Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet
A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch...
The threat hunter’s gambit
Welcome to this week’s edition of the Threat Source newsletter. “Study hard what interests you the most in the most undisciplined, irreverent and original manner...
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods - Read more
Contemporary Controls BASC 20T
View CSAF
Summary
Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete,...
Anthropic Claude Code Action Runner Arbitrary Code Execution via Malicious MCP Server Configuration
Anthropic Claude Code Action Runner Arbitrary Code Execution via Malicious MCP Server Configuration The claude-code-action GitHub Action checks out the PR head branch when...
The long road to your crypto: ClipBanker and its marathon infection chain
At the start of the year, a certain Trojan caught our eye due to its incredibly long infection chain. In most cases, it kicks...
Third-Party Risk Is an Intelligence Operation. It’s Time We Treated It Like One.
For years, the cybersecurity industry has treated third-party risk management as a compliance exercise. Assess your vendors. Assign a score. File the report....
A framework for securely collecting forensic artifacts into S3 buckets
When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and...
Arelion employs NETSCOUT Arbor DDoS protection products
Arelion operates the world’s best-connected IP fiber backbone, providing high-capacity transit services to a variety of the globe’s leading ISPs...
Latest article
UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats,...
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns - Read more
CrowdStrike LogScale Vulnerability Allows Remote Attackers to Read Arbitrary Files from Server
CrowdStrike has issued an urgent security advisory for a critical unauthenticated path-traversal vulnerability (CVE-2026-40050) affecting its LogScale platform, warning that a remote attacker could...
SBOM erklärt: Was ist eine Software Bill of Materials?
Softwareentwicklung und Autoproduktion haben mehr gemein, als man denkt. Lesen Sie, was Sie zum Thema Software Bill of Materials (SBOM) wissen...
Rental platform unnecessarily collected the data of millions of Australians, privacy commissioner finds
2Apply’s over-collection of personal information adds to the power of the real estate industry in the competitive rental market, Carly Kind saysFollow our Australia...
