zero-click-exploit-analysis

Zero-Click, Old Tricks Anatomy of the 2025 WhatsApp–ImageIO z...

Study Finds ROME AI Agent Attempted Cryptomining Without Instructions

A recent research paper describing the training of an experimental AI agent has started a discussion after the…...

CVE-2026-24903 OrcaStatLLM Researcher Stored Cross-Site Scripting (XSS) via Log Message Injection in Session Page

OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross-Site Scripting XSS vulnerability was discovered in the Log Message in the Session Page in OrcaStatLLM-Researcher that allows attackers to inject and execute arbitrary JavaScript code in victims' browsers through...

Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks

In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups' targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”...

New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects. This research, led by independent security researche...

Friday Squid Blogging: Squid Filmed Changing Color for Camouflage Purposes

Video of oval squid Sepioteuthis lessoniana changing color in reaction to their background. The research paper claims this is the first time this has been documented. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog...

Friday Squid Blogging: Squid Skin–Inspired Insulating Material

Interesting: Drawing inspiration from cephalopod skin, engineers at the University of California, Irvine invented an adaptive composite material that can insulate beverage cups, restaurant to-go bags, parcel boxes and even shipping containers. … "The metal islands in our composite material are ne...

APT41 Resurfaces as Earth Baku With New Cyberespionage Campaign

Our research paper provides an in-depth analysis of Earth Baku's new cyberespionage campaign, particularly the group's use of advanced malware tools and multiple attack vectors...

Friday Squid Blogging: Underwater Cameras for Observing Squid

Interesting research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Talos Takes Ep. #40: Takeaways from interviewing a ransomware operator

The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. This week, we have two guests on a Talos Takes first! to discuss our recent research paper on the LockBit ransomware. Two of the authors,...

Threat Source newsletter (Feb. 4, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We are excited to finally share this LockBit research paper with you all after months of work. Some of our researchers spoke to a ransomware operator, which provided us insight into a threat actor’s day-to-day goals and tactics. T...

New Snort, ClamAV coverage strikes back against Cobalt Strike

By Nick Mavis. Editing by Joe Marshall and Jon Munshaw. Cisco Talos is releasing a new research paper called “The Art and Science of Detecting Cobalt Strike.” We recently released a more granular set of updated SNORTⓇ and ClamAVⓇ detection signatures to detect attempted obfuscation and exfiltrati...

Threat Source newsletter for Aug. 27, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. As part of our continued look at election security ahead of the November election, we have another research paper out this week. This time, we’re taking a closer look at disinformation campaigns, popularly known as “fake news.” Th...

Threat Source newsletter for July 16, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. If you haven’t already, we highly recommend you read our in-depth research paper on election security. This paper represents four years of hands-on research, interviews and insight into how things have changed since 2016, and what...

Securing the future of AI and machine learning at Microsoft

Artificial intelligence AI and machine learning are making a big impact on how people work, socialize, and live their lives. As consumption of products and services built around AI and machine learning increases, specialized actions must be undertaken to safeguard not only your customers and thei...

Using Machine Learning to Create Fake Fingerprints

Researchers are able to create fake fingerprints that result in a 20% false-positive rate. The problem is that these sensors obtain only partial images of users' fingerprints -- at the points where they make contact with the scanner. The paper noted that since partial prints are not as distinctiv...

Friday Squid Blogging: Eating More Squid

This research paper concludes that we'll be eating more squid in the future. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

New Spectre-Level Flaw Targets Return Stack Buffer

Researchers have discovered yet another speculative execution side-channel flaw enabling attackers to access sensitive data at the CPU level. The new Spectre-class exploit, dubbed SpectreRSB, was detailed by researchers from the University of California at Riverside in a research paper on Friday...

Universal Plug and Play (UPnP): What you need to know

Universal Plug and Play UPnP is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a...

Virus Bulletin Publication And Presentation

Virus Bulletin conference is a well regarded intimate technical conference focused on malware research. It provides a good balance between listening to technical talks and spending time exchanging experiences with colleagues from different companies; all working on the same task of making our...