It’s no secret that adversaries love (ab)using security tooling . So.. Rad just shipped our latest Canarytoken to exploit this: a CrowdStrike API Key Canarytoken! Attackers who find it, have to use it - and when they do, they expose themselves. blog.thinkst.com/2026/02/intr...

The best thing about Canaries & Canarytokens, is when they surprise you: "printed some and put them round the office" "but then they were put into the bin, and at 21:43 someone scanned them… looks like this place has dumpster divers" "never thought that was still a thing"

You can grab the latest copy of our quarterly security research roundup at thinkst.com/ts ¹ For this issue, we selected work from over 1,370 talks & 1,200 blog posts. Available as PDF, ePUB (or audio highlights) __ ¹ As always, completely free

We've always been all about the love.. From all of us, to all of you 💚💚💚

This week's show is up on YouTube (presented by Thinkst Canary @thinkstcanary.canary.tools) WATCH www.youtube.com/watch?v=fvKM...

thank you, @thinkstcanary.canary.tools 🥹

these guys. always full of adorable surprises. love @thinkstcanary.canary.tools 💚 cc @haroonmeer.canary.love

The org. running the SA Computer Olympiad ran out of money & shut it down.. So we bought it from them¹ The Olympiads will run as normal in 2026 (and hopefully we will make 'em run even better going forward). 2026 Registration is Open (www.olympiad.org.za) __ ¹ www.itweb.co.za/article/comp...

Prevention alone isn't enough. In real networks, credentials leak, assets sprawl, and blind spots exist. Canaries provide high-confidence early detection of internal movement. I wrote some stuff here: clarkee.co.uk/assume-breac... @thinkstcanary.canary.tools

You can grab our Q3-2025 issue of ThinkstScapes at thinkst.com/ts For this issue, we tracked over 1,500 talks/papers, and almost 1,300 security blog posts. As always, available in PDF, ePub or a brief audio summary. (As always: completely free).

You can catch our @haroonmeer.canary.love on this weeks episode of Risky Business complaining about security vendors approach to security. It's worth a listen. risky.biz/RB814/

Every year, we try to give our customers a small gift from Thinkst Canary. Previously we did the Canary Swiss Army Knives¹. This year, it's the awesome Mako kit from iFixit All told, we've shipped just under a ton of them 🤯 __ ¹ x.com/ThinkstCanar...

This quarter we announced two new platforms for Canary: Oracle Cloud Infra. (OCI) & Nutanix. Our v1 was a hardware device, but today, Canary also runs on - GCP, - AWS, - VMware, - Azure, - Docker, - Tailscale, - OCI, - Nutanix. Still dead simple. Still "just works!"

US-EAST-1 (AWS) is currently "degraded". This affects the following Canary services directly: - Creating AWS Canarytokens (both free and commercial) ; - Launching new Tailscale Canaries. Sorry! We will send a message when service returns to normal.

Leighton & Sharukh just snuck a quick update into canarytokens.org to allow you to easily manage all the tokens you've previously created. Still just $0.00 Still one of the best things you can do to detect attackers before they dig in...

Thanks @thinkstcanary.canary.tools for making this awesome platform! 🙌 If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...

Today we released our new (free) AWS Infrastructure Canarytoken on canarytokens.org. It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed. (1 of 3)

Introducing keynote spreaker: Marco Slaviero! 🚀 A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights! Grab your ticket today: za.pycon.org/tickets @marcoslaviero.bsky.social @thinkstcanary.canary.tools

Spotted at the U.S Open 🎾💪💚

Most of the company is in CapeTown this week for our annual ThinkstCon. This means lots of green stuff, and lots of padel. 💪💚

It's our birthday, so we created a tiny skunk(worksy) game for you to play.. Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt. Have fun!! (but watch out for the Canaries) canary.tools/10-year

In April this year, @grafana.bsky.social had a security incident due to an insecure GitHub Action. The attackers even tried covering their tracks. How were they discovered? Canarytokens.. Check out their post¹ on how they use our tokens at scale.. __ ¹ grafana.com/blog/2025/08...

How do you know you're compromised? Read my newest article to see how we used canary tokens to detect an attack on our infrastructure. grafana.com/blog/2025/08...

"We had good success with your canaries at ..." "I would like to intro my (new) team at ...." 10 years in && we still do 0 outbound sales. We've had the best customers since day-1! 💪💚

A friendly reminder from your Canary Console that if you are in the Northern Hemisphere, you can probably check out the Perseid meteor shower this week.. 💪💚💫

just when you thought @thinkstcanary.canary.tools couldn't get any cooler they go and do this 🥹🌠💚 omggggg i love it www.space.com/32868-persei...

BlackHat boothing was great. We got to hang-out with customers & chat Canary with a bunch of new folks.. Our booth has changed, our tech has levelled up (by orders of magnitude) but it's the same price¹ as always, & still "just works!" __ ¹ Still never increased prices since year-1

The 2025, Q2 edition of ThinkstScapes is now available for download¹ at thinkst.com/ts If you are in Vegas for BlackHat, swing by our booth for a hard copy. This edition tracks "over 1,450 talks & papers & almost 1,400 blog posts" __ ¹ As always, completely free

We published an internal post¹ that our @marcoslaviero.bsky.social recently wrote "on caring". It's worth a read, because as he writes. caring about what is built is surprisingly fragile (and shockingly absent). __ ¹ blog.thinkst.com/2025/06/on-c...

A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding

When we first built @thinkstcanary.canary.tools we were proud that it took less than 4 minutes to be useful when bought. Now it takes less than two... Catching attackers is the game the whole family can play...

Internal release naming is totally becoming serious business at @thinkstcanary.canary.tools

The Q1-2025 edition of ThinkstScapes is now available at thinkst.com/ts. To compile this issue, we tracked over 1350 talks & papers (and about 1500 blog posts). Available¹ in PDF, ePub and with a short audio summary. __ ¹ As always: Completely free/without reg-wall

Facing a policy deadline for CVSS 10s? Use our #F5Labs Canary Exploit tool to safely test your system. If vulnerable, reading the parquet file makes javax.swing.JEditorPane contact a specific URL (ex: ‘Web Bug’ URL @thinkstcanary.canary.tools) ➡️ Check out here: https://go.f5.net/aio3117o

Tough/Awesome problem: Which quotes to include? "It’s a winning argument letting this solution speak for itself" "The product is what you describe.. No BS, no smoke and mirrors" "The effort in making it highly usable is evident... " __ * We have the best customers! 💪💚

You can catch our @marcoslaviero.bsky.social on confused deserialisation¹ in the latest edition of Paged Out (with a MessagePack/pickle polyglot) 💪💚 We love Paged Out.. You should totally check it out.. __ ¹ pagedout.institute/download/Pag...

Canaries.. Still our top sales person for the 10th year in a row... "Can we get a quote to add 5 additional Canaries to our current count?" "They’ve been absolutely stunning during our pentest..."

Volt Typhoon "hackers had been in the organization’s network since February 2023, for more than 300 days." Internal service scanning, Lateral movement.. Seriously - This reads like an ad for @thinkstcanary.canary.tools Deploy 'em. Forget about 'em. Know when it matters.

Attackers love poking around SSO dashboards, so we gave them something to find! Drop a Fake SAML IdP App Canarytoken in your IdP -- if anyone opens it, you get an alert. Read more about it at blog.thinkst.com/2025/03/dete...

"Kudos to Canary" "Our first true positive today" "Canary is awesome" 10 years of building Canary and we: - get these messages every week; - never get tired of them 💪💚 Come for the cute pictures, Stay for detection that actually works...

Our latest issue of ThinkstScapes is now available for download. For this issue (covering the last quarter of 2024) we tracked over over 1400 talks and scoured content from almost 1100 blog posts. As always, PDF, ePUB and an audio summary are available free (with no reg-wall) at thinkst.com/ts

Matt gets the best emails: "We love our Canaries" "Our Canaries have caught the Red Teams in the last three engagements" Seriously.. You should be running @thinkstcanary.canary.tools

This Valentines your Canary Console offers you a walk down memory lane, with our homage to flappy-bird.. It's a bit of a distance from what we do.. but.. it's also totally what we do 💪💚

A blog post¹ by Jacob Torrey on a new feature we excluded from Canary. It’s easy to ship everything you build, but resisting it is worth the effort. Is the benefit worth the increased cognitive load? Does it introduce new risks? (This time it did!) __ ¹ blog.thinkst.com/2025/02/almo...

Todays NYT Spelling Bee knows what's up..

"Dude, you need to cut some t-shirts with this..." Done!

Academic work on honeypots and deception are often kinda disappointing, but this paper by Ashenden and Reeves is worth the skim (especially since it confirms lots of our @ThinkstCanary.canary.tools takes 😉) tl;dr : Canaries work, Use ‘em. — ¹ scholarspace.manoa.hawaii.edu/server/api/c...