ThinkstCanary (@thinkstcanary.canary.tools)

CrowdStrike API Key Canarytoken

It’s no secret that adversaries love (ab)using security tooling . So..

Rad just shipped our latest Canarytoken to exploit this: a CrowdStrike API Key Canarytoken!

Attackers who find it, have to use it - and when they do, they expose themselves.

blog.thinkst.com/2026/02/intr...

23.02.2026 13:45 👍 8 🔁 2 💬 0 📌 0

The best thing about Canaries & Canarytokens, is when they surprise you:

"printed some and put them round the office"

"but then they were put into the bin, and at 21:43 someone scanned them… looks like this place has dumpster divers"

"never thought that was still a thing"

19.02.2026 17:08 👍 6 🔁 2 💬 0 📌 1

You can grab the latest copy of our quarterly security research roundup at thinkst.com/ts ¹

For this issue, we selected work from over 1,370 talks & 1,200 blog posts.

Available as PDF, ePUB (or audio highlights)

__
¹ As always, completely free

16.02.2026 14:12 👍 2 🔁 4 💬 0 📌 0

We've always been all about the love..

From all of us, to all of you

💚💚💚

13.02.2026 08:42 👍 1 🔁 0 💬 0 📌 0

From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks YouTube video by Three Buddy Problem

This week's show is up on YouTube (presented by Thinkst Canary @thinkstcanary.canary.tools)

WATCH www.youtube.com/watch?v=fvKM...

10.02.2026 17:04 👍 6 🔁 6 💬 1 📌 1

thank you, @thinkstcanary.canary.tools 🥹

05.02.2026 22:57 👍 8 🔁 2 💬 1 📌 0

these guys. always full of adorable surprises. love @thinkstcanary.canary.tools 💚

cc @haroonmeer.canary.love

30.01.2026 14:41 👍 14 🔁 2 💬 1 📌 1

The org. running the SA Computer Olympiad ran out of money & shut it down..

So we bought it from them¹

The Olympiads will run as normal in 2026 (and hopefully we will make 'em run even better going forward).

2026 Registration is Open (www.olympiad.org.za)

__
¹ www.itweb.co.za/article/comp...

11.12.2025 10:47 👍 5 🔁 0 💬 0 📌 0

Assume Breach, Detect Early: The Power of Canaries Why canary signals outperform conventional detection and reduce mean-time-to-discovery

Prevention alone isn't enough. In real networks, credentials leak, assets sprawl, and blind spots exist. Canaries provide high-confidence early detection of internal movement.

I wrote some stuff here: clarkee.co.uk/assume-breac...

@thinkstcanary.canary.tools

01.12.2025 19:30 👍 4 🔁 2 💬 0 📌 0

You can grab our Q3-2025 issue of ThinkstScapes at thinkst.com/ts

For this issue, we tracked over 1,500 talks/papers, and almost 1,300 security blog posts.

As always, available in PDF, ePub or a brief audio summary. (As always: completely free).

20.11.2025 22:21 👍 4 🔁 2 💬 0 📌 0

Risky Business #814 -- It's a bad time to be a scam compound operator - Risky Business Media In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:* The KK Park scam compound in Myanmar [Read More]

You can catch our @haroonmeer.canary.love on this weeks episode of Risky Business complaining about security vendors approach to security.

It's worth a listen.

risky.biz/RB814/

12.11.2025 18:01 👍 3 🔁 1 💬 0 📌 0

We try! 💪💚

05.11.2025 15:53 👍 1 🔁 0 💬 0 📌 0

iFixit Mako Kit

Every year, we try to give our customers a small gift from Thinkst Canary.

Previously we did the Canary Swiss Army Knives¹.

This year, it's the awesome Mako kit from iFixit

All told, we've shipped just under a ton of them 🤯

__
¹ x.com/ThinkstCanar...

05.11.2025 11:52 👍 3 🔁 0 💬 1 📌 0

This quarter we announced two new platforms for Canary: Oracle Cloud Infra. (OCI) & Nutanix.

Our v1 was a hardware device, but today, Canary also runs on
- GCP,
- AWS,
- VMware,
- Azure,
- Docker,
- Tailscale,
- OCI,
- Nutanix.

Still dead simple. Still "just works!"

30.10.2025 12:44 👍 10 🔁 4 💬 0 📌 1

US-EAST-1 (AWS) is currently "degraded".

This affects the following Canary services directly:
- Creating AWS Canarytokens (both free and commercial) ;
- Launching new Tailscale Canaries.

Sorry!

We will send a message when service returns to normal.

20.10.2025 09:21 👍 3 🔁 0 💬 0 📌 0

Thank you. We try 💪💚

27.09.2025 07:41 👍 1 🔁 0 💬 0 📌 0

Leighton & Sharukh just snuck a quick update into canarytokens.org to allow you to easily manage all the tokens you've previously created.

Still just $0.00

Still one of the best things you can do to detect attackers before they dig in...

24.09.2025 17:28 👍 7 🔁 2 💬 0 📌 0

Thanks @thinkstcanary.canary.tools for making this awesome platform! 🙌

If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...

23.09.2025 09:03 👍 7 🔁 1 💬 0 📌 0

Know. Before it matters Canarytokens is a free tool that helps you discover you’ve been breached by having attackers announce themselves. The tokens allow you to implant traps around your network and notifies you as soon...

It's live now (and free). Check out our blog for more, including how to deploy your first AWS infrastructure Canarytoken.

__
¹ blog.thinkst.com/2025/09/intr...

(3 of 3)

15.09.2025 16:36 👍 3 🔁 0 💬 0 📌 0

This makes it even easier to deploy juicy S3 buckets, DynamoDB tables, SSM parameters, SecretsManager secrets, and SQS queues, that attackers will want to browse.

We help you design and build a Terraform module that’s unique to your environment, then you deploy when ready.

(2 of 3)

15.09.2025 16:36 👍 1 🔁 0 💬 1 📌 0

Today we released our new (free) AWS Infrastructure Canarytoken on canarytokens.org.

It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed.

(1 of 3)

15.09.2025 16:36 👍 6 🔁 6 💬 1 📌 0

Introducing keynote spreaker: Marco Slaviero! 🚀

A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights!

Grab your ticket today: za.pycon.org/tickets

@marcoslaviero.bsky.social
@thinkstcanary.canary.tools

08.09.2025 15:00 👍 2 🔁 1 💬 0 📌 0

Spotted at the U.S Open 🎾💪💚

03.09.2025 16:46 👍 3 🔁 0 💬 0 📌 0

Today has been Drone-flying (indoor, outdoor, fpv) and Drone-hacking..

10/10 - Will recommend..

02.09.2025 10:18 👍 1 🔁 0 💬 0 📌 0

Most of the company is in CapeTown this week for our annual ThinkstCon.

This means lots of green stuff, and lots of padel.

💪💚

01.09.2025 21:04 👍 4 🔁 1 💬 1 📌 0

It's our birthday, so we created a tiny skunk(worksy) game for you to play..

Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt.

Have fun!! (but watch out for the Canaries)

canary.tools/10-year

29.08.2025 17:23 👍 8 🔁 2 💬 0 📌 1

Canary tokens: Learn all about the unsung heroes of security at Grafana Labs | Grafana Labs Learn why the use of canary tokens let us spot a recent intrusion and swarm quickly in response, and find out why you should be using canary tokens to prevent serious security incidents in the future.

In April this year, @grafana.bsky.social had a security incident due to an insecure GitHub Action. The attackers even tried covering their tracks.

How were they discovered? Canarytokens..

Check out their post¹ on how they use our tokens at scale..

__
¹ grafana.com/blog/2025/08...

27.08.2025 10:02 👍 5 🔁 2 💬 0 📌 0

Canary tokens: Learn all about the unsung heroes of security at Grafana Labs | Grafana Labs Learn why the use of canary tokens let us spot a recent intrusion and swarm quickly in response, and find out why you should be using canary tokens to prevent serious security incidents in the future.

How do you know you're compromised?

Read my newest article to see how we used canary tokens to detect an attack on our infrastructure.

grafana.com/blog/2025/08...

26.08.2025 08:19 👍 6 🔁 5 💬 0 📌 0

"We had good success with your canaries at ..."

"I would like to intro my (new) team at ...."

10 years in && we still do 0 outbound sales.
We've had the best customers since day-1!

💪💚

15.08.2025 17:40 👍 2 🔁 2 💬 0 📌 0

A friendly reminder from your Canary Console that if you are in the Northern Hemisphere, you can probably check out the Perseid meteor shower this week..

💪💚💫

11.08.2025 16:32 👍 12 🔁 2 💬 1 📌 0

ThinkstCanary

Latest posts by ThinkstCanary @thinkstcanary.canary.tools