Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances - Read more
Scattered Spider attack on TfL affected 10 million people
The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised...
Exploits and vulnerabilities in Q4 2025
The fourth quarter of 2025 went down as one of the most intense periods on record for high-profile, critical vulnerability disclosures, hitting popular libraries...
Patch, track, repeat: The 2025 CVE retrospective
Welcome to this week's edition of the Threat Source newsletter.It's time to look back at a year that pushed the vulnerability landscape to new heights. I'll admit...
Threat Actors Using Fake Claude Code Download to Deploy Infostealer
Cybercriminals have found a new way to target developers and IT professionals by setting up fake download pages that impersonate Claude Code, a legitimate...
CASI Leaderboard Shifts: Sugar-Coated Poison, and the Expanding AI Attack Surface
AI Security Insights – March 2026 - Read more
AWS completes the 2026 annual Dubai Electronic Security Centre (DESC) certification audit
We’re excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate...
Cisco issues emergency patches for critical firewall vulnerabilities
Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes for two...
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast - Read more
Latest article
Deploy AWS applications and access AWS accounts across multiple Regions with IAM Identity Center
If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions...
CVE-2026-26017 CoreDNS ACL Bypass
Information published. - Read more
Malicious npm Packages Posing as Solara Executor Target Discord, Browsers, and Crypto Wallets
JFrog security researchers Guy Korolevski and Meitar Palas uncovered a sophisticated supply chain attack on the npm ecosystem on March 12, 2026, in which...
Ivanti Connect Secure Zero-Day Vulnerability
What are the Vulnerabilities? Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283,...
