AWS KY3P report now available for third-party supplier due diligence
We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture....
Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access...
New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most
Verizon’s 2026 DBIR shows vulnerability exploitation, AI-enabled attacks, third-party risk, and ransomware are reshaping cyber threats.
The post New Verizon Report Reveals the Security Gap...
The art of being ungovernable
Welcome to this week’s edition of the Threat Source newsletter. “It takes very little to govern good people. Very little. And bad people can’t be governed at all. Or if...
Automating identity lifecycle and security with AWS Directory Service APIs
Managing identities and access across complex environments has become more critical than ever. AWS Directory Service for Managed Microsoft Active Directory, also known as...
Cybercriminal VPN Dismantled in Europol Crackdown
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol - Read more
Police op targets VPN service favoured by ransomware gangs
A multinational police operation has taken down the infamous First VPN service that provided cover for cyber criminal gangs and ransomware operators. -...
CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability
Fixed a typographical error. This is an information change only. - Read more
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement
The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizations can respond effectively....
ABB Terra AC Wallbox
View CSAF
Summary
ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could...
Latest article
CVE-2025-68768 inet: frags: flush pending skbs in fqdir_pre_exit()
Information published. - Read more
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that...
Metasploit Wrap Up 05/22/2026
Another week, another authentication bypassOur humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and...
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365....
