Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild
Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by...
Crunchyroll – 1,195,684 breached accounts
In March 2026, the anime streaming service Crunchyroll suffered a data breach alleged to have impacted 6.8M users. The exposed data is reported to...
SongTrivia2 – 291,739 breached accounts
In April 2026, the music trivia platform SongTrivia2 suffered a data breach that was subsequently published to a public hacking forum. The data contained...
Security lapse lets researchers view React2Shell hackers’ dashboard
An apparent security lapse has allowed researchers to peer into the work of a threat group currently exploiting unpatched servers...
Do not get high(jacked) off your own supply (chain)
In the span of just a few weeks, we have observed a dizzying array of major supply chain attacks. Prominent examples include the malicious...
Axios NPM supply chain incident
Cisco Talos is actively investigating the March 31, 2026 supply chain attack on the official Axios node package manager (npm) package during which two...
Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads
NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices.
The post Android...
How AWS KMS and AWS Encryption SDK overcome symmetric encryption bounds
If you run high-scale applications that encrypt large volumes of data, you might be concerned about tracking encryption limits and rotating keys....
FBI Declares Surveillance System Breach a ‘Major Incident’
China-linked hackers breached an FBI surveillance system, exposing sensitive investigation data and prompting a “major incident” classification.
The post FBI Declares Surveillance System Breach a...
AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech
See what you missed in Daily Tech Insider from March 30–April 3.
The post AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
