How to check the impact of third-party CVEs on your Elastic deployment
Instantly check the impact of third-party CVEs on your Elastic deployment with the new self-service CVE Impact Statements on the Support Hub. Quickly filter...
US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards...
Using AI to defeat AI
Welcome to this week’s edition of the Threat Source newsletter. Generative AI and agentic AI are here to stay. Although I believe that the advantages...
Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under...
Remcos RAT Expands Real-Time Surveillance Capabilities
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows - Read more
CVE-2026-21528 Azure IoT Explorer Information Disclosure Vulnerability
Corrected the CVE description and title. This is an informational change only. - Read more
Figure Data Breach Exposes Nearly 1 Million Customers Online
Fintech lender Figure suffered a social-engineering breach that led to a data dump online. Have I Been Pwned found 967,200 exposed email records.
The post...
ICO wins appeal over data protection obligations in Currys cyber attack
The ICO has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World....
Jinan USR IOT Technology Limited (PUSR) USR-W610
View CSAF
Summary
Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator...
Valmet DNA Engineering Web Tools
View CSAF
Summary
Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access.
The...
Latest article
‘Agents of Chaos’: New Study Shows AI Agents Can Leak Data, Be Easily Manipulated
As enterprise AI agent adoption accelerates, a new study exposes a governance gap that leaves most organizations unable to stop their own systems
The post...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent...
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025 - Read more
Stryker Cyber Attack – Hackers Claim System Breach and Device Wipe
On March 11, 2026, the global medical technology giant Stryker experienced a severe cyberattack when Iranian-linked hackers used wiper malware to permanently erase data...
