Iran’s MuddyWater Hackers Hit US Firms with New ‘Dindoor’ Backdoor
A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign...
Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Ins
Bitwarden now supports passkey logins on Windows 11 for Microsoft Entra ID users, extending passwordless sign-ins to device authentication.
The post Bitwarden Brings Passkey Logins...
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances - Read more
Scattered Spider attack on TfL affected 10 million people
The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised...
Exploits and vulnerabilities in Q4 2025
The fourth quarter of 2025 went down as one of the most intense periods on record for high-profile, critical vulnerability disclosures, hitting popular libraries...
Patch, track, repeat: The 2025 CVE retrospective
Welcome to this week's edition of the Threat Source newsletter.It's time to look back at a year that pushed the vulnerability landscape to new heights. I'll admit...
Threat Actors Using Fake Claude Code Download to Deploy Infostealer
Cybercriminals have found a new way to target developers and IT professionals by setting up fake download pages that impersonate Claude Code, a legitimate...
CASI Leaderboard Shifts: Sugar-Coated Poison, and the Expanding AI Attack Surface
AI Security Insights – March 2026 - Read more
AWS completes the 2026 annual Dubai Electronic Security Centre (DESC) certification audit
We’re excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate...
Latest article
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other...
Metasploit Wrap-Up 05/01/2026
MCP serverThis release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications...
Windows shell spoofing vulnerability puts sensitive data at risk
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations...
