2025 Talos Year in Review: Speed, scale, and staying power
The 2025 Talos Year in Review is now available to view online.The pace and scale of adversary activity in 2025 placed sustained pressure on security...
Irish government launches CNI resilience plan
Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes...
Chromium: CVE-2026-4464 Integer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2026) for more information. - Read...
Crossbench MPs pressure Labor over gas export tax – as it happened
This blog is now closedHundreds of petrol stations across Australia run out of fuel as Albanese inks supply deal with SingaporeSA premier warns One...
The endpoint tax is over: Elastic Security XDR
Introducing Elastic Security XDR. By eliminating the "endpoint tax,” our agentic security operations platform is enabling organizations to achieve total visibility and world-class prevention...
Hackers Compromise Trivy Scanner to Inject malicious Scripts and Steal Login Credentials
A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and continuous deployment (CI/CD) pipelines globally. Disclosed...
CVE-2026-23204 net/sched: cls_u32: use skb_header_pointer_careful()
Information published. - Read more
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
Attackers have compromised the widely used open-source Trivy vulnerability scanner, injecting credential-stealing malware into official releases and GitHub Actions used...
Metasploit Wrap-Up 03/20/2026
♫ I Just Called ♫ To Say ♫ 7f45 4c46 0201 0100 0000 0000 0000 0000 0300 3e00 0100♫This release contains 2 new exploit modules,...
Latest article
China-Linked Hackers Breach Southeast Asian Military Systems in Long-Running Spy Campaign
A sophisticated and long-running cyber espionage campaign, tracked as CL-STA-1087, has been quietly targeting military organizations across Southeast Asia since at least 2020. The...
Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service
Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause...
US government launches Bureau of Emerging Threats
The US’ new Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks,...
The Unintentional Enabler: How Cloudflare Services are Abused for Credential Theft and Malware Distribution
By: Marie Mamaril, Intelligence TeamCloudflare's suite of services like Workers, Tunnels, Turnstile, Pages and Cloudflare R2 (*r2dev) continue to be abused by threat actors...
