US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards...
Using AI to defeat AI
Welcome to this week’s edition of the Threat Source newsletter. Generative AI and agentic AI are here to stay. Although I believe that the advantages...
Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under...
Remcos RAT Expands Real-Time Surveillance Capabilities
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows - Read more
CVE-2026-21528 Azure IoT Explorer Information Disclosure Vulnerability
Corrected the CVE description and title. This is an informational change only. - Read more
Figure Data Breach Exposes Nearly 1 Million Customers Online
Fintech lender Figure suffered a social-engineering breach that led to a data dump online. Have I Been Pwned found 967,200 exposed email records.
The post...
ICO wins appeal over data protection obligations in Currys cyber attack
The ICO has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World....
Jinan USR IOT Technology Limited (PUSR) USR-W610
View CSAF
Summary
Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator...
Valmet DNA Engineering Web Tools
View CSAF
Summary
Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access.
The...
EnOcean SmartServer IoT
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR.
The following versions of EnOcean SmartServer IoT...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
