Pelco, Inc. Sarix Pro 3 Series IP Cameras
View CSAF
Summary
Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to...
New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Dohdoor utilizes the DNS-over-HTTPS (DoH)...
Fake UK government website redirect detection time reduced to eight days
It used to take two months, but the UK government has reduced the time it takes to address fake DNS redirects - Read...
CVE-2026-23229 crypto: virtio – Add spinlock protection with virtqueue notification
Information published. - Read more
Elastic Stack 9.3.1 released
Version 9.3.1 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 9.3.1 over the previous versions...
Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from...
Recorded Future is expanding its payment fraud prevention capabilities through a partnership with CYBERA, the industry leader in detecting and verifying data on...
Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127)
OverviewOn February 25, 2026, Cisco disclosed a critical authentication bypass vulnerability in Cisco Catalyst SD‑WAN Controller and Cisco Catalyst SD‑WAN Manager, tracked as CVE‑2026‑20127,...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End User Credentials Tenable Research has identified and responsibly disclosed a...
Hackers Can Abuse Cortex XDR Live Terminal Feature for C2 Communications
A newly disclosed research finding has revealed that Palo Alto Networks’ Cortex XDR Live Terminal feature can be turned into a command-and-control (C2) channel...
Latest article
Looking at the SmarterMail API Vulnerability CVE-2026-24423
Sensor Intel Series: February 2026 CVE Trends - Read more
Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk
A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in.
The...
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a...
This one’s for you, Mom
Welcome to this week’s edition of the Threat Source newsletter. I am the product of a single parent, my mom, who along with my grandparents...
