CVE-2026-20960 Microsoft Power Apps Remote Code Execution Vulnerability
Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network. - Read more
NSA urges continuous checks to achieve zero trust
The agency leading the US government’s cryptology and cyber security strategies has published its latest zero-trust guidance - Read more
Threat and Vulnerability Management in 2026
Key Takeaways: Traditional vulnerability management tools can no longer keep up with the speed of modern exploitation—threat context is now mandatory. Threat...
Elevating global operations: Mastering multi-cluster Elastic deployments with Fleet
This blog highlights the features built into Fleet and Integrations that enable Elastic Agents to seamlessly operate in these environments. - Read more
Kaiser to Pay $46M in Patient Data Lawsuit. Find Out If You’re Eligible
Kaiser Permanente agreed to a $46M settlement over claims that patient health information was improperly disclosed online. The claims deadline is March 12, 2026.
The...
Hackers Abusing Legitimate Cloud and CDN Platforms to Host Phishing Kits
Threat actors are increasingly using trusted cloud and content delivery network platforms to host phishing kits, creating major detection challenges for security teams. ...
Predicting 2026
Welcome to this week’s edition of the Threat Source newsletter. It’s become traditional at this time of year to make predictions about cybersecurity for the coming...
AVEVA Process Optimization
View CSAF
Summary
Successful exploitation of these vulnerabilities could enable an attacker to execute remote code, perform SQL injection, escalate privileges, or access sensitive information.
The following...
Cyber body ISC2 signs on as UK software security ambassador
Professional cyber association ISC2 pledges support to UK government’s Software Security Ambassador scheme, part of the recently unveiled Cyber Action Plan - Read...
Latest article
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands...
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
