More than pretty pictures: Wendy Bishop on visual storytelling in tech
Wendy shares the unique challenges and rewards of bridging the gap between artistic expression and highly technical research.
The n8n n8mare: How threat actors are misusing AI workflow automation
Cisco Talos research has uncovered agentic AI workflow automation platform abuse in emails. Recently, we identified an increase in the number of emails that abuse n8n, one of these platforms, from as early as October 2025 through March 2026.
Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities
Overview of patch tuesday release from Microsoft for April 2026.
[Video] The TTP Ep. 22: The Collapse of the Patch Window
In this episode of The Talos Threat Perspective, we discuss how vulnerability exploitation is accelerating, and why attacker speed, AI, and exposed systems are affecting the patch window.
The threat hunter’s gambit
Bill discusses why obsessing over strategy games is actually a secret weapon to outsmart threat actors.
From the field to the report and back again: How incident responders can use the Year in Review
The Year in Review distills Talos IR's observations into structured intelligence, but defenders should also be feeding this report back into their own preparation cycles. Here's how.
New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver a newly identified malware family, “LucidRook.”
Talos Takes: 2025's ransomware trends and zombie vulnerabilities
In this episode of Talos Takes, Amy and Pierre Cadieux unpack the ransomware and vulnerability trends that defined 2025.