Today's Cybersecurity Pulse
Updated 3h agoTriZetto breach exposes data of 3.4 million individuals
TriZetto, a Cognizant‑owned health‑tech platform, confirmed a cyberattack that exposed personal and medical information for more than 3.4 million people. The intrusion went undetected for almost a year, with hackers accessing insurance eligibility reports from November 2024 until discovery on October 2 2025.
Also developing:
By the numbers: Cylake raises $45M seed round
Video•Mar 6, 2026
Black Hat USA 2025 | Reinventing Agentic AI Security With Architectural Controls
At Black Hat USA 2025, David Brockle III of NCC Group opened his briefing by framing AI security as a modern parallel to the early web’s reliance on firewalls. He argued that today’s AI guardrails function like statistical heuristics—useful but never a definitive barrier—while the underlying agents inherit trust from every input they process, making them vulnerable to sophisticated prompt‑injection and remote‑code‑execution attacks. Brockle illustrated the danger with real‑world breaches: an AI‑driven developer assistant escaped a sandbox, accessed a Kubernetes manager, harvested Azure storage secrets, and exposed confidential employee documents. He also showed how a poisoned retrieval‑augmented generation (RAG) database leaked production passwords, and how indirect prompt injection allowed an attacker to exfiltrate an entire database via a compromised admin assistant. These examples underscore that AI systems inherit the lowest trust level of any data entering their context window, rendering traditional defense‑in‑depth insufficient. Key takeaways from the talk include the concept of "dynamic capability shifting," where an LLM’s permitted tool calls are automatically reduced based on the trust level of the current user or data source. Brockle highlighted practical mitigations such as trust‑binding (pinning user authentication tokens to backend tool calls), proxying LLM requests through the client browser to reuse existing auth mechanisms, and trust‑tagging data sources to enforce zero‑trust policies across sessions. He repeatedly warned that exposing LLMs to untrusted data must never grant them read or write access to sensitive resources. The broader implication is clear: enterprises must move beyond superficial guardrails and embed architectural controls that treat AI models as potential threat actors. By adopting dynamic privilege reduction, strict authentication pinning, and fine‑grained trust tagging, organizations can contain AI‑induced attack surfaces and protect confidentiality, integrity, and availability in the emerging agentic computing era.
By Black Hat
Video•Mar 6, 2026
Data Security in the Age of AI: Proactive Strategies to Protect Your Most Valuable Assets
The webcast, led by Peter Sleven, senior information‑security manager at Bank of Ireland, examined how enterprises can safeguard data as AI adoption accelerates. Sleven framed data security as a prerequisite for successful AI projects and outlined a roadmap that spans...
By SANS Institute
Video•Mar 6, 2026
Webinar: Security Analysis of Critical 5G Interface | 5G Security | Telecom Security | TelcoLearn
The webinar, hosted by Telan’s Sanjay Kumar and delivered by telecom researcher Arpit, examined why 5G interface security must move from an optional add‑on to a built‑in requirement. It traced the evolution of 5G’s service‑based architecture, highlighted the critical...
By TelcoLearn
News•Mar 6, 2026
Scotland Explores Non-Biometric IDV for ScotAccount
Scotland’s ScotAccount digital identity platform is broadening verification beyond biometrics by introducing knowledge‑based verification (KBV) and tapping alternative public‑sector data sources. Existing alternatives such as landline‑based two‑factor authentication for older users, the Young Scot NEC, and a CivTech‑sponsored vouching pilot already...
By Biometric Update
Podcast•Mar 6, 2026•52 min
Scaling Remote Support in Education and Government: The Nash County Playbook
In this episode, Nash County Public Schools’ CTO Tremaine McQueen and Senior Network Engineer J.R. Williams discuss how they evaluated, selected, and rolled out a new remote support platform from BeyondTrust to serve over 3,000 endpoints across 24 schools. They...
By CarahCast: Podcasts on Technology in the Public Sector
News•Mar 6, 2026
TriZetto Confirms 3.4M People’s Health and Personal Data Was Stolen During Breach
TriZetto, a Cognizant‑owned health‑tech platform, confirmed that a cyberattack exposed personal and medical information for more than 3.4 million individuals. The breach went undetected for almost a year, with hackers accessing insurance eligibility reports from November 2024 until the company discovered the...
By TechCrunch – Biotech & Health
News•Mar 6, 2026
How Visa Uses AI in the Fight Against Fraud with AI…
Visa has invested €10 billion in payment security and now blocks over 150 million fraudulent transactions each year. While e‑commerce fraud rates in Europe are falling, fraudsters have turned to AI‑generated social engineering, making scams five times more likely to succeed. Retailers...
By Retail Detail (EU)
News•Mar 6, 2026
Magnet Forensics Shares The 2026 State Of Enterprise DFIR Report
Magnet Forensics released its sixth annual State of Enterprise DFIR Report, surveying over 360 private‑sector investigators. The findings highlight four defining trends for 2026: AI adoption jumps to 68%, SaaS‑based real‑time collaboration grows 24% year‑over‑year, mobile evidence remains critical yet...
By Forensic Focus
News•Mar 6, 2026
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
The guide explains how managed service providers (MSPs) can leverage AI‑powered risk management to transform fragmented cybersecurity services into a scalable, revenue‑generating model. It outlines the shift from isolated, compliance‑only offerings to a risk‑first approach that delivers continuous protection and...
By The Hacker News
News•Mar 6, 2026
Oracle Introduces Selfie Biometrics to Tackle Workforce Fraud
Oracle has launched a selfie‑based biometric authentication and liveness detection feature within its Cloud Infrastructure Identity and Access Management (IAM) Identity Assurance service. The capability creates encrypted facial vector embeddings after users enrol with a government ID, storing only the...
By HR Katha (India)
News•Mar 6, 2026
AI Transforms ‘Dangling DNS’ Into Automated Data Exfiltration Pipeline
Dangling DNS records—stale domain pointers left after cloud resources are shut down—are being weaponized by attackers to create automated data exfiltration pipelines for AI agents. By hijacking the abandoned hostname, threat actors embed hidden prompts that AI assistants interpret as...
By Network World (sitewide)
News•Mar 6, 2026
Cyber Security Model
The UK Ministry of Defence has transitioned its Cyber Security Model from version 3 to version 4, introducing four new Cyber Risk Profiles (Level 0‑3) and a digital Supplier Cyber Protection Service for risk assessments and assurance questionnaires. Under CSMv4, suppliers must self‑assess...
By UK Ministry of Defence (GOV.UK)
News•Mar 6, 2026
Digital Health and Care Wales Seeks £5 Million Intelligent Audit Solution
Digital Health and Care Wales (DHCW) has launched a £4.9 million procurement for a National Intelligent Integrated Audit Solution to monitor user access across the NHS Wales single patient record, clinical applications and data repositories. The cloud‑based platform must ingest audit...
By HTN – Health Tech Newspaper (UK)
News•Mar 6, 2026
Challenges and Projects for the CISO in 2026
CISOs face a 2026 threat landscape where AI‑driven attacks are faster, cheaper, and more credible, forcing a shift from prevention to rapid response. Experts warn that a growing internet monoculture and quantum decryption threats will magnify breach impact. Identity verification...
By CSO Online
News•Mar 6, 2026
Tidal Cyber Featured in SageTap H2 2025 Cybersecurity Report
Tidal Cyber, a pioneer of Threat‑Led Defense, has been featured in SageTap’s H2 2025 Cybersecurity Report, which examines verified security buying decisions from 264 leaders. The report highlights growing enterprise investment in AI‑enabled platforms that turn threat intelligence into measurable actions....
By AI-TechPark
News•Mar 6, 2026
Backup Strategies Are Working, and Ransomware Gangs Are Responding with Data Theft
Business email compromise (BEC) and funds transfer fraud (FTF) accounted for 58% of cyber‑insurance claims in 2025, with BEC alone representing 31% of all claims. Average BEC loss fell 28% to $27,000 and FTF loss dropped 14% to $141,000, while...
By Help Net Security
News•Mar 6, 2026
Why Phishing Still Works Today
Gal Livschitz, senior penetration tester at Terra Security, explains how phishing has become harder to detect by leveraging HTTPS, branded look‑alike domains, and sophisticated delivery methods. He highlights the rise of QR‑based phishing in PDFs, MFA‑fatigue attacks that pressure users...
By Help Net Security
News•Mar 6, 2026
What Happens when AI Teams Compete Against Human Hackers
The NeuroGrid competition, hosted on Hack The Box, pitted 120 AI‑augmented teams against 958 human‑only teams across 36 security challenges. AI‑augmented participants completed 73% of challenges, far outpacing the 46% completion rate of human‑only teams. The advantage was strongest on...
By Help Net Security
Deals•Mar 5, 2026
Cylake Raises $45M Seed Round Led by Greylock Partners
Cybersecurity startup Cylake announced a $45 million seed funding round led by Greylock Partners to develop its AI‑native data sovereignty platform. The solution keeps security data on‑premises or in private‑cloud environments, targeting regulated sectors such as government, finance, and healthcare.
SiliconANGLE
Video•Mar 5, 2026
ThreatLocker CEO Told Me the Codename... Project Elephant
The video features ThreatLocker’s CEO previewing an upcoming product reveal, internally dubbed “Project Elephant.” The initiative follows the company’s recent success with zero‑trust endpoint protection, which now operates without generating alerts unless left in monitor mode. Key insights include the realization...
By Simply Cyber
Video•Mar 5, 2026
Cybersecurity Careers: Cloud Security Engineer (7 of 9 Careers)
The video spotlights the cloud security engineer track, emphasizing its distinct importance amid soaring demand for cloud expertise. Host Joe South outlines three career tiers—junior, senior, and lead—each with escalating responsibilities within an organization’s cloud defense posture. Junior engineers primarily monitor...
By Infosec Institute
Video•Mar 5, 2026
Dem Lawmakers Press IRS CEO Frank Bisignano on the IRS-ICE Data-Sharing Agreement
Democratic lawmakers grilled IRS Chief Executive Frank Bisignano Thursday over a court‑ordered finding that the agency illegally shared confidential taxpayer data with Immigration and Customs Enforcement. The hearing focused on a staggering 42,695 instances where the IRS transferred immigration‑related information to...
By FedScoop
Video•Mar 5, 2026
How Vyntra Keeps Real-Time Payments Fast and Safe
The video introduces Vyntra, a fintech startup focused on guaranteeing that real‑time payments are both instantaneous and secure. Co‑founder Joel explains the company’s mission to bridge two market gaps: monitoring payment‑speed service‑level agreements and preventing fraud or money‑laundering. Vyntra’s solution emerged...
By FF News | Fintech Finance
Video•Mar 5, 2026
How Datavillage Uses AI to Accelerate Fraud Investigations
The video features a product‑owner from DataVillage speaking at the FF Tattoo Studio during Cypus 2025, introducing the company’s AI‑driven fraud‑investigation platform. DataVillage encrypts client data before feeding it to machine‑learning models, allowing multiple financial institutions to share information securely. The AI...
By FF News | Fintech Finance
Video•Mar 5, 2026
Black Hat USA 2025 | Use and Abuse of Palo Alto's Remote Access Solution
The presentation examined Palo Alto’s GlobalProtect remote‑access solution, focusing on its split‑tunnel feature that lets administrators whitelist domains such as *.zoom.us to bypass the VPN. The speaker, a security engineer with pentesting background, demonstrated how the feature intertwines DNS resolution...
By Black Hat
Video•Mar 5, 2026
Techstrong TV - March 5, 2026
AI-driven code assistants are delivering functional software faster, but security safeguards are lagging, prompting Endor Labs to launch a real‑time intelligence layer that vets open‑source models for AI‑induced vulnerabilities. Meanwhile, Xurrent highlights a shift in IT service management from reactive...
By Techstrong TV (DevOps.com)
Deals•Mar 4, 2026
Circadence Raises $16.4M in Funding Round Led by Seneca Partners
Circadence announced it has closed a $16.4 million funding round led by Seneca Partners to expand its AI-driven cyber readiness platform. The capital will support the launch of new AI products, including RangeGPT and Project Ares GEN3, enhancing cyber training...
Ventureburn
Deals•Mar 3, 2026
Giesecke+Devrient Acquires XTec to Expand US Government Security Tech Footprint
German security technology firm Giesecke+Devrient announced the acquisition of XTec, a provider of secure identity and credential management solutions for U.S. government agencies. The deal, announced on March 3, 2026, will see XTec integrated into G+ D’s Veridos joint venture, expanding...
Washington Technology
Deals•Feb 28, 2026
Zafran Security Secures $60M Series C Funding with Amex Ventures and Existing Backers
Zafran Security, an AI-native threat exposure management startup, announced the closing of a $60 million Series C round. Amex Ventures joined the round alongside existing investors Menlo Ventures, Sequoia Capital and Cyberstarts. The capital will fuel Zafran’s AI-driven security platform expansion...
Crowdfund Insider
Deals•Feb 27, 2026
Quantum eMotion Corp. Acquires SKV Technology Inc., Securing SecureKey Platform
Quantum eMotion Corp. announced it will acquire all shares of SKV Technology Inc., gaining control of the SecureKey platform. The acquisition includes milestone‑based earn‑out payments up to C$7 million and potential royalties up to $15 million, with closing expected around March 2 2026. The...
Quantum Zeitgeist
Deals•Feb 26, 2026
ThreatAware Raises $25M From One Peak to Scale AI-Powered Cybersecurity
ThreatAware announced a $25 million funding round led by One Peak, a growth equity firm. The capital will be used to expand its AI-driven cyber asset intelligence platform across North America. The round underscores the company's profitability and market traction...
Ventureburn
Deals•Feb 26, 2026
UpGuard Raises $75M in Series C to Boost AI-Driven Risk Operations
UpGuard announced a $75 million Series C round to expand its AI‑powered cyber risk posture management platform, grow its global go‑to‑market presence, and pursue acquisitions. The funding will accelerate continuous risk operations and enhance the company’s offering for security teams.
ChannelE2E
Deals•Feb 26, 2026
HaystackID Acquires eDiscovery AI to Accelerate GenAI Legal, Compliance, and Cyber Workflows
HaystackID announced the acquisition of eDiscovery AI, a provider of generative AI tools for legal workflows, on February 26, 2026. The deal, terms undisclosed, will keep eDiscovery AI as a separate entity while integrating its technology into HaystackID’s platform, enhancing...
ComplexDiscovery
Deals•Feb 25, 2026
Prophet Security Secures Strategic Funding From Amex Ventures, Citi Ventures, Accel, and Bain Capital Ventures
Prophet Security, a Palo Alto-based developer of an agentic AI platform for Security Operations Centers, announced a strategic funding round of undisclosed size. The round was backed by Amex Ventures, Citi Ventures, Accel, and Bain Capital Ventures. The capital will...
FinSMEs
Deals•Feb 24, 2026
Astelia Raises $35M for Evidence-Driven Exposure Management
Astelia, a New York‑based exposure management startup, announced a $35 million combined seed and Series A round led by Index Ventures and Team8, with participation from Holly Ventures. The funding will be used to expand its AI‑driven platform, scale deployments, and grow...
ChannelE2E
Deals•Feb 24, 2026
Markon Acquires Cybersecurity Services Provider Millennium Corp.
Markon announced the acquisition of Millennium Corp., a cybersecurity services provider that supports the Defense Department with threat emulation, testing, and intelligence services. The deal, disclosed on Friday, expands Markon's red‑team capabilities and consolidates its R&D portfolio, with financial terms...
Washington Technology
Deals•Feb 23, 2026
Reliance Global Group Acquires Enquantum Ltd. To Build Post‑Quantum Encryption Platform
Reliance Global Group announced the acquisition of Enquantum Ltd., a quantum‑resilient encryption firm, as the first platform deal under its Scale51 operating model. The transaction gives Reliance majority control (up to 51%) and aims to develop Enquantum into a core...
Quantum Zeitgeist
Deals•Feb 23, 2026
Arctic Wolf Acquires Sevco Security to Boost Exposure Management
Arctic Wolf announced on Monday that it has acquired Sevco Security, a startup focused on exposure management, to enhance its Aurora platform’s vulnerability and exposure capabilities. Deal terms were not disclosed. The acquisition follows Arctic Wolf’s strategy of expanding its...
CRN (US)
Deals•Feb 23, 2026
Ekco Acquires Datalogix as It Accelerates Expansion Strategy
European managed security services provider Ekco announced the acquisition of Cork‑based operational technology specialist Datalogix. The deal expands Ekco’s OT security capabilities across Ireland, the UK and the US, boosting its security division revenues to €100 million within a €200 million group...
Irish Tech News
Deals•Feb 23, 2026
Bastion Security Group Merges with Astralas to Expand Professional Services in Australia
Cybersecurity specialist Bastion Security Group announced a merger with Melbourne‑based Astralas, adding deep technical expertise in security architecture and cloud consulting. The combined entity will have over 250 cybersecurity professionals across Australia and New Zealand, enhancing its service portfolio for...
ARN (Australia)