Tag
#cisco
This week, Martin shows how stepping away from the screen can make you a stronger defender, alongside an inside scoop on emerging malware threats.
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use," Cisco Talos researchers Chris Neal and Craig Jackson
Hackers abused fake GitHub accounts to spread Emmenhtal, Amadey, Lumma and Redline infoStealers in attacks linked to a phishing campaign targeting Ukraine in early 2025.
A Department of Homeland Security memo confirms Chinese group Salt Typhoon, extensively compromised a US National Guard network for nearly a year, stealing sensitive military and law enforcement data.
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses.
Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched
The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements.
Millions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.
Thorsten takes stock of a rapidly evolving vulnerability landscape: record-setting CVE publication rates, the growing fragmentation of reporting systems, and why consistent tracking and patching remain critical as we move through 2025.
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products.