blog.talosintelligence.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-19.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-05-19 2026 | TP-Link Photoshop OpenVPN Norton VPN vulnerabilitiesRCE | Writeup detailing eight vulnerabilities in TP-Link Archer AX53 routers, including stack-based buffer overflow (CVE-2026-30814) and OS command injection (CVE-2026-30815, CVE-2026-30816, CVE-2026-30817, CVE-2026-30818, TALOS-2025-2307, TALOS-2025-2308, TALOS-2025-2309). It also covers privilege escalation in Adobe Photoshop via the Microsoft Store (CVE-2026-34632), a reachable assertion leading to DoS in OpenVPN (CVE-2026-35058), and privilege escalation in Norton VPN via the Microsoft Store (CVE-2025-58074). |
| 2026-05-12 2026 | Microsoft Patch Tuesday for May 2026 Snort rules and prominent vulnerabilitiesRCE | Library of Snort rules addresses Microsoft's May 2026 Patch Tuesday vulnerabilities, including 31 critical issues like RCE flaws in Azure, Windows services, Microsoft Office, and SharePoint. Specific CVEs highlighted include CVE-2026-32161 (Windows Native WiFi Miniport Driver), CVE-2026-33109 and CVE-2026-33844 (Azure Managed Instance for Apache Cassandra), CVE-2026-35421 (Windows GDI), CVE-2026-40358, CVE-2026-40361, CVE-2026-40363, CVE-2026-40364, CVE-2026-40366, and CVE-2026-4067 (Microsoft Office/Word), CVE-2026-40365 (Microsoft SharePoint), CVE-2026-40403 (Windows Win32K – GRFX), CVE-2026-41089 (Windows Netlogon), CVE-2026-41096 (Windows DNS Client), CVE-2026-42831 (Office for Android), and CVE-2026-42898 (Microsoft Dynamics 365). |
| 2026-04-14 2026 | Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent VulnerabilitiesRCE | Snort rules detect exploitation attempts for Microsoft's April 2026 Patch Tuesday, which includes 165 vulnerabilities. Critical issues addressed by the rules include CVE-2026-23666 (.NET DoS), CVE-2026-33824 (Windows IKE RCE), CVE-2026-33826 (Active Directory RCE), and CVE-2026-33827 (Windows TCP/IP RCE). The update also covers several "more likely" to be exploited important vulnerabilities, such as CVE-2026-0390 (UEFI Secure Boot bypass) and CVE-2026-32201 (SharePoint spoofing). |
| 2026-04-10 2026 | Cisco Talos: State-of-the-art phishing — MFA bypassAuthN | Library for detecting and defending against state-of-the-art phishing attacks that bypass multi-factor authentication (MFA) using adversary-in-the-middle (AiTM) techniques. It covers how Phishing-as-a-Service (PhaaS) kits like Tycoon 2FA and Evilproxy facilitate these attacks by intercepting credentials and authentication cookies via reverse proxies. The library also highlights WebAuthn as a strong defense against MFA bypass. |
| 2026-04-03 2026 | Do not get high(jacked) off your own supply (chain)Supply Chain | Analysis of recent supply chain attacks targeting widely used libraries like Axios and projects like Trivy, highlighting the impact of vulnerabilities such as React2Shell and Log4j. The entry emphasizes the ongoing threat posed by compromised open-source components and the necessity of securing CI/CD pipelines, maintaining software inventories, and implementing fundamental security practices like MFA and robust logging. |