Please turn JavaScript on
Homepage
TrendingMy newsFind FeedsDelivery settingsPlansMy earnings
HelpBlog
Log in
Find more feeds

Cisco Talos Blog

Get updates from Cisco Talos Blog via email, on your phone or read them on follow.it on your own custom news page.

You can filter the news from Cisco Talos Blog that get delivered to you using tags or topics or you can opt for all of them. Unsubscription is also very simple.

See the latest news from Cisco Talos Blog below.

Site title: Error 404 (Not Found)!!1

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.58 / day

Message History

Do not get high(jacked) off your own supply (chain)

In the span of just a few weeks, we have observed a dizzying array of major supply chain attacks. Prominent examples include the malicious modification of Axios, a popular HTTP client library for JavaScript, as well as cascading compromises from TeamPC...


Read full story
Axios NPM supply chain incident

Cisco Talos is actively investigating the March 31, 2026 supply chain attack on the official Axios node package manager (npm) package during which two malicious versions (v1.14.1 and v0.30.4) were deployed. Axios is one of the more popular JavaScript libraries with as many as 100 million downloads per week.

Axios is a widely-deployed HTTP client library for JavaScript t...


Read full story
The democratisation of business email compromise fraud

Welcome to this week’s edition of the Threat Source newsletter.

Last weekend, I witnessed a crime. Not a notable crime that you might read about in the press, but an unremarkable fraud attempt that nevertheless illustrates how new threat actor capabilities are emerging.

I imagine that most people reading this probably field IT questions from friends, family, and y...


Read full story
[Video] The TTP Ep 21: When Attackers Become Trusted Users

In this episode of the Talos Threat Perspective, we explore how identity is being used to gain, extend, and maintain access inside environments. 

Drawing on insights from the 2025 Talos Year in Review, we break down how attackers are...


Read full story
UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications
Cisco Talos is disclosing a large-scale automated credential harvesting campaign carried out by a threat cluster we are tracking as “UAT-10608.” Post-compromise, UAT-10608 leverages automated scripts for extracting and exfiltrating credentials from a variety of applications, that are then posted to its command and control (C2). The C2 host...

Read full story