Intelligence Center

Threat Research

New Dohdoor malware campaign targets education and health care

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Learn More

Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework

Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. Learn More

UAT-8837 targets critical infrastructure sectors in North America

Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor. Learn More

Fortify Your Defense

Evolve your incident response with intelligence-led proactive services and deep expertise that only Talos can offer, before –and during– an active emergency. Anyone can stand behind you – Talos IR stands beside you, every step of the way.

Together, we can reduce downtime and mitigate risk. Get started today.

Learn More

Latest Beers with Talos Podcast Episodes

March 10, 2026 | Ep. 154
Matt Olney's back to talk about TikTok diagnosing us with ADHD, K-Pop Demon Hunters, ransomware in hospitals (the serious bit), attacker use of AI, and more.
Listen to episode
December 4, 2025 | Ep. 153
Ranksgiving has returned! The team, with much discourse, ranks their top five Thanksgiving dishes.
Listen to episode

Why Cisco Talos?

Talos is Cisco's threat intelligence research organization, an elite group of security experts devoted to providing superior protection for our customers, products and services.

Our job is your defense.

Talos powers the Cisco portfolio with comprehensive intelligence.

Every customer environment, every event, every single day, all around the world.

Find Out More