Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities
Overview of patch tuesday release from Microsoft for April 2026.
Axios NPM supply chain incident
Overview of the recent Axios NPM supply chain incident including details of the payloads delivered from actor-controlled infrastructure.
Agentic AI security: Why you need to know about autonomous agents now
There are many benefits and security risks of deploying agentic AI within organizations. This blog emphasizes the importance of robust risk management and threat modeling to defend against both internal operational errors and potential malicious exploitation.
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
Cisco Talos recently discovered a new threat actor, UAT-9221, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink.
Spy vs. spy: How GenAI is powering defenders and attackers
Generative AI is rapidly transforming cybersecurity for both defenders and attackers. This blog highlights current uses, emerging threats, and the evolving landscape as capabilities advance.
The evolution and abuse of proxy networks
Proxy and anonymization networks have been dominating the headlines, this piece discusses its origins and evolution on the threat landscape with specific focus on state sponsored abuse.
Snowflake isn’t an outlier, it’s the canary in the coal mine
By Nick Biasini with contributions from Kendall McKay and Guilherme Venere Headlines continue to roll in about the many implications and follow-on attacks originating from leaked and/or stolen credentials for the Snowflake cloud data platform. Adversaries obtained stolen login
Stop running security in passive mode
As we begin a new year, we wanted to address one of the biggest issues we consistently see in our investigations: passive security. Incident response engagements are an important part of our work and the intelligence-gathering process and their associated reports can be a treas
Adversaries increasingly using vendor and contractor accounts to infiltrate networks
The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood.