How to check the impact of third-party CVEs on your Elastic deployment
Instantly check the impact of third-party CVEs on your Elastic deployment with the new self-service CVE Impact Statements on the Support Hub. Quickly filter...
US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards...
Using AI to defeat AI
Welcome to this week’s edition of the Threat Source newsletter. Generative AI and agentic AI are here to stay. Although I believe that the advantages...
Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under...
Remcos RAT Expands Real-Time Surveillance Capabilities
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows - Read more
CVE-2026-21528 Azure IoT Explorer Information Disclosure Vulnerability
Corrected the CVE description and title. This is an informational change only. - Read more
Figure Data Breach Exposes Nearly 1 Million Customers Online
Fintech lender Figure suffered a social-engineering breach that led to a data dump online. Have I Been Pwned found 967,200 exposed email records.
The post...
ICO wins appeal over data protection obligations in Currys cyber attack
The ICO has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World....
Valmet DNA Engineering Web Tools
View CSAF
Summary
Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access.
The...
EnOcean SmartServer IoT
View CSAF
Summary
Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR.
The following versions of EnOcean SmartServer IoT...
Latest article
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other...
Metasploit Wrap-Up 05/01/2026
MCP serverThis release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications...
Windows shell spoofing vulnerability puts sensitive data at risk
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations...
