From new ransomware groups, a growing mercenary space, espionage campaigns, supply chain attacks, and new “as a service” tools popping up, there's a lot to talk about already in the first half of 2023.

Here are the main threats we've covered on our blog up until the end of June 2023. The timeline is a blend of threat advisory articles, and long-term research that our analysts have been working on for a while.


Be sure to subscribe to blog.talosintelligence.com to get future blogs sent straight to your inbox. You can also follow our ongoing Vulnerability Roundup series, where we run down the latest vulnerabilities, attack scenarios, and coverage.

For commentary on the biggest threats of the year so far, check out our Half Year Review YouTube playlist, featuring Nick Biasini:

Many of the threats we've written about this year have involved extortion as part of the attackers’ plans. We've seen threat actors utilize every chance they get to steal sensitive data, to be used in future attacks and/or to manipulate victims into paying up before their data ends up on the dark web. Another growing trend is the mercenary landscape – “hackers for hire” growing their wares and increasingly commercializing tools, such as spyware.

The mercenary space is a topic we'll talk more about in the “2023 Year in Review” which Cisco Talos researchers, detection specialists, linguists, threat hunters, incident responders, and analysts are now actively working on, and will be published later this year.

Last year’s inaugural report represented an unprecedented effort within Cisco to tell a comprehensive story of our work, relying on a wide variety of data and expertise. This year, we are bringing all these elements together again, to report on how the threat landscape has changed from 2022 and delve deep into some of the most notorious and impactful threats of 2023.