Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
EnSilica Joins UK CHERI Adoption Collective to Accelerate Secure-by-Design Silicon
EnSilica has been selected to join the newly formed CHERI Adoption Collective, a UK‑government‑backed initiative aimed at embedding hardware‑level memory safety into critical systems. The collective brings together infrastructure operators such as BT, National Grid and SSE, along with semiconductor partners, to develop lower‑cost, secure‑by‑design solutions for legacy and next‑generation platforms. EnSilica will contribute its EnSura™ secure microcontroller, a CHERI‑enabled RISC‑V design that also supports post‑quantum cryptography. The move positions the company at the forefront of hardware‑enforced cybersecurity for critical infrastructure, automotive, industrial and communications markets.
RSAC 2026: Cohesity Enhances Cyber Resilience with Next-Generation Malware Scanning Powered by Sophos
Cohesity announced native integration of Sophos next‑generation malware scanning into its Data Cloud platform. The feature, included with the Enterprise Edition, detects zero‑day, polymorphic and fileless threats hidden in backup data without requiring a separate Sophos license. Scans run incrementally...
RSAC 2026: Commvault Extends Enterprise Resilience to Structured and AI Data with Real-Time Governance Controls
Commvault announced an expansion of its data security posture management (DSPM) to include structured data and AI‑driven vector databases, leveraging its recent acquisition of Satori. The new real‑time data access governance lets security teams monitor and control structured data usage,...
RSAC 2026: Druva Pioneers Identity-Aware Resilience for Okta, Active Directory, and Entra ID
Druva unveiled Identity Resilience, extending its SaaS platform to protect identities across Okta, Microsoft Active Directory and Entra ID. The solution continuously models identity state, correlates privileges, activity and data, and stores this intelligence in the MetaGraph engine. By unifying hybrid...
Rubrik and Rackspace Technology Launch UK Sovereign Cyber Recovery Cloud
Rackspace Technology and Rubrik have launched the UK Sovereign Cyber Recovery Cloud, a ransomware‑focused recovery service that keeps all data, hardware and management within UK borders. The offering provides an automated, isolated "clean‑room" environment that can restore public‑sector and regulated...
Nakivo Expands Platform Support and Elevates Security in v11.2
Nakivo released Backup & Replication v11.2, adding native support for VMware vSphere 9 and Proxmox VE 9.0/9.1 while introducing built‑in OAuth 2.0 for email notifications. The update also bundles broader platform compatibility and critical security patches. Customers can now protect the latest hypervisor versions...
Keepit Signs Strategic Agreement with Hammer Distribution
Keepit, a cloud‑native data protection provider, has signed a strategic agreement with Hammer Distribution to strengthen its UK and Ireland market presence. The partnership leverages Hammer’s value‑added distribution network and Keepit’s local data centers to deliver vendor‑independent SaaS backup that...
The Most Important Data Source for Enterprise SEO Teams in 2026
In this 1‑minute‑40‑second episode of Voices of Search, host Tyson chats with Kaspar Siminski, Senior Director at Search Brothers and former Google search team member, about the single most critical data source for enterprise SEO teams in 2026. Siminski argues...
Emerging Innovator Naveen Reddy Burramukku Recognized for Pioneering
Naveen Reddy Burramukku, a systems and network architect, has been highlighted as an emerging innovator in secure infrastructure engineering. His scholarly work spans virtualization protection, identity governance, disaster recovery, and hybrid cloud security, introducing methods that boost resilience and reduce...
AI Cyberattacks Surge, Cloudflare’s AI Defense Boosts $NET
AI-driven cyberattacks are scaling rapidly — and $NET is a direct beneficiary Cloudflare’s AI-powered defense, driven by Cloudforce One and its global network, now blocks ~230 billion threats daily. Attack sophistication is rising fast. AI is being used for exploit development, network mapping,...
Cato Networks Unveils Modular Adoption Model for SASE Platform
Cato Networks announced a modular adoption model for its core SASE platform, allowing enterprises to select and add capabilities such as AI security, SD‑WAN, SSE and universal ZTNA on demand. The solution runs on the GPU‑powered Cato Neural Edge, a...
Guidance: Industry Security Notice (ISN)
The UK Ministry of Defence’s Industry Security Notices (ISNs) continue to evolve, with the latest revision on 31 March 2026 adding Defence Cyber Certification (DCC) guidance under DEFCON 658 and clarifying the cyber‑security model scope. Over the past six years the ISNs have...
This App Makes Even the Sketchiest PDF or Word Doc Safe to Open
Dangerzone is a free, open‑source tool that sanitizes PDFs, Word, Excel, PowerPoint, OpenOffice, EPUB and image files by sandboxing them and converting each page to an image‑only PDF. The process runs in a container or virtual machine with no internet...
Fewer CVEs in Your Camunda 8 Containers with Hardened Base Images
Camunda announced that its Camunda 8 self‑managed containers now use hardened Minimus base images, eliminating 354 known CVEs from the base layer. The transition covers Node, OpenJDK, OpenJRE and PHP images and includes a build‑time option for Zeebe’s container. Ongoing...
Vibrations in Your Skull May Be Your Next Password
Rutgers researchers unveiled VitalID, a software biometric that authenticates XR users via skull‑borne vibrations from breathing and heartbeat. The method captures unique vibration patterns with headset motion sensors, eliminating passwords, PINs, and iris scans. In trials with 52 participants across...
Okta Deploys AI‑Agent Identity as 'Claw' Architecture Takes Hold in Enterprise
Okta, the $14 billion identity‑management firm, announced a new AI‑agent identity framework to protect autonomous software agents, signaling the enterprise’s shift toward “claw” technology. Executives from Okta, Nvidia and startup NanoCo highlighted security, productivity and cost pressures driving the move.
7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown
From March 2025 to March 2026 ransomware groups posted 7,655 victim claims on public leak sites, averaging about 20 claims per day. The five most active groups—Qilin, Akira, INC Ransom, Play and Safepay—account for 40% of all claims, with Qilin alone responsible...
Apple Adds macOS ClickFix Warning to Block Self‑inflicted Malware Attacks
Apple introduced a Terminal warning in macOS 13.4 that blocks paste actions containing potentially malicious code, directly confronting the ClickFix social‑engineering technique. The move comes as researchers document new macOS threats like Infiniti Stealer that exploit the same user‑driven command...
Employee Data Breaches Surge to Seven-Year High
Employee data breach reports to the UK Information Commissioner’s Office reached 3,872 incidents in 2025, the highest level in at least seven years. That marks a 5% rise from the previous year and a 29% increase versus 2019, when reporting...
Change Intelligence and Deployment Connectors for Liquibase Secure
Liquibase Secure announced two new capabilities—Change Intelligence and Deployment Connectors for ServiceNow, GitHub, Harness, and Terraform. Change Intelligence aggregates change data, applies AI‑driven risk analysis, and automatically captures audit evidence in a single view. Deployment Connectors embed governed database change...
KYND Warns Insurers of Surge in US Website Privacy Lawsuits
Cyber‑risk firm KYND warns insurers that U.S. privacy lawsuits tied to routine website tracking have surged from a few hundred to over 2,000 cases annually. The claims focus on marketing pixels and analytics tools rather than data breaches and can...
Let’s Stop Sovereignty Washing
The article warns that cloud providers are marketing “sovereignty” while delivering only data residency, creating a gap between promises and technical reality. It explains that U.S. laws such as the CLOUD Act can compel access to data stored in Europe,...
Hacker Charged with Stealing $53 Million From Uranium Crypto Exchange
U.S. prosecutors have charged Maryland resident Jonathan Spalletta with stealing more than $53 million from the decentralized Uranium Finance exchange through two separate smart‑contract exploits in April 2021. The attacks drained liquidity pools, forced the platform to shut down, and the...
Huawei Secure SD-WAN Full SASE Solution: Secure, Intelligent Connectivity for Modern Enterprises
Huawei has launched its Secure SD‑WAN Full SASE solution, a unified platform that blends networking, security and AI‑driven management for enterprise connectivity. The solution dynamically routes traffic over MPLS, broadband, LTE or 5G while encrypting tunnels and providing integrated firewall,...
The External Pressures Redefining Cybersecurity Risk
External pressures are reshaping cybersecurity risk, with third‑party breaches now accounting for over 35% of incidents. Geopolitical conflicts are spilling battle‑tested tactics into operational technology (OT) and IoT environments, raising safety and continuity stakes. Generative AI accelerates attacker capabilities while...
California Gets Serious About Regulation (Again)
Effective Jan 1 2026, California expanded its CCPA/CPRA into a unified governance framework that blends privacy, cybersecurity, and AI regulations. The new rules mandate formal risk assessments for high‑risk processing, regulate automated decision‑making technologies, and require independent cybersecurity audits. Obligations roll out...
Supply Chain Attacks Force Permanent Passwordless Rotation
Whoever is doing all the supply chain attacks really wants us to switch to passwordless auth for everything. If the cadence of attacks continues we will end up just having to permanently rotate everything for the rest of the year.
This Month in Security with Tony Anscombe – March 2026 Edition
In March 2026, ESET’s chief security evangelist Tony Anscombe highlighted four major cyber incidents. A hack claimed by Iran‑linked Handala crippled med‑tech giant Stryker, wiping over 200,000 devices and exfiltrating 50 TB of data. Google’s Threat Intelligence Group reported that 77 %...
Here's a Thing - What if Shadow AI Is Actually Telling Us Something Useful?
Enterprises are confronting a surge of shadow AI—unauthorized, employee‑driven use of large language models and autonomous agents. As governance lags, these tools make decisions and act independently, amplifying risk beyond traditional shadow IT. Experts argue that treating employees as AI...
Qilin Ransomware Allegedly Breached Chemical Manufacturer Giant Dow Inc
Cybercrime group Qilin ransomware announced it breached chemical giant Dow Inc., adding the company to its Tor data‑leak site. Dow, a $40 billion global manufacturer with 36,000 employees, has not provided evidence of stolen data. The claim follows Qilin’s rapid growth...
Razorpay Introduces RBI-Compliant Biometric Authentication Solution ‘Passkey’
Razorpay has launched “Passkey,” an RBI‑compliant biometric authentication solution for online card payments, developed with Mastercard and slated to integrate Visa soon. The technology leverages device‑bound fingerprints or facial scans, removing the need for one‑time passwords that cause roughly 35%...
UK Seeks Views on Reshaping Cyber Laws for Downstream Gas and Electricity
The UK government, together with regulator Ofgem, has launched a consultation on revising cyber‑resilience rules for downstream gas and electricity licensees. The proposal would impose baseline cyber security requirements on all Ofgem‑licensed operators, while applying stricter standards to the most...
STV Group and Post-Quantum Successfully Trial World’s First Quantum-Resilient Drones
STV Group and UK‑based Post‑Quantum announced the successful trial of the world’s first quantum‑resilient drones, demonstrating secure, future‑proof communications between unmanned aircraft and operators. The tests, conducted in operational environments linked to Ukraine and other allied theatres, proved the drones...
What Makes Browser Hijacking a Silent Threat?
Browser hijacking, where attackers covertly alter browser settings or install malicious extensions, is emerging as a silent threat to enterprises. Researchers have identified 33 rogue extensions affecting over 2.6 million users, and Microsoft reported a 111 % surge in token‑replay attacks in...
Scaling Speed and Trust in AI-Driven Systems
How do we build systems where speed and trust can scale together? I explored this with @MichaelLeland, field CTO of #island at RSA and it’s the challenge of the AI era. AI is now an actor. Fast, boundaryless, and creating risks most...
Bitcoin Must Start Quantum-Resilience Work Today
Bitcoin needs to get ready for the quantum era. We need to strengthen initiatives like BIP 360. We need to invest more efforts in finding creative, smart solutions to ensure Bitcoin is post-quantum secure. Saying that quantum computers are coming is not FUD....
World Backup Day 2026: A Telecom B2B Guide to Data Protection in the AI Age
World Backup Day on March 31 highlights telecoms’ need for robust data protection amid AI‑driven growth. AI adoption has surged, with 77% of telecom executives citing operational benefits and 61% using AI for analytics, but it also inflates data volumes and...
Npm Supply Chain Attacks Becoming Disturbingly Frequent
is it me or supply chain attacks on npm are getting regular occurrence these days?
AI Automation Fuels Sophisticated, Costly Cyberattacks Across Businesses
AI-driven cyberattacks are becoming more sophisticated and costly, with automation enabling highly targeted phishing, synthetic identities, and a surge in ransomware and coordinated attacks impacting businesses of all sizes. cybersecurity
Axios Compromised on NPM – Malicious Versions Drop Remote Access Trojan
On March 30‑31 2026, attackers compromised the npm maintainer account for the popular HTTP client library axios and published two malicious releases, axios@1.14.1 and axios@0.30.4. Both versions added a fake dependency, plain‑crypto‑js@4.2.1, which runs a post‑install script that drops a...
Hardware Advances Slash RSA Break Time to Minutes
Still a lot to build on the hardware side, but the last state of the art papers were stating about 8 hours to crack RSA, now it's 9 minutes. Lots of gates, lots of hardware, but we are seeing quite...
Claude's Source Code Allegedly Exposed Through Npm Map File
WILD if true. @Fried_rice is reporting that Claude's source code leaked via an npm .map file 👀 Code: https://t.co/nQFCcCCc6Z https://t.co/ACLKa6wVFf
Federal ‘Fedware’ Apps Flagged as Spyware, Raising Alarm for Government CIOs
A review of recently released federal mobile applications, dubbed “Fedware,” uncovered extensive permission requests and embedded third‑party trackers, including sanctioned Chinese components. The findings warn public‑sector CIOs of heightened privacy and security exposure.
Quickly Detect Axios Supply‑Chain Compromise with New Claude Skill
🚨 Want to quickly check if you've been compromised by the Axios supply-chain attack? Hari (@hrkrshnn) just shipped a free @claudeai skill for us 🙏 /plugin marketplace add cantinasec/plugins /plugin install cantinasec@cantinasec-plugins /reload-plugins /cantinasec:axios https://t.co/XlUdHdDcl7
IOS 26.5 Restores Encryption, Paves Way for Maps Ads
iOS 26.5 brings back end-to-end encryption when messaging Android users, but it also brings us one step closer to ads in Apple Maps. https://t.co/uhPJbpMa8C
SANS Stormcast Tuesday, March 31st, 2026: Honeypot Session Lifetime; Let’s Encrypt Tests Mass Revocation; F5 RCE Exploited
In this 5‑minute Stormcast episode, host Johannes Ulrich discusses three security topics: the typical short lifespan of honeypot sessions and how the final command attackers run can reveal they’re in a honeypot; Let’s Encrypt’s staged test of its mass‑revocation process...
Consumers Shouldn't Bear the Burden of Spotting Scams
Why should consumers be the ones trying to work out whether something is a scam or not? #CyberSecurity #Scam #Fraud #DigitalSignatures https://t.co/UykiRfLj5z
Beyond Pinning: Harden Node and Python Supply Chains
Supply chain attacks are becoming more frequent, and far more serious. What are sensible practices to protect against these when using Node or Python packages? I assume pinning versions is the bare minimum; for those with security teams / tools: why else...
Has GSA Adopted DOD’s CMMC Requirements?
On January 5 2026 the General Services Administration issued an IT Security Procedural Guide that instantly raises cybersecurity requirements for any contractor handling Controlled Unclassified Information. The guide forces compliance with NIST SP 800‑171 Rev 3, selected SP 800‑172 Rev 3 controls, and privacy controls from...
Treat AI Agents Like Malware: Three Safety Lessons
AI Agents Act a Lot Like Malware. 3 core lessons that can help companies safely adopt agentic AI https://t.co/jmHx1BceXK https://t.co/nhAWPPp2OG