Agentic AI security: Why you need to know about autonomous agents now
There are many benefits and security risks of deploying agentic AI within organizations. This blog emphasizes the importance of robust risk management and threat modeling to defend against both internal operational errors and potential malicious exploitation.
Spinning complex ideas into clear docs with Kri Dontje
The episode features Kri Dontje discussing her role in translating complex technical cybersecurity topics into clear, accessible documentation, emphasizing the importance of consistency, accuracy, and collaboration with subject matter experts.
Microsoft Patch Tuesday for March 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for March 2026 which includes 79 vulnerabilities, including three that Microsoft marked as “critical.”
Patch, track, repeat: The 2025 CVE retrospective
Thor analyzes CVE data from 2025 and provides recommendations for where and how organizations should strengthen their defenses.
UAT-9244 targets South American telecommunication providers with three new malware implants
Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat (APT) actor closely associated with Famous Sparrow.
Henry IV, Hotspur, Hal, and hallucinations
In this edition of the Threat Source newsletter, William draws parallels between Shakespeare’s Hotspur and the challenges of cybersecurity and AI, emphasizing the importance of risk-taking, learning from failure, and surrounding yourself with smart people.
New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.”
Active exploitation of Cisco Catalyst SD-WAN by UAT-8616
Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges.