Third-Party Risk Is an Intelligence Operation. It’s Time We Treated It Like One.
For years, the cybersecurity industry has treated third-party risk management as a compliance exercise. Assess your vendors. Assign a score. File the report. Move on.…
Category: VendorResearch
Vulnerabilities old and new and something React2
Speed and age shouldn’t be allowed to pair up, but that is the theme of the Talos 2025 Year in Review vulnerability findings. Figure 1. React/React2Shell (2025) at the top,…
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
In this article Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and small-office internet equipment like…
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
By Diana Brown Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. These emails…
Product Manager at Recorded Future
Recorded Future is the World’s Largest Intelligence Company. Our team works to build products that customers love. In this video, Kyle Kohler interviewed with VentureFizz…
How AI Agents Are Redefining the Insider Risk Threat Model
Access Management , Agentic AI , Artificial Intelligence & Machine Learning Proofpoint CEO Sumit Dhawan on Applying Human Insider Risk Safeguards to AI Agents Michael…
15 Top Cybersecurity CEOs On The Future Of AI Agents: RSAC 2026
CRN speaks with CEOs at leading cybersecurity vendors—including CrowdStrike, SentinelOne and Netskope—about where they see AI agents heading next and what they are watching closely.…
Proofpoint CSO Ryan Kalember, Live at RSAC 2026
Watch the Fireside Below, or Click HERE: Tech Edge hosted a fireside chat on March 25 at RSA Conference 2026 in San Francisco with Ryan…
An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases
In 2025, a total of 134 ransomware incidents were reported in Japan, marking a 17.5% increase compared to 2024. Among these, 22 incidents were attributed…
Inside a large-scale automated credential harvesting operation targeting web applications
Cisco Talos is disclosing a large-scale automated credential harvesting campaign carried out by a threat cluster we are tracking as “UAT-10608.” Post-compromise, UAT-10608 leverages automated scripts for extracting and exfiltrating…
Turning Geopolitical Tension into Actionable Intelligence
Geopolitical developments are not peripheral to cybersecurity risk; they are a key driver of it. Regional conflicts, shifts in leadership or even the tightening of…
An Era of Quantum Geopolitics
The expanding conflict around Iran signals a deeper shift. We have entered an era of quantum geopolitics, where the old rules of the international order…