Fuzzing a single thread to uncover vulnerabilities
A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a…
Category: VendorResearch
Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel
October 7: Hamas attacks Israel In the midst of the Israel-Hamas War, which erupted with a surprising and devastating attack on October 7, 2023 that…
Threat modeling AI applications | Microsoft Security Blog
Proactively identifying, assessing, and addressing risk in AI systems We cannot anticipate every misuse or emergent behavior in AI systems. We can, however, identify what…
Malicious AI Assistant Extensions Harvest LLM Chat Histories
Microsoft Defender has been investigating reports of malicious Chromium‑based browser extensions that impersonate legitimate AI assistant tools to harvest LLM chat histories and browsing data.…
New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Dohdoor utilizes the DNS-over-HTTPS (DoH)…
Global coalition dismantles Tycoon 2FA phishing kit
Tycoon 2FA, a major phishing kit and platform that allowed low-skilled cybercriminals to bypass multifactor authentication and conduct large-scale adversary-in-the-middle attacks, was dismantled Wednesday by…
VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun
Key Points Check Point Research (CPR) believes a new era of AI-generated malware has begun. VoidLink stands as the first evidently documented case of this…
Flashpoint’s Threat Intelligence Capability Assessment
Many organizations today have some form of threat intelligence. Far fewer have a threat intelligence function that is structured, measurable, and trusted across the business.…
Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East
Key Findings During the ongoing conflict, we identified intensified targeting of IP cameras from two manufacturers starting on February 28, originating from infrastructure we attribute…
Patch, track, repeat: The 2025 CVE retrospective
Welcome to this week’s edition of the Threat Source newsletter. It’s time to look back at a year that pushed the vulnerability landscape to new heights. I’ll admit…
Privileged File System Vulnerability Present in a SCADA System
Executive Summary This report details a vulnerability we found in the Iconics Suite, tracked as CVE-2025-0921 with a Medium CVSS score of 6.5. Iconics Suite…
Understanding the DarkCloud Infostealer | Flashpoint
Infostealers continue to dominate the initial access landscape in 2026, lowering the barrier to breach through scalable credential theft. DarkCloud illustrates how low-cost, commercialized malware…