CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network. ...

Attackers abuse Google Ads, GitLab, and Claude to deliver malware

Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, to trick users into...

AzeoTech DAQFactory

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution. The following versions...

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices across government and private sector organizations using compromised credentials....

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with...

Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model

Analysis tools do not need AI built in to support agentic workflows; they simply need to expose their data through an external scripting interface. Even...

What are the cyber threats to the 2026 Fifa World Cup?

Dig deeper on some of the security issues facing the 2026 World Cup as the tournament faces unprecedented threat levels and challenges -...

World Cup-Themed Phishing Campaign Delivers Voidrift Malware with Highly Personalized Lures

Cofense Intelligence has identified an active phishing campaign exploiting excitement around the FIFA World Cup 2026 to deliver a sophisticated malware family known as...

Latest article

Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely

The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to...

Microsoft 365 users fall victim to one-in-a-million password spray attack

Microsoft users have been hit by a massive, automated password spray attack. Among those targeted by the attack were clients...

Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses

Researchers say Apple’s Hide My Email flaw may expose real addresses, despite two fixes. Here’s what users should know about the privacy risk. The post...

Catan and Mouse

Welcome to this week’s edition of the Threat Source newsletter.  “I do not know everything; still many things I understand.” ― Madeleine L'Engle, A Wrinkle...