New threat actor, UAT-9921, leverages VoidLink framework in campaigns
Cisco Talos recently discovered a new threat actor, UAT-9221, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink.
All gas, no brakes: Time to come to AI church
This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities.
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants.
Dissecting UAT-8099: New persistence mechanisms and regional focus
Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam.
Microsoft Patch Tuesday for February 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for February 2026, which includes 55 vulnerabilities affecting a range of products, including one (CVE-2025-59498) that Microsoft marked as “Critical”.
I'm locked in!
Hazel reflects on how to find balance while staying informed, then delivers practical updates and insights on the latest cybersecurity threats.
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild.
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever.
I scan, you scan, we all scan for... knowledge?
In this week's newsletter, Bill hammers home the old adage, "Know your environment" — even throughout alert fatigue.
