 | Less panic patching, more precision | 2026-05-28 | True | Thorsten Rosendahl | True | | |
| DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap | 2026-05-28 | True | Emmanuel Tacheau | True | | |
| MediaArea heap-based buffer overflow vulnerabilities | 2026-05-27 | True | Kri Dontje | True | | |
| The art of being ungovernable | 2026-05-21 | True | William Largent | True | | |
| TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities | 2026-05-19 | True | Kri Dontje | True | | |
| From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat | 2026-05-19 | True | Joey Chen | True | | |
| The time of much patching is coming | 2026-05-14 | True | Martin Lee | True | | |
| Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities | 2026-05-14 | True | Cisco Talos | True | | |
| Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities | 2026-05-12 | True | Jaeson Schultz | True | | |
| State-sponsored actors, better known as the friends you don’t want | 2026-05-12 | True | Elio Biasiotto | True | | |
| Unplug your way to better code | 2026-05-07 | True | Amy Ciminnisi | True | | |
| Insights into the clustering and reuse of phone numbers in scam emails | 2026-05-06 | True | Omid Mirzaei | True | | |
| UAT-8302 and its box full of malware | 2026-05-05 | True | Jungsoo An | True | | |
| CloudZ RAT potentially steals OTP messages using Pheno plugin | 2026-05-05 | True | Alex Karkins | True | | |
| Great responsibility, without great power | 2026-04-30 | True | Hazel Burton | True | | |
| It pays to be a forever student | 2026-04-23 | True | Joe Marshall | True | | |
| UAT-4356's Targeting of Cisco Firepower Devices | 2026-04-23 | True | Cisco Talos | True | | |
| IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persist | 2026-04-22 | True | Aliza Johnson | True | | |
| [Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025 | 2026-04-21 | True | Amy Ciminnisi | True | | |
| Phishing and MFA exploitation: Targeting the keys to the kingdom | 2026-04-21 | True | Kri Dontje | True | | |
| Bad Apples: Weaponizing native macOS primitives for movement and execution | 2026-04-21 | True | William Charles Gibson | True | | |
| Foxit, LibRaw vulnerabilities | 2026-04-16 | True | Kri Dontje | True | | |
| The Q1 vulnerability pulse | 2026-04-16 | True | Thorsten Rosendahl | True | | |
| PowMix botnet targets Czech workforce | 2026-04-16 | True | Chetan Raghuprasad | True | | |
| The n8n n8mare: How threat actors are misusing AI workflow automation | 2026-04-15 | True | Sean Gallagher | True | | |
| Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities | 2026-04-14 | True | Nick Biasini | True | | |
| State-sponsored threats: Different objectives, similar access paths | 2026-04-14 | True | Hazel Burton | True | | |
| [Video] The TTP Ep. 22: The Collapse of the Patch Window | 2026-04-10 | True | Hazel Burton | True | | |
| The threat hunter’s gambit | 2026-04-09 | True | William Largent | True | | |
| From the field to the report and back again: How incident responders can use the Year in Review | 2026-04-09 | True | Jerzy ‘Yuri’ Kramarz | True | | |
| New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations | 2026-04-08 | True | Ashley Shen | True | | |
| The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines | 2026-04-07 | True | Cisco Talos | True | | |
| Year in Review: Vulnerabilities old and new and something React2 | 2026-04-07 | True | Kri Dontje | True | | |
| Do not get high(jacked) off your own supply (chain) | 2026-04-03 | True | Dave Liebenberg | True | | |
| Axios NPM supply chain incident | 2026-04-03 | True | Nick Biasini | True | | |
| The democratisation of business email compromise fraud | 2026-04-02 | True | Martin Lee | True | | |
| UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications | 2026-04-02 | True | Asheer Malhotra | True | | |
| Qilin EDR killer infection chain | 2026-04-02 | True | Takahiro Takeda | True | | |
| Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders | 2026-04-02 | True | Hazel Burton | True | | |
| An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases | 2026-04-02 | True | Azim Khodjibaev | True | | |
| Ransomware in 2025: Blending in is the strategy | 2026-03-31 | True | Hazel Burton | True | | |
| TP-Link, Canva, HikVision vulnerabilities | 2026-03-26 | True | Kri Dontje | True | | |
| A puppet made me cry and all I got was this t-shirt | 2026-03-26 | True | Amy Ciminnisi | True | | |
| You have to invite them in | 2026-03-19 | True | Hazel Burton | True | | |
| Everyday tools, extraordinary crimes: the ransomware exfiltration playbook | 2026-03-19 | True | Maria Jose Erquiaga | True | | |
| This one’s for you, Mom | 2026-03-12 | True | Joe Marshall | True | | |
| DirectX, OpenFOAM, Libbiosig vulnerabilities | 2026-03-11 | True | Kri Dontje | True | | |
| Microsoft Patch Tuesday for March 2026 — Snort rules and prominent vulnerabilities | 2026-03-10 | True | Takahiro Takeda | True | | |
| Patch, track, repeat: The 2025 CVE retrospective | 2026-03-05 | True | Thorsten Rosendahl | True | | |
| UAT-9244 targets South American telecommunication providers with three new malware implants | 2026-03-05 | True | Asheer Malhotra | True | | |
