Welcome to this week’s edition of the Threat Source newsletter.
This week, we explore how advances in agentic AI are rapidly transforming the cyber crime business.
Agentic AI programming gives AI agents autonomy, allowing them to interact with external systems to collect information, make decisions with the help of a generative AI system, and then effect changes in the external environment. The activity takes place through various APIs according to the instructions provided to the agent and in the context of a defined workflow.
The advantage for human operators is that these systems can efficiently execute routine activities that would otherwise require accessing multiple systems. Essentially, the AI agent acts as a trusted assistant who is able to get on with things with minimal supervision while the human operator can focus on other things.
As this approach brings advantages to the legitimate economy, so it brings similar efficiencies to the cyber crime economy. More recently, the publication of the discovery of the first AI-orchestrated cyber campaign should give us pause. It signals a new era for cybersecurity teams.
We’re entering a time when we can expect to see much experimentation and innovation with AI in both the legitimate and cyber crime economies. AI can act as a force enabler, making tasks easier and faster to perform. Similarly, AI can lower barriers to entry, allowing lower skilled actors to perform tasks that they lack the skills to perform. While AI does not bring new capabilities, it can make existing capabilities easier to execute. However, AI systems still require skillful instruction and supervision.
AI is not infallible, it gets things wrong, and it is prone to inventing nonsense. When it does go off the rails, a human needs to step in and resolve the situation. This is not necessarily easy to do and may prove tricky for low-skilled threat actors.
Don’t be discouraged: We can also leverage these developments to our advantage. Defensive teams can write their own agentic systems to find and fix weaknesses in their own systems before malicious actors identify them. We can deploy honeypot systems designed to be found by malicious AI systems, engage with them and tie up their resources.
The threat landscape has never been static. While AI does make some tasks more accessible to threat actors, it is a double-edged sword and also brings opportunities to defenders.
The one big thing
Cisco Talos has introduced new features for Snort3 users within Cisco Secure Firewall. A new "Severity" rule group allows you to organize detection rules by CVSS-based vulnerability severity (low, medium, high, critical). This allows teams to better prioritize and manage rules according to risk and urgency. You can also select rules based on vulnerability age (e.g., last 2, 5, or 10 years).
Why do I care?
This update allows you greater flexibility and control. It makes it simpler to maintain consistent, targeted detection coverage, whether you’re running large, distributed networks or smaller environments with tailored security priorities.
So now what?
Review your current Snort3 rule configurations in Cisco Secure Firewall and consider adopting the new Severity and time-based grouping features. By tailoring rule sets to your organization’s specific risk tolerance and patching cycles, you can optimize detection coverage, streamline management, and better protect your environments.
Top security headlines of the week
Critical railway braking systems open to tampering
Researchers have figured out how to spoof the signals that tell train conductors to brake, opening the door to any number of dangerous attack scenarios. (Dark Reading)
EchoGram flaw bypasses guardrails in major LLMs
A flaw discovered in early 2025 and dubbed EchoGram allows simple, specially chosen words or code sequences to completely trick the automated defences, or guardrails, meant to keep the AI safe. (HackRead)
Over 67,000 fake npm packages flood registry in worm-like spam attack
The worm-life propagation mechanism and the use of a distinctive naming scheme that relies on Indonesian names and food terms for the newly created packages have lent it the moniker IndonesianFoods Worm. The bogus packages masquerade as Next.js projects. (The Hacker News)
Cornerstone Staffing ransomware attack leaks 120,000 resumes, claims Qilin gang
The notorious Qilin gang posted the industry-leading recruitment agency on its dark leak blog last Thursday. The group claims to have exfiltrated 300GB of sensitive information from Cornerstone. (Cybernews)
Surveillance tech provider Protei was hacked, its data stolen, and its website defaced
It’s not clear exactly when or how Protei was hacked, but a copy of the company’s website saved on the Internet Archive’s Wayback Machine shows it was defaced on November 8 and restored soon after. (TechCrunch)
Can’t get enough Talos?
The TTP: How Talos built an AI model into one of the internet's most abused layers
Hazel talks with Talos researcher David Rodriguez about how adversaries use DNS tunneling to sneak data out of networks, why it’s so difficult to spot in real time, and how Talos built an AI model to detect it without breaking anything important (like the internet).
Humans of Talos: On epic reads, lifelong learning, and empathy
In this episode, Bill Largent shares what drew him to Talos, how his love of reading has shaped his cybersecurity ethos, and the key insights he shares for the next generation of cybersecurity professionals.
Unleashing the Kraken ransomware group
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel.
Upcoming events where you can find Talos
- DeepSec IDSC (Nov. 18 – 21) Vienna, Austria
- AVAR (Dec. 3 – 5) Kuala Lumpur, Malaysia
Most prevalent malware files from Talos telemetry over the past week
SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507
MD5: 2915b3f8b703eb744fc54c81f4a9c67f
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe_1_Exe.exe
Detection Name: Win.Worm.Coinminer::1201
SHA256: 90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59
MD5: c2efb2dcacba6d3ccc175b6ce1b7ed0a
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59
Example Filename: ck8yh2og.dll
Detection Name: Auto.90B145.282358.in02
SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974
MD5: aac3165ece2959f39ff98334618d10d9
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974
Example Filename: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974.exe
Detection Name: W32.Injector:Gen.21ie.1201
SHA256: c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe
MD5: bf9672ec85283fdf002d83662f0b08b7
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe
Example Filename: f_0008d7.html
Detection Name: W32.C0AD494457-95.SBX.TG
SHA256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91
MD5: 7bdbd180c081fa63ca94f9c22c457376
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe_3_Exe.exe
Detection Name: Win.Dropper.Miner::95.sbx.tg
Source: Cisco Talos
Source Link: https://blog.talosintelligence.com/its-not-personal-its-just-business/