New Osiris Ransomware Using Wide Range of Living off the Land and Dual-use Tools...
A newly discovered ransomware family called Osiris launched attacks against a major food service company in Southeast Asia during November 2025. Security researchers...
I scan, you scan, we all scan for… knowledge?
Welcome to this week’s edition of the Threat Source newsletter. “Upon us all a little rain must fall” — Led Zeppelin, via Henry Wadsworth Longfellow I recently bumped into...
Critical Appsmith Flaw Enables Account Takeovers
Critical vulnerability in Appsmith allows account takeover via flawed password reset process - Read more
From Signals to Strategy: What Security Teams Must Prepare for in 2026
The 2026 Security Predictions webinar reinforced a simple but uncomfortable truth. The forces shaping cyber risk are not new, but they are converging faster...
Under Armour Ransomware Attack Exposes 72M Email Addresses
Many records also contained additional personal information such as names, dates of birth, genders, geographic locations, and purchase information.
The post Under Armour Ransomware Attack...
Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in...
KONNI Adopts AI to Generate PowerShell Backdoors
Key Findings:
Check Point Research (CPR) is tracking a phishing campaign linked to a North Korea–aligned threat actor known as KONNI. This activity goes...
Spanish e-retailer PcComponentes denies report it was hacked
Spanish online electronics retailer PcComponentes has denied a hacker’s claims to have stolen data on its customers. Hackrisk.io, a...
Schneider Electric EcoStruxure Process Expert
View CSAF
Summary
Schneider Electric is aware of a vulnerability in its EcoStruxureTM Process and EcoStruxure™ Process Expert for AVEVA System Platform products. The EcoStruxureTM Process...
Rockwell Automation CompactLogix 5370
View CSAF
Summary
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.
The following versions of Rockwell Automation CompactLogix 5370 are affected:
CompactLogix...
Latest article
CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT
A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing...
CVE-2025-5791 Users: `root` appended to group listings
Information published. - Read more
JCPenney – 368,418 breached accounts
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from JCPenney through...
Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling...
