AWS successfully completed its first surveillance audit for ISO 42001:2023 with no findings
In November 2024, Amazon Web Services (AWS) was the first major cloud service provider to announce the ISO/IEC 42001 accredited certification for...
Inside AWS Security Agent: A multi-agent architecture for automated penetration testing
AI agents have traditionally faced three core limitations: they can’t retain learned information or operate autonomously beyond short periods, and they require...
Henry IV, Hotspur, Hal, and hallucinations
Welcome to this week’s edition of the Threat Source newsletter. "'Tis dangerous to take a cold, to sleep, to drink; but I tell you, my...
Aeternum Botnet Shifts Command Control to Polygon Blockchain
New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts - Read more
Before the Breach: When digital footprints become a strategic cyber risk
OverviewFor years, organizations have prioritized strengthening technical defenses, including hardening networks, accelerating patch management, and expanding endpoint detection and response capabilities. Defensive systems have...
AI Capabilities Are Advancing Faster Than AI Security
AI Security Insights – February 2026 - Read more
The Global Fight Over Who Controls Your Data Just Escalated — Here’s What the...
A new diplomatic offensive against foreign privacy laws collides with fresh research showing that weakening data sovereignty protections is the last thing organizations need...
Qilin crew continues to dominate ransomware ecosystem
The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and...
Pelco, Inc. Sarix Pro 3 Series IP Cameras
View CSAF
Summary
Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to...
Yokogawa CENTUM VP R6, R7
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to terminate the software stack process, cause a denial-of-service condition, or execute arbitrary code.
The...
Latest article
Threat tactic spotlight: Subdomain takeover
In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to...
The Half-Life of Threat Intelligence: When Does an IOC Stop Being Useful?
The concept of the IOC — the Indicator of Compromise — sits at the operational heart of modern threat detection. Block the IP. Flag...
Best Prime Day Tech Deals: Apple, Bose, Garmin, and More
Shop early Amazon Prime Day tech deals on earbuds, mice, routers, doorbells, headphones, smartwatches, Android phones, and fitness watches.
The post Best Prime Day Tech...
SprySOCKS Backdoor Expands From Linux to Windows
China-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commands - Read more
