2+ hour, 32+ min ago  (1149+ words) Net Draft is likely a. NET-ported variant of the Final Draft/Squid Door malware family developed and operated exclusively by Jewelbug/REF7707/CL-STA-0049 " also another cluster of China-nexus APT actors. Another malware family deployed by UAT-8302 is Cloud Sorcerer (version 3). Kaspersky disclosed…...

5+ day, 22+ hour ago  (402+ words) AI systems do not'possess'awareness. They'generate plausible responses'within'a given'context'and set of'inputs. As such they can be tricked or fooled into responding'inappropriately through prompt injection or into interacting with systems that are not what they appear to be.' Honeypot systems have long…...

6+ day, 19+ hour ago  (872+ words) A familiar theme in security right now is that the barrier to entry for attackers is at an all-time low. AI tools can spin up websites within minutes that can easily'direct data to disposable external data stores and send alerts…...

1+ week, 4+ day ago  (439+ words) In early 2024, Cisco Talos attributed Arcane Door, a state-sponsored campaign focused on gaining access to network perimeter devices for espionage, to UAT-4356. Customers are advised to refer to Cisco's Security Advisory for mitigation and detection guidance, indicators of compromise (IOCs),…...

1+ week, 6+ day ago  (414+ words) In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof, in everyday business operations. In 2025, phishing attacks…...

1+ week, 6+ day ago  (991+ words) mac OS is no longer a niche operating system. According to the'Stack Overflow 2024 Developer Survey, a third of professional developers use mac OS as their primary platform. These machines'represent'high-value pivot points, often holding source code repositories, cloud credentials, and SSH…...

2+ week, 6+ day ago  (561+ words) This blog describes how n8n, one of the most popular AI workflow automation platforms, has been abused to deliver malware and fingerprint devices by sending automated emails. When the URL receives a request, the subsequent workflow steps are triggered, returning results…...

3+ week, 3+ day ago  (263+ words) One of the clearest trends in the 2025 Talos Year in Review is just how quickly vulnerabilities are now being turned into working exploits. What used to take weeks or months is now happening in days, sometimes hours " and in some…...

3+ week, 5+ day ago  (938+ words) Cisco Talos Blog From the field to the report and back again: How incident responders can use the Year in Review Every year, Cisco Talos publishes Year in Review, a comprehensive look at the previous year's threat landscape. It's drawn…...

3+ week, 5+ day ago  (544+ words) The email'contained'a shortened URL that leads to the download of a password'protected'and'encrypted RAR archive. The decryption password was included in the email body. Based on this email and the collected samples, Talos observed two distinct infection chains originating from the…...