All gas, no brakes: Time to come to AI church
This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities.
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants.
I'm locked in!
Hazel reflects on how to find balance while staying informed, then delivers practical updates and insights on the latest cybersecurity threats.
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild.
Dissecting UAT-8099: New persistence mechanisms and regional focus
Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam.
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever.
I scan, you scan, we all scan for... knowledge?
In this week's newsletter, Bill hammers home the old adage, "Know your environment" — even throughout alert fatigue.
Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.
Predicting 2026
In this week’s newsletter, Martin examines the evolving landscape for 2026, highlighting key threats, emerging trends like AI-driven risks, and the continued importance of addressing familiar vulnerabilities.