Category: Cisco Talos Blog

Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges. This article has been indexed from Cisco Talos Blog…

Read more →

In this week’s newsletter Martin considers how defenders can turn offensive AI tools against themselves. This article has been indexed from Cisco Talos Blog Read the original article: Using AI to defeat AI

Read more →

A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing. This article has been indexed from Cisco Talos Blog Read the original…

Read more →

In this week’s newsletter, Amy examines the rise of Shannon, an autonomous AI penetration testing tool, and what it means for security teams and risk management. This article has been indexed from Cisco Talos Blog Read the original article: Hand…

Read more →

Ryan Liles reveals how he bridges the gap between Cisco’s product teams and third-party testing labs, mastering the art of technical diplomacy while driving industry standards forward and keeping the internet’s defenders ahead of the game. This article has been…

Read more →

Microsoft has released its monthly security update for February 2026, which includes 55 vulnerabilities affecting a range of products, including one (CVE-2025-59498) that Microsoft marked as “Critical”. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch Tuesday for February…

Read more →

Cisco Talos recently discovered a new threat actor, UAT-9221, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink. This article has been indexed from Cisco Talos Blog Read the original article: New threat…

Read more →

This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities. This article has been indexed from Cisco Talos Blog Read the original article: All gas, no brakes: Time to come to AI church

Read more →

Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. This article has been indexed from Cisco Talos Blog Read the original article: Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework

Read more →

Hazel reflects on how to find balance while staying informed, then delivers practical updates and insights on the latest cybersecurity threats. This article has been indexed from Cisco Talos Blog Read the original article: I’m locked in!

Read more →

Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. This article has been indexed from Cisco Talos Blog Read…

Read more →

A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever. This article has been indexed from Cisco Talos Blog Read the original article: IR Trends…

Read more →

Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam. This article has been indexed from Cisco Talos Blog Read…

Read more →

In this week’s newsletter, Bill hammers home the old adage, “Know your environment” — even throughout alert fatigue. This article has been indexed from Cisco Talos Blog Read the original article: I scan, you scan, we all scan for… knowledge?

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.. The vulnerabilities mentioned in this blog post have been patched by their respective vendors,…

Read more →

In this week’s newsletter, Martin examines the evolving landscape for 2026, highlighting key threats, emerging trends like AI-driven risks, and the continued importance of addressing familiar vulnerabilities. This article has been indexed from Cisco Talos Blog Read the original article:…

Read more →

Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor. This article has been indexed from Cisco Talos Blog Read the original article: UAT-8837 targets critical infrastructure sectors…

Read more →

Terryn’s path to cybersecurity started with a fascination for criminal forensics and a knack for jailbreaking his family’s tech — interests that eventually steered him toward the fast-paced world of digital investigations. This article has been indexed from Cisco Talos…

Read more →

Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as “critical”. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch Tuesday for January…

Read more →

Talos’ editor ditches the pressure of traditional New Year’s resolutions in favor of practical, in-the-moment changes, and finds more success by letting go of perfection. Plus, we break down the latest on UAT-7290, a newly disclosed threat actor targeting critical…

Read more →