DDoS’s Newest Minions: IoT Devices (Volume 1)
The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices. - Read more
ISRG Legal Transparency Report, January 2016 – June 2016
The trust of our users is ISRG’s most critical asset. Transparency regarding legal requests is an important part of making sure our users can...
What It Costs to Run Let’s Encrypt
Today we’d like to explain what it costs to run Let’s Encrypt. We’re doing this because we strive to be a transparent organization, we...
Web Injection Threats: The Cost of Community Engagement on Your Site
Customer engagement drives web application design, but user-generated content brings inherent security challenges. - Read more
Latest article
Operation Endgame 4.0 – 153,527 breached accounts
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems...
Accelerate security investigations with Kiro CLI
When a security event occurs in your Amazon Web Services (AWS) environment, rapid response is critical. However security teams often struggle with time-consuming, manual...
Close Encounters of the Human Kind
Welcome to this week’s Threat Source newsletter. I love a Spielberg summer. His ability to imbue a sense of wonder, awe, curiosity, and connection means he’s in a...
New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise
A novel BootROM vulnerability, dubbed usbliter8, affects Apple devices powered by A12, S4/S5, and A13 SoCs. The exploit chains a hardware-level bug in the...
