2025 Talos Year in Review: Speed, scale, and staying power

The 2025 Talos Year in Review is now available to view online. The pace and scale of adversary activity in 2025 placed sustained pressure on security teams across industries. As with each annual report, our goal at Talos is to provide the security community with a clear analysis of the tactics,...

CVE-2026-26328 OpenClaw iMessage group allowlist authorization inherited DM pairing-store identities

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, under iMessage groupPolicy=allowlist, group authorization could be satisfied by sender identities coming from the DM pairing store, broadening DM trust into group contexts. Version 2026.2.14 fixes the issue...

PT-2026-20371

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 clawdbot versions prior to 2026.1.24-3 Description When iMessage is configured with groupPolicy=allowlist, group authorization could be satisfied by sender identities from the DM pairing store, extending DM...

SecureBank: A Financially-Aware Zero Trust Architecture for High-Assurance Banking Systems

Financial institutions increasingly rely on distributed architectures, open banking APIs, cloud native infrastructures, and high frequency digital transactions. These transformations expand the attack surface and expose limitations in traditional perimeter based security models. While Zero Trust...

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

Some risks don't breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren't the loudest—they were the most legitimate-looking. In an environment where identity, trust, and tooling are all...