Welcome to this week’s edition of the Threat Source newsletter. Anyone who spoke with me in the last several weeks has had to deal with me loudly waiting in anticipation for the long-awaited “Project…
A significant proportion of cyber incidents are linked to supply chain attacks, and this proportion is constantly growing. Over the past year, we have seen…
Introduction On March 4, 2026, Google and iVerify published reports about a highly sophisticated exploit kit targeting Apple iPhone devices. According to Google, the exploit…
Introduction Zerobot, a Mirai-based botnet known for targeting Internet of Things (IoT) devices, has leveraged a critical vulnerability tracked as CVE-2025-68613, to compromise instances of…
In modern organizations, sensitive data lives everywhere and is constantly moving. It is created, accessed, transformed, and shared across endpoints, browsers, SaaS applications, cloud services,…
Interest in cloud-native application protection platforms (CNAPPs) has exploded over the recent years, partly due to their ability to reduce alert noise by translating siloed…
Summary Microsoft Defender disrupted a human operated ransomware incident targeting a large educational institution with more than a couple of thousand devices. The attacker attempted to…
The 2025 Talos Year in Review is now available to view online. The pace and scale of adversary activity in 2025 placed sustained pressure on security…
Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence (CTI) into validated detections. Instead of measuring “CTI…
Over the past year, I have had conversations with security leaders across a variety of disciplines, and the energy around AI is undeniable. Organizations are…
Executive Summary In 2025, Insikt Group significantly expanded its tracking of malicious infrastructure, broadeningcoverage across additional malware families and threat categories spanning cybercriminal and APT…
The agentic AI future is upon us, and it poses age-old tradeoffs between security and productivity with higher stakes than ever. In early 2026, the…
