Readers reply: Experts say we should use passkeys, but can a smartphone pin really...

The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...

GreatXML zero-day BitLocker bypass doesn’t seem to work, yet

A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...

New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight

A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact. The post New Windows Zero-Day Claims BitLocker...

Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks

One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...

Warrantless wiretaps cut off for a week following US Congress vote

Lawmakers have failed to extend a surveillance law that allows US intelligence agencies to monitor targets abroad without a warrant....

Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol

Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...

GitHub to Update npm to Thwart Software Supply Chain Attacks

NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts - Read...

Oracle fixes PeopleSoft flaw exploited by ShinyHunters

A zero-day vulnerability affecting Oracle's PeopleSoft products is being exploited by a ShinyHunters campaign targeting schools and universities. - Read more

Frontier AI models could be an adversary’s force multiplier

The Computer Weekly Security Think Tank considers if Anthropic’s Claude Mythos frontier AI model is a benefit or barrier to achieving resilient enterprise IT...

Latest article

Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely

The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to...

Microsoft 365 users fall victim to one-in-a-million password spray attack

Microsoft users have been hit by a massive, automated password spray attack. Among those targeted by the attack were clients...

Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses

Researchers say Apple’s Hide My Email flaw may expose real addresses, despite two fixes. Here’s what users should know about the privacy risk. The post...

Catan and Mouse

Welcome to this week’s edition of the Threat Source newsletter.  “I do not know everything; still many things I understand.” ― Madeleine L'Engle, A Wrinkle...