Less panic patching, more precision
Welcome to this week's edition of the Threat Source newsletter. Recently, Martin closed his introduction with a warning: Ready or not, the time of much patching...
ScadaBR – Multiple Vulnerabilities
ScadaBR - Multiple Vulnerabilities Multiple vulnerabilities affect ScadaBR. Tenable was unsuccessful in contacting the project. Recent publications indicate similar difficulty. CVE-2026-9645 Authenticated Remote Code Execution...
MacGregor Voyage Data Recorder (VDR) G4e
View CSAF
Summary
Successful exploitation of these vulnerabilities could result in an attacker gaining administrator access to the device.
The following versions of MacGregor Voyage Data Recorder...
ABB EIBPORT
View CSAF
Summary
ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these...
ABB Busch-Welcome 2 Wire Door Opener Actuator
View CSAF
Summary
ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could...
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
View CSAF
Summary
Successful exploitation of this vulnerability could result in an attacker gaining administrator access to the device.
The following versions of Jinan USR IOT Technology...
DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the...
Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely...
Kemper – 269,299 breached accounts
In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign....
Citrix NetScaler Memory Overread Vulnerability
Exploitation activity targeting vulnerable Citrix NetScaler ADC and Gateway appliances remains persistent and widespread, with FortiGuard Labs telemetry continuously observing attack attempts from global...
Elastic Stack 8.19.16 released
Version 8.19.16 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 8.19.16 over the previous versions...
Latest article
Hackers Publish Malicious Python Package Mimicking Legitimate Parsimonious Parser
A deceptive Python package quietly made its way into the PyPI repository, putting thousands of developers at risk before it was caught and removed....
Microsoft identifies seven new ways AI agents can be hacked
Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it identified last year in...
Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified...
Modern web applications require robust security controls to protect user data and application resources. Authentication and authorization are two fundamental pillars of application security...
3 Principles to Safely Scale Agentic AI
- Read more
