You have to invite them in

Welcome to this week's edition of the Threat Source newsletter. I found myself watching the Oscars ceremony in its entirety for the first time in a few years. I'm in the U.K., so I watched it the following day. With next week's Year in Review launch looming and several pieces of content still to...

One newsletter to rule them all

Welcome to this week's edition of the Threat Source newsletter. " It's a dangerous business, going out your door. You step onto the road, and if you don't keep your feet, there's no knowing where you might be swept off to." -- Bilbo Baggins It's almost the end of the year, which feels like the...

Your year-end infosec wrapped

Welcome to this week's edition of the Threat Source newsletter. " They say that a person's personality is the sum of their experiences. But that isn't true, at least not entirely, because if our past was all that defined us, we'd never be able to put up with ourselves. We need to be allowed to...

Strings in the maze: Finding hidden strengths and gaps in your team

Welcome to this week's edition of the Threat Source newsletter. "The truth about the world, he said, is that anything is possible... For existence has its own order and that no man's mind can compass, that mind itself being but a fact among others." ― Cormac McCarthy, "Blood Meridian" Earlier thi...

Great Scott, I’m tired

Welcome to this week's edition of the Threat Source newsletter. "Back to the Future" is 40 years old this year, and at the risk of giving away sensitive information to an audience of hackers… so am I. I don't really know what 40 is supposed to feel like. Honestly, I don't feel all that different...

CVE-2020-3420

creationtimestamp| type| source ---|---|--- 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

What happened in Vegas (that you actually want to know about)

Welcome to this week's edition of the Threat Source newsletter. Last week I flew 5,000 miles to Las Vegas for Black Hat USA. After navigating the casino carpet labyrinth and finding the only venue in Nevada that serves a proper English breakfast tea with milk lifesaver, I've decided Black Hat fee...

A message from Bruce the mechanical shark

Welcome to this week's edition of the Threat Source newsletter. Hi, I'm Bruce, the 25-foot mechanical star of "Jaws." This summer marks 50 years since my 4 minutes of screentime kept people out of the water for decades. Maybe this Fourth of July weekend you're planning to sea-shanty your way to a...

CVE-2025-49275

creationtimestamp| type| source ---|---|--- 2025-06-09 18:57:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr72ndspjg2m...

CVE-2025-25364

creationtimestamp| type| source ---|---|--- 2025-03-24 14:43:11+00:00| seen| https://infosec.exchange/users/threatcodex/statuses/114217935883108579 2025-04-18 18:28:17+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3ln4arcbktd2z 2025-04-18 20:24:32+00:00| seen|...

CVE-2025-25609

creationtimestamp| type| source ---|---|--- 2025-02-28 19:27:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5958 2025-02-28 22:03:07+00:00| seen| https://t.me/cvedetector/19184 2025-08-19 18:29:29+00:00| seen| MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18...

CVE-2024-12112

creationtimestamp| type| source ---|---|--- 2025-01-08 03:39:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/621 2025-01-08 04:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7ciujp5l22 2025-01-08 05:46:57+00:00| seen| https://t.me/cvedetector/14649...

Welcome to the party, pal!

Welcome to the final Threat Source newsletter of 2024. Watching "Die Hard" during the Christmas season has become a widely recognized tradition for many, despite ongoing debates about its classification as a Christmas movie. I know it isn't everyone's cup of tea. Whether you like the movie or not...

CVE-2023-32520

creationtimestamp| type| source ---|---|--- 2024-12-13 15:59:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113646341973947565...

CVE-2023-51634

creationtimestamp| type| source ---|---|--- 2024-11-22 20:12:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113528430322205496...

CVE-2024-10446

creationtimestamp| type| source ---|---|--- 2024-10-28 13:39:09+00:00| seen| https://t.me/cvedetector/9105 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:31+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2019-20343

creationtimestamp| type| source ---|---|--- 2024-03-19 17:41:25+00:00| seen| https://t.me/ctinow/211753...

CVE-2023-48598

creationtimestamp| type| source ---|---|--- 2024-01-06 15:26:47+00:00| seen| https://t.me/ctinow/163951...

CVE-2023-48723

creationtimestamp| type| source ---|---|--- 2023-12-21 23:21:28+00:00| seen| https://t.me/ctinow/158049 2023-12-28 19:16:23+00:00| seen| https://t.me/ctinow/160153...

A personal Year in Review to round out 2023

As youve probably seen by now, Talos released our 2023 Year in Review report last week. Its an extremely comprehensive look at the top threats, attacker trends and malware families from the past year with never-before-seen Cisco Talos telemetry. We have podcasts, long-form videos and even Reddit...