CVE-2025-68753 ALSA: firewire-motu: add bounds check in put_user loop for DSP events
Information published. - Read more
900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats
OX Security reveals how malicious Chrome extensions exposed AI chats from ChatGPT and DeepSeek, silently siphoning sensitive data from 900,000 users.
The post 900,000 Users...
Trend Micro Apex Central Multiple Vulnerabilities
Trend Micro Apex Central Multiple Vulnerabilities CVE-2025-69258: MsgReceiver.exe LoadLibraryEx RCE (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)MsgReceiver.exe listens on default TCP port 20001 and accepts messages having the following structures://...
[R1] Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability
Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability Arnie Cabral Wed, 01/07/2026 - 08:47
A vulnerability has been identified in the installation/uninstallation...
Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns
Key takeaways
GoBruteforcer (also called GoBrut) is a modular botnet, written in Go, that brute-forces user passwords for services such as FTP, MySQL, PostgreSQL,...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2009-0556 Microsoft Office PowerPoint Code Injection...
How Cisco Talos powers the solutions protecting your organization
Cisco Talos is Cisco’s threat intelligence and security research organization that powers Cisco’s product portfolio with that intelligence. While we are well known for the security research...
International Threats: Themes for Regional Phishing Campaigns
By: Max Gannon, Intelligence TeamCofense Intelligence relies on over 35 million trained employees from around the world, therefore a considerable number of analyzed campaigns...
GRU-Linked BlueDelta Evolves Credential Harvesting
The analysis cut-off date for this report was September 11, 2025 Executive Summary Between February and September 2025, Recorded Future’s Insikt Group identified...
Latest article
Great responsibility, without great power
Welcome to this week’s edition of the Threat Source newsletter. As I’m writing this, today (April 28) is International Superhero Day. If you don’t know the origin story behind...
Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM
What is CVE-2026-41940?
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr...
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Microsoft’s April 2026 cumulative security update for Windows 11 is causing significant disruptions for users relying on third-party backup software, triggering an MS-DEFCON level...
Almost half of UK businesses hit by cyber attacks
The government's annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches. - Read more
