[R1] Stand-alone Security Patch Available for Tenable OT version 4.2.40: tenable-ot-platform-137
Stand-alone Security Patch Available for Tenable OT version 4.2.40: tenable-ot-platform-137 Jason Schavel Thu, 03/19/2026 - 15:06
An SSH misconfigurations exists in Tenable OT...
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch...
One of the world’s most active ransomware groups, Interlock, started exploiting a critical-rated Cisco firewall vulnerability as a zero day...
Google Cloud Platform (GCP) BigQuery Cross Tenant Data Sources Exfiltration through Canvas Assistant
Google Cloud Platform (GCP) BigQuery Cross Tenant Data Sources Exfiltration through Canvas Assistant The vulnerability stems from a flaw in how Gemini in BigQuery...
You have to invite them in
Welcome to this week’s edition of the Threat Source newsletter. I found myself watching the Oscars ceremony in its entirety for the first time in...
CISA Warns of Zimbra Collaboration Suite Vulnerability Exploited in Attacks
CISA has added a high-severity vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-66376, this security...
Ransomware Affiliate Exposes Details of ‘The Gentlemen’ Operation
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics - Read more
CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network. - Read more
New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit
Researchers uncover “DarkSword,” a powerful iPhone exploit targeting millions via compromised websites. Learn how it works and how to protect your device.
The post New...
Cisa tells US organisations to harden endpoint management after Stryker attack
Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations...
Latest article
Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware
Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially...
CVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion
Information published. - Read more
ZenBusiness – 5,118,184 breached accounts
In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and...
Microsoft Shell Spoofing Zero-day Vulnerability
What is the Attack? A newly disclosed vulnerability, CVE-2026-32202, has emerged...
