Blog
Featured

UAT-11795 deploys novel Starland RAT and bespoke WLDR C2 implant in financially motivated campaign

Cisco Talos is disclosing UAT-11795, a sophisticated, Russian-speaking, financially motivated adversary that has been conducting a malicious campaign targeting users in the U.S. and Europe since at least June 2025.

July 16, 2026 06:00

The Hunter's Paradox: Is it time to embrace automated threat hunting?

Humans can no longer keep up with the volume and velocity of security data on their own, but AI can't be fully trusted. David discusses the merits of both and muses on what the future might look like.

July 14, 2026 06:47

[Video] Where protection starts: Cisco Talos Intelligence Integrations

Every day, defenders make high-consequence decisions with incomplete information. Learn how Cisco Talos Intelligence Integrations help reduce uncertainty by turning the latest threat intelligence into proactive protections across Cisco technologies.

July 14, 2026 06:00

The serpent’s tongue: Luring the Python out of its den

This blog examines the full lifecycle of a Python package, from hosting on repositories such as PyPI or custom web servers, through source and wheel distribution formats, to the final installation into virtual or system-wide Python environments.

Recent
July 16, 2026 14:00

Begun, the Patch Wars have

Long foretold, the Great Patching has begun and it’s a doozy. Buckle in as Joe takes you through the story.

July 14, 2026 16:27

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical."

July 9, 2026 14:52

WolfSSL, GeoVision, VTK vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in WolfSSF, fourteen in GeoVision, and one vulnerability in VTK-DICOM. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to

July 9, 2026 14:00

Winning 54% of the time

With Wimbledon's help, Hazel argues against the popular myth that "Attackers only need to be right once, but defenders need to be right 100% of the time."

July 7, 2026 06:00

UAT-7810 continues building ORB networks using new malware

Talos’ latest findings on UAT-7810 indicate that the threat actor continues to develop their custom-made malware.