Product Categories for Technologies That Use Post-Quantum Cryptography Standards
Executive Summary
In response to the June 6, 2025, Executive Order (EO) 14306, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order...
Chromium: CVE-2026-1220 Race in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...
Introducing the F5 Labs Weekly Threat Bulletin
F5 Labs’ Weekly Threat Bulletin delivers fast, AI‑driven insights on emerging cyber threats with IoCs, mitigation tips, and expert‑validated guidance. - Read more
New Osiris Ransomware Using Wide Range of Living off the Land and Dual-use Tools...
A newly discovered ransomware family called Osiris launched attacks against a major food service company in Southeast Asia during November 2025. Security researchers...
I scan, you scan, we all scan for… knowledge?
Welcome to this week’s edition of the Threat Source newsletter. “Upon us all a little rain must fall” — Led Zeppelin, via Henry Wadsworth Longfellow I recently bumped into...
Critical Appsmith Flaw Enables Account Takeovers
Critical vulnerability in Appsmith allows account takeover via flawed password reset process - Read more
Under Armour Ransomware Attack Exposes 72M Email Addresses
Many records also contained additional personal information such as names, dates of birth, genders, geographic locations, and purchase information.
The post Under Armour Ransomware Attack...
Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in...
KONNI Adopts AI to Generate PowerShell Backdoors
Key Findings:
Check Point Research (CPR) is tracking a phishing campaign linked to a North Korea–aligned threat actor known as KONNI. This activity goes...
Spanish e-retailer PcComponentes denies report it was hacked
Spanish online electronics retailer PcComponentes has denied a hacker’s claims to have stolen data on its customers. Hackrisk.io, a...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
