NSA urges continuous checks to achieve zero trust
The agency leading the US government’s cryptology and cyber security strategies has published its latest zero-trust guidance - Read more
Threat and Vulnerability Management in 2026
Key Takeaways: Traditional vulnerability management tools can no longer keep up with the speed of modern exploitation—threat context is now mandatory. Threat...
Elevating global operations: Mastering multi-cluster Elastic deployments with Fleet
This blog highlights the features built into Fleet and Integrations that enable Elastic Agents to seamlessly operate in these environments. - Read more
Kaiser to Pay $46M in Patient Data Lawsuit. Find Out If You’re Eligible
Kaiser Permanente agreed to a $46M settlement over claims that patient health information was improperly disclosed online. The claims deadline is March 12, 2026.
The...
Hackers Abusing Legitimate Cloud and CDN Platforms to Host Phishing Kits
Threat actors are increasingly using trusted cloud and content delivery network platforms to host phishing kits, creating major detection challenges for security teams. ...
Predicting 2026
Welcome to this week’s edition of the Threat Source newsletter. It’s become traditional at this time of year to make predictions about cybersecurity for the coming...
AVEVA Process Optimization
View CSAF
Summary
Successful exploitation of these vulnerabilities could enable an attacker to execute remote code, perform SQL injection, escalate privileges, or access sensitive information.
The following...
Cyber body ISC2 signs on as UK software security ambassador
Professional cyber association ISC2 pledges support to UK government’s Software Security Ambassador scheme, part of the recently unveiled Cyber Action Plan - Read...
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor based on...
6-day and IP Address Certificates are Generally Available
Short-lived and IP address certificates are now generally available from Let’s Encrypt. These certificates are valid for 160 hours, just over six days. In...
Latest article
23 ClawHub Plugins Abuse Official Org Scopes to Impersonate Trusted AI Agent Tools
A new supply chain threat has surfaced in the AI agent ecosystem that is both subtle and serious. Researchers uncovered 23 plugins on...
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access.
The post New Apple Exploit Exposes Millions...
AI-powered cyber attacks may be just months away, warn Five Eyes
Frontier AI models will pose a greater cyber security risk to government and businesses than previously thought, putting businesses and governments at risk within...
AWS Continuum offers devs help with securing code
AI coding agents are making it easier than ever to produce software. Ensuring that software is secure before deployment is...
