Chromium: CVE-2026-1504 Inappropriate implementation in Background Fetch API
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...
Zimbra Collaboration Local File Inclusion
What is the Vulnerability? A Local File Inclusion (LFI) vulnerability (CVE-2025-68645)...
Context engineering: The missing layer for trusted AI in financial services
AI in financial services breaks down without trusted context. Discover how context engineering enables real-time, explainable, and compliant AI and how Elastic powers fraud...
How to get started with security response automation on AWS
At AWS, we encourage you to use automation. Not just to deploy your workloads and configure services, but to also help you quickly detect...
I’m locked in!
Welcome to this week’s edition of the Threat Source newsletter.I’ve struggled a lot over the last few years with balance. I want to follow the...
Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS
Threat researchers have uncovered an actively serving command and control server hosting a complete deployment of the BYOB framework following the discovery of an...
Supply chain attack on eScan antivirus: detecting and remediating malicious updates
UPD 30.01.2026: Added technical details about the attack chain and more IoCs.
On January 20, a supply chain attack has occurred, with the infected software...
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office...
Identitäten im Fokus von Cyberkriminellen
Cyberkriminelle haben es inzwischen vermehrt auf digitale Identitäten abgesehen.khunkornStudio – shutterstock.com Der State of Incident Response Report 2026 von Eye...
Microsoft Previews Windows 11 Update With Smarter AI and Phone Continuity
Here’s a peek at AI assistance, phone-to-PC handoff, accessibility improvements, security fixes, and stability updates.
The post Microsoft Previews Windows 11 Update With Smarter AI...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
