All gas, no brakes: Time to come to AI church
Welcome to this week’s edition of the Threat Source newsletter. Brothers and sisters, gather close for a moment. We are all security followers here gathered in fellowship...
Betterment Data Breach Exposes 1.4 million Customers Personal Details
Betterment has disclosed a social engineering–driven data breach that exposed personal information for approximately 1.4 million customer accounts, significantly expanding the fallout from a...
Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next
When Rapid7 published its analysis of the Chrysalis backdoor linked to a compromise of Notepad++ update infrastructure, it raised understandable questions from customers and...
Hitachi Energy FOX61x
View CSAF
Summary
Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead...
Mitsubishi Electric MELSEC iQ-R Series
View CSAF
Summary
Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product,...
TP-Link Systems Inc. VIGI Series IP Camera
View CSAF
Summary
Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras.
The following versions of TP-Link...
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants that perform deep-packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Based...
Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
Introduction
Stan Ghouls (also known as Bloody Wolf) is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and...
10 types of information security threats for IT teams
Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and...
CVE-2026-21532 Azure Function Information Disclosure Vulnerability
Information published. - Read more
Latest article
‘Agents of Chaos’: New Study Shows AI Agents Can Leak Data, Be Easily Manipulated
As enterprise AI agent adoption accelerates, a new study exposes a governance gap that leaves most organizations unable to stop their own systems
The post...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent...
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025 - Read more
Stryker Cyber Attack – Hackers Claim System Breach and Device Wipe
On March 11, 2026, the global medical technology giant Stryker experienced a severe cyberattack when Iranian-linked hackers used wiper malware to permanently erase data...
