I'm locked in!

• Welcome to this week’s edition of the Threat Source newsletter. • I’ve struggled a lot over the last few years with balance. • I want to follow the news closely, but at the same time, I want to block everything out for self-preservation. • Add in the fact that I love history and I’m an empath, and you’ve got a lovely concoction of feeling things intensely, mixed with echoes of “Haven’t we been here before?” Following the news means I’m always feeding both sides of my brain - the need for context, and the feeling of being overwhelmed. • At times like these, I have to remind myself that caring isn’t a flaw, and neither is paying attention. • History has had its bleak moments, of course, but it’s also full of stories about humanity and resilience.

Article Summaries:

• The Threat Source newsletter highlights Cisco Talos Incident Response’s Q4 2025 report, noting a shift in attacker tactics. Public‑facing application exploitation remains the top initial access method, though it fell from 62 % to about 40 % of engagements. Phishing rose as the second‑most common technique, with a notable focus on Native American tribal organizations, and credential harvesting frequently enabled deeper internal attacks. Ransomware incidents declined to 13 % of cases, with Qilin ransomware still the most prevalent strain. The report underscores the urgency of rapid patching, reducing exposure, and strengthening MFA to counter evolving adversary methods.

Sources:

• https://blog.talosintelligence.com/im-locked-in/