Zimbra Collaboration Local File Inclusion
What is the Vulnerability? A Local File Inclusion (LFI) vulnerability (CVE-2025-68645)...
Context engineering: The missing layer for trusted AI in financial services
AI in financial services breaks down without trusted context. Discover how context engineering enables real-time, explainable, and compliant AI and how Elastic powers fraud...
How to get started with security response automation on AWS
At AWS, we encourage you to use automation. Not just to deploy your workloads and configure services, but to also help you quickly detect...
I’m locked in!
Welcome to this week’s edition of the Threat Source newsletter.I’ve struggled a lot over the last few years with balance. I want to follow the...
Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS
Threat researchers have uncovered an actively serving command and control server hosting a complete deployment of the BYOB framework following the discovery of an...
Supply chain attack on eScan antivirus: detecting and remediating malicious updates
UPD 30.01.2026: Added technical details about the attack chain and more IoCs.
On January 20, a supply chain attack has occurred, with the infected software...
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office...
Identitäten im Fokus von Cyberkriminellen
Cyberkriminelle haben es inzwischen vermehrt auf digitale Identitäten abgesehen.khunkornStudio – shutterstock.com Der State of Incident Response Report 2026 von Eye...
Microsoft Previews Windows 11 Update With Smarter AI and Phone Continuity
Here’s a peek at AI assistance, phone-to-PC handoff, accessibility improvements, security fixes, and stability updates.
The post Microsoft Previews Windows 11 Update With Smarter AI...
RAMP ransomware forum goes dark in probable FBI sting
RAMP, an infamous Russian-speaking cyber crime forum, has gone off the air after an apparent US operation. - Read more
Latest article
Patch Tuesday – March 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence...
AWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus...
In January 2026, we announced the general availability of the AWS European Sovereign Cloud, a new, independent cloud for Europe entirely located...
Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever
Google’s $32 billion Wiz acquisition is nearing completion, marking a record Israeli tech exit and a major bet on cloud security.
The post Google’s $32B...
OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity - Read more
