State Digital Surveillance Risk Landscape

Executive Summary Insikt Group assesses that government digital surveillance activities pose a high or very high risk in 31 countries, where state actors...

Threat tactic spotlight: Subdomain takeover

In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to...

The Half-Life of Threat Intelligence: When Does an IOC Stop Being Useful? 

The concept of the IOC — the Indicator of Compromise — sits at the operational heart of modern threat detection. Block the IP. Flag...

Best Prime Day Tech Deals: Apple, Bose, Garmin, and More

Shop early Amazon Prime Day tech deals on earbuds, mice, routers, doorbells, headphones, smartwatches, Android phones, and fitness watches. The post Best Prime Day Tech...

SprySOCKS Backdoor Expands From Linux to Windows

China-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commands - Read more

CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability

Updated the fixed version information and download link. The fix was previously believed to be included in Dynamics 365 Server (on-premises) version 6.2; however,...

Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP

View CSAF Summary Successful exploitation of this vulnerability could cause a denial-of-service condition that may result in a major nonrecoverable fault (MNRF). The following versions of Rockwell...

China-linked hackers target US, Canada research using legacy REDCap exploits

Google is warning of a cyber espionage campaign linked to a China-nexus threat actor, UNC6508, that kept close tabs on...

MPs call for UK government to back sovereign IT

Amendment to the UK’s Cyber Security and Resilience Bill calls for the government to publish a ‘digital sovereignty strategy’ to promote domestic technology ...

Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk

Since late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform’s built-in service for players to create and share custom...

Latest article

Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely

The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to...

Microsoft 365 users fall victim to one-in-a-million password spray attack

Microsoft users have been hit by a massive, automated password spray attack. Among those targeted by the attack were clients...

Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses

Researchers say Apple’s Hide My Email flaw may expose real addresses, despite two fixes. Here’s what users should know about the privacy risk. The post...

Catan and Mouse

Welcome to this week’s edition of the Threat Source newsletter.  “I do not know everything; still many things I understand.” ― Madeleine L'Engle, A Wrinkle...