Medusa Ransomware Attack
What is the Attack? Microsoft Threat Intelligence has identified Storm-1175, a...
The difficulty of making sure your website is broken
Have you ever needed to make sure your website has a broken certificate? While many tools exist to help run an HTTPS server with...
CASI Leaderboard Shifts: Developer Role Attack, and Three Concerning Incidents
AI Security Insights – April 2026 - Read more
Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet
A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch...
The threat hunter’s gambit
Welcome to this week’s edition of the Threat Source newsletter. “Study hard what interests you the most in the most undisciplined, irreverent and original manner...
What Project Glasswing Means for Security Leaders
Anthropic’s Project Glasswing matters because it offers an early look at how quickly software flaws may soon be found, validated, and potentially turned into...
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods - Read more
React2DoS (CVE-2026-23869): When the Flight Protocol Crashes at Takeoff
Executive Summary
In this article, we disclose a new high severity unauthenticated remote denial‑of‑service vulnerability we identified and reported in React Server Components that we’ve...
Contemporary Controls BASC 20T
View CSAF
Summary
Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete,...
Latest article
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has...
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts,...
New China-Linked Threat Cluster OP-512 Targets IIS Servers With Cryptographically Unique Web Shell Framework
A newly identified threat cluster with suspected ties to China has been caught targeting Internet Information Services (IIS) web servers using a purpose-built web...
Meta: NSO Tried Targeting WhatsApp Users Despite Court Order
Meta says WhatsApp disrupted new NSO-linked phishing attacks and is asking a court to hold the spyware firm in contempt.
The post Meta: NSO Tried...
