Hand over the keys for Shannon’s shenanigans
Welcome to this week’s edition of the Threat Source newsletter. Last week, yet another security AI tool made the rounds on social media: Shannon, a fully autonomous...
[R1] Nessus Agent Versions 11.0.4 and 11.1.2 Fix One Vulnerability
Nessus Agent Versions 11.0.4 and 11.1.2 Fix One Vulnerability Arnie Cabral Thu, 02/12/2026 - 10:40
A vulnerability has been identified where weak file...
World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns - Read more
Siemens SINEC NMS
View CSAF
Summary
Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially...
Siemens Siveillance Video Management Servers
View CSAF
Summary
The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve...
Siemens Solid Edge
View CSAF
Summary
Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files...
Siemens SINEC OS
View CSAF
Summary
SINEC OS before V3.3 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update...
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2024-43468 Microsoft Configuration Manager SQL Injection...
Ryan Liles, master of technical diplomacy
Cisco Talos is back with another inside look at the people who keep the internet safe. This time, Amy chats with Ryan Liles, who...
How to build an incident response framework
Frameworks provide the structure for an effective incident response program. Here's where to turn for guidance on what to include. - Read more
Latest article
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other...
Metasploit Wrap-Up 05/01/2026
MCP serverThis release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications...
Windows shell spoofing vulnerability puts sensitive data at risk
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations...
