 | Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities | 2026-07-14 | True | Cisco Talos | True | | |
 | The serpent’s tongue: Luring the Python out of its den | 2026-07-14 | True | Onur Mustafa Erdogan | True | | |
 | UAT-7810 continues building ORB networks using new malware | 2026-07-07 | True | Jungsoo An | True | | |
 | Catan and Mouse | 2026-07-02 | True | William Largent | True | | |
 | ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365 | 2026-07-01 | True | Michael Kelley | True | | |
 | Beyond IOCs: AI-enabled threat intelligence | 2026-06-25 | True | Martin Lee | True | | |
 | Introduction to COM usage by Windows threats | 2026-06-25 | True | Vanja Svajcer | True | | |
 | Close Encounters of the Human Kind | 2026-06-18 | True | Hazel Burton | True | | |
 | A tale of two eras | 2026-06-11 | True | Amy Ciminnisi | True | | |
 | Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities | 2026-06-09 | True | Chetan Raghuprasad | True | | |
 | Reporting from Vegas: Networking, AI, and good boys | 2026-06-04 | True | Joe Marshall | True | | |
 | Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting | 2026-06-04 | True | Cisco Talos | True | | |
 | Less panic patching, more precision | 2026-05-28 | True | Thorsten Rosendahl | True | | |
 | DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap | 2026-05-28 | True | Emmanuel Tacheau | True | | |
 | MediaArea heap-based buffer overflow vulnerabilities | 2026-05-27 | True | Kri Dontje | True | | |
 | The art of being ungovernable | 2026-05-21 | True | William Largent | True | | |
 | TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities | 2026-05-19 | True | Kri Dontje | True | | |
 | From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat | 2026-05-19 | True | Joey Chen | True | | |
 | The time of much patching is coming | 2026-05-14 | True | Martin Lee | True | | |
 | Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities | 2026-05-14 | True | Cisco Talos | True | | |
 | Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities | 2026-05-12 | True | Jaeson Schultz | True | | |
 | State-sponsored actors, better known as the friends you don’t want | 2026-05-12 | True | Elio Biasiotto | True | | |
 | Unplug your way to better code | 2026-05-07 | True | Amy Ciminnisi | True | | |
 | Insights into the clustering and reuse of phone numbers in scam emails | 2026-05-06 | True | Omid Mirzaei | True | | |
 | UAT-8302 and its box full of malware | 2026-05-05 | True | Jungsoo An | True | | |
 | CloudZ RAT potentially steals OTP messages using Pheno plugin | 2026-05-05 | True | Alex Karkins | True | | |
 | Great responsibility, without great power | 2026-04-30 | True | Hazel Burton | True | | |
 | It pays to be a forever student | 2026-04-23 | True | Joe Marshall | True | | |
 | UAT-4356's Targeting of Cisco Firepower Devices | 2026-04-23 | True | Cisco Talos | True | | |
 | IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persist | 2026-04-22 | True | Aliza Johnson | True | | |
 | [Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025 | 2026-04-21 | True | Amy Ciminnisi | True | | |
 | Phishing and MFA exploitation: Targeting the keys to the kingdom | 2026-04-21 | True | Kri Dontje | True | | |
 | Bad Apples: Weaponizing native macOS primitives for movement and execution | 2026-04-21 | True | William Charles Gibson | True | | |
 | Foxit, LibRaw vulnerabilities | 2026-04-16 | True | Kri Dontje | True | | |
 | The Q1 vulnerability pulse | 2026-04-16 | True | Thorsten Rosendahl | True | | |
 | PowMix botnet targets Czech workforce | 2026-04-16 | True | Chetan Raghuprasad | True | | |
 | The n8n n8mare: How threat actors are misusing AI workflow automation | 2026-04-15 | True | Sean Gallagher | True | | |
 | Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities | 2026-04-14 | True | Nick Biasini | True | | |
 | State-sponsored threats: Different objectives, similar access paths | 2026-04-14 | True | Hazel Burton | True | | |
 | [Video] The TTP Ep. 22: The Collapse of the Patch Window | 2026-04-10 | True | Hazel Burton | True | | |
 | The threat hunter’s gambit | 2026-04-09 | True | William Largent | True | | |
 | From the field to the report and back again: How incident responders can use the Year in Review | 2026-04-09 | True | Jerzy ‘Yuri’ Kramarz | True | | |
 | New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations | 2026-04-08 | True | Ashley Shen | True | | |
 | The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines | 2026-04-07 | True | Cisco Talos | True | | |
 | Year in Review: Vulnerabilities old and new and something React2 | 2026-04-07 | True | Kri Dontje | True | | |
 | Do not get high(jacked) off your own supply (chain) | 2026-04-03 | True | Dave Liebenberg | True | | |
 | Axios NPM supply chain incident | 2026-04-03 | True | Nick Biasini | True | | |
 | The democratisation of business email compromise fraud | 2026-04-02 | True | Martin Lee | True | | |
 | UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications | 2026-04-02 | True | Asheer Malhotra | True | | |
 | Qilin EDR killer infection chain | 2026-04-02 | True | Takahiro Takeda | True | | |