What is a “honeypot” in the context of cybersecurity? The term first appeared in the 1980s and 1990s, when it was used to describe precisely that, a honey trap that lured in unsuspecting hackers, putting them on the back foot. Clifford Stoll’s 1989 book The Cuckoo’s Egg is the first official documentation of a honeypot in the cyber world. Stoll tells the story of using what he called a “honeypot” to find a German hacker who had infiltrated U.S. military computers. Now the term is used in cybe
honeypots (3)
The monitoring and analysis of vulnerability exploitations are among the primary responsibilities of Sekoia.io’s Threat Detection & Research (TDR) team. Using our honeypots, we monitor traffic targeting various edge devices and internet-facing applications.
On 22 July 2025, suspicious network traces were observed via our honeypots. The analysis revealed that a cellular router’s API was exploited to send malicious SMS messages containing phishing URLs, an attack that leverages SMS as a deliver
Between April and June 2024, the NullBulge group emerged, targeting users in AI-centric applications and gaming communities. The NullBulge persona has showcased creative methods of distributing malware targeting said tools and platforms. Though the group projects an image of activism claiming to be “protecting artists around the world” and claims to be motivated by a pro-art, anti-AI cause rather than profit, other activities tied to this threat actor may indicate otherwise.
NullBulge’s servic
