelligence Insights, including how Red Canary is tracking an uptick in malicious RMM use, specifically ScreenConnect, and activity from a new macOS stealer: MacSync.

Brian shares Red Canary’s takeaways from the latest Shai-Hulud campaign and steps organizations can take in wake of the supply chain attack.

View the video
Episode 45: Intelligence Insights
Resources mentioned in this episode
Red Canary blog
Intelligence Insights: December 2025
Red Canary blog
Four phishing lures in campaigns dropping RMM tools
Red Canary blog
A taxonomy of Mac stealers: Distinguishing Atomic, Odyssey, and Poseidon
Red Canary blog
Bun and done: The second coming of the Shai-Hulud worm
Related Resources
Red Canary Office Hours: Episode 44 – Naughty or nice: decoding normal vs. anomalous behavior
Videos| Security operations
Red Canary Office Hours: Episode 44 – Naughty or nice: decoding normal vs. anomalous behavior
Red Canary Office Hours: Episode 43 – Defense-in-depth strategies to keep you warm
Videos| Security operations
Red Canary Office Hours: Episode 43 – Defense-in-depth strategies to keep you warm
Red Canary Office Hours: Episode 42 – A cornucopia of Intelligence Insights
Videos| Security operations
Red Canary Office Hours: Episode 42 – A cornucopia of Intelligence Insights
Red Canary Office Hours: Episode 41 – Bird feed: How Red Canary names and tracks threats
Videos| Security operations
Red Canary Office Hours: Episode 41 – Bird feed: How Red Canary names and tracks threats
 

See Red Canary in action

Watch the 10-minute demo now.
Watch the demo

Security gaps? We got you.

Sign up for our monthly email newsletter for expert insights on MDR, threat intel, and security ops—straight to your inbox.

 
 
 
 
Back to Top