Millions at Risk as Android Mental Health Apps Expose Sensitive Data
Oversecured flagged 1,575 flaws in 10 Android health apps with 14.7M installs, putting chats, CBT notes, and mood logs at risk, per BleepingComputer.
The post...
UK Vulnerability Monitoring Service Cuts Unresolved Security Flaws by 75%
The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two...
Europe’s ManoMano Hit: 38M Customer Records Compromised in Vendor Breach
ManoMano is notifying 38 million customers after a third-party customer service breach exposed personal data, highlighting growing supply chain security risks.
The post Europe’s ManoMano...
Hook, line, and vault: A technical deep dive into the 1Phish kit
We analyze the evolution of the 1Phish phishing kit from a basic credential harvester into an MFA-aware, multi-stage phishing kit targeting 1Password users. ...
Odido – 688,102 breached accounts
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Following the incident, 1M records containing 317k...
Odido – 6,077,025 breached accounts
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, a total of 6M unique...
Odido – 1,520,769 breached accounts
In February 2026, Dutch telco Odido was the victim of a data breach and subsequent extortion attempt. Shortly after, 1M records containing 317k unique...
AWS successfully completed its first surveillance audit for ISO 42001:2023 with no findings
In November 2024, Amazon Web Services (AWS) was the first major cloud service provider to announce the ISO/IEC 42001 accredited certification for...
Inside AWS Security Agent: A multi-agent architecture for automated penetration testing
AI agents have traditionally faced three core limitations: they can’t retain learned information or operate autonomously beyond short periods, and they require...
Henry IV, Hotspur, Hal, and hallucinations
Welcome to this week’s edition of the Threat Source newsletter. "'Tis dangerous to take a cold, to sleep, to drink; but I tell you, my...
Latest article
Looking at the SmarterMail API Vulnerability CVE-2026-24423
Sensor Intel Series: February 2026 CVE Trends - Read more
Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk
A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in.
The...
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a...
This one’s for you, Mom
Welcome to this week’s edition of the Threat Source newsletter. I am the product of a single parent, my mom, who along with my grandparents...
