Fall 2025 PCI DSS compliance package available now
Amazon Web Services (AWS) is pleased to announce that two additional AWS services and one additional AWS Region have been added to...
Shape the future in Sydney: Forge the Future hackathon
Elastic hackathon judge Nils Thomsen explains why Sydney’s Forge the Future hackathon is your chance to hack for good with AI. He seeks solutions...
December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity
December 2025 witnessed a dramatic 120% increase in high-impact vulnerabilities, with Recorded Future's Insikt Group® identifying 22 vulnerabilities requiring immediate remediation, up from...
Best Ransomware Detection Tools
Key Takeaways Effective ransomware detection requires three complementary layers: endpoint and extended detection and response (EDR/XDR) to monitor device-level activity, network detection...
Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users
Prominent crime forum BreachForums has suffered a new and possibly fatal blow to its reputation after the revelation that a...
Palo Alto Networks Introduces New Vibe Coding Security Governance Framework
Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools - Read more
Hackers Infiltrated n8n’s Community Node Ecosystem With a Weaponized npm Package
Attackers have successfully infiltrated n8n’s community node ecosystem using a malicious npm package disguised as a legitimate Google Ads integration tool. The attack reveals...
Google Chrome Pushes Critical Security Update for 3B Users
Google patched high-severity CVE-2026-0628 in Chrome 143 and added Push API rate limits to curb notification spam, with penalties up to 14 days.
The post...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
