UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor.
Brushstrokes and breaches with Terryn Valikodath
Terryn’s path to cybersecurity started with a fascination for criminal forensics and a knack for jailbreaking his family's tech — interests that eventually steered him toward the fast-paced world of digital investigations.
Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as “critical”.
Resolutions, shmesolutions (and what’s actually worked for me)
Talos' editor ditches the pressure of traditional New Year’s resolutions in favor of practical, in-the-moment changes, and finds more success by letting go of perfection. Plus, we break down the latest on UAT-7290, a newly disclosed threat actor targeting critical infrastructure.
UAT-7290 targets high value telecommunications infrastructure in South Asia
Talos assesses with high confidence that UAT-7290 is a sophisticated threat actor falling under the China-nexus of advanced persistent threat actors (APTs). UAT-7290 primarily targets telecommunications providers in South Asia.
How Cisco Talos powers the solutions protecting your organization
What happens under the hood of Cisco's security portfolio? Our reputation and detection services apply Talos' real-time intelligence to detect and block threats. Here's how.
Adios 2025, you won’t be missed
This week, Joe laments on 2025, and what we can think of in 2026 in the wild world of cybersecurity.
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cis
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco Talos is tracking the active targeting of Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance (ESA), and Cisco Secure Email and Web Manager, formerly known as Cisco Content Security Management Appliance (SMA).