Microsoft DCU uses UK courts to hunt down cyber criminals
Microsoft has taken down the RedDVS cyber crime-as-a-service network after obtaining a UK court order, marking its first civil legal action outside of the...
Siemens RUGGEDCOM ROS
View CSAF
Summary
Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has...
Brushstrokes and breaches with Terryn Valikodath
Cisco Talos is kicking off the new year with a behind-the-scenes look at incident response through the eyes of Terryn Valikodath, Senior Incident Response...
CVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Updated the build numbers. This is an informational update only. - Read more
International Threats: How Malware Campaigns Vary Across Non-English Languages
By: Max GannonCofense Intelligence relies on over 35 million trained employees from around the world. As a result, a considerable number of analyzed campaigns...
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554
A look at how Kubernetes CVE-2020-8554 works - Read more
Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as “critical”. In this month's...
When AI Gets Bullied: How Agentic Attacks Are Replaying Human Social Engineering
AI Security Insights – January 2026 - Read more
Streamline security response at scale with AWS Security Hub automation
A new version of AWS Security Hub, is now generally available, introducing new ways for organizations to manage and respond to security findings. The...
Unveiling VoidLink – A Stealthy, Cloud-Native Linux Malware Framework
Key takeaways
VoidLink is an advanced malware framework made up of custom loaders, implants, rootkits, and modular plugins designed to maintain long-term access to...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
