Today, trust is the superpower that makes innovation possible
The paradoxes of today’s digital world are well-known to anyone with a smartphone. Over the last decade, connectivity has expanded, yet the world...
Critical minerals and cyber operations
Summary Critical elements and rare earth elements REEs are no longer commodities; they are strategic dependencies. Chinaʼs dominance in processing and refining provides...
Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed
More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day.
The post Microsoft Patch Still...
A technical walkthrough of multicloud full-stack security using AWS Security Hub Extended
Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how...
IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting...
Phishing reemerged as the most observed means of gaining initial access, accounting for over a third of the engagements where initial access could be determined. Phishing has not been...
UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats,...
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns - Read more
CrowdStrike LogScale Vulnerability Allows Remote Attackers to Read Arbitrary Files from Server
CrowdStrike has issued an urgent security advisory for a critical unauthenticated path-traversal vulnerability (CVE-2026-40050) affecting its LogScale platform, warning that a remote attacker could...
Weaponizing Apathy: How Threat Actors Exploit Vulnerabilities and Legitimate Software
By: Madalynn Carr, Intelligence Team In today’s world, there is an increasingly high focus on malware trends rather than repurposed legitimate tools. Repurposed or legitimate...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
