Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
3 SOC Process Fixes That Unlock Tier 1 Productivity
The article outlines three SOC process fixes that boost Tier 1 productivity: a unified cross‑platform investigation workflow, a behavior‑first triage model powered by automation and interactivity, and standardized escalation with response‑ready evidence. Leveraging ANY.RUN’s sandbox, analysts can analyze Windows, macOS, Linux and Android threats in a single interface, validate malicious behavior within seconds, and generate structured reports for seamless handoff. Reported outcomes include up to 20% lower Tier 1 workload, 30% fewer escalations, and a 21‑minute reduction in mean‑time‑to‑resolve. These changes transform SOC efficiency and cost structure.
YouTube TV Subscribers Are Being Targeted By Scammers
Cybercriminals are sending phishing emails that falsely claim YouTube TV subscriptions have been cancelled due to payment problems. The messages contain counterfeit links that mimic the official YouTube TV portal, prompting victims to enter credit‑card numbers and personal data. Google’s...
Estonian Hospital Sends Patient Home with Other Peoples’ Health Data
West Tallinn Central Hospital gave a patient a USB drive that, instead of containing only their X‑ray images, also held the personal health records of several other patients. The hospital claims the drive was newly purchased from its own shop,...
Investing Blog Roundup: Getting Used to Passkeys
The blog post urges readers to start using passkeys—cryptographic login tokens that replace passwords—by experimenting on low‑stakes sites like Target or Walmart. It explains that the user experience differs across ecosystems: Apple‑only households enjoy a seamless flow, while mixed environments...
AI‑Powered Recruiter Scam Uses Fake Jobs to Sell Software
PSA: There’s a new scam going around with exec search firms targeting people to say there’s a role they’re well suited for in order to sell resume software. The tell is AI: They essentially leveraged LinkedIn keywords to market these...
Aderant Achieves SOC 2 Type 2 for Onyx
Aderant announced on March 30 that its outside‑counsel guideline platform, Onyx, successfully completed a SOC 2 Type 2 audit. The examination, conducted by Schellman & Company, assessed controls for security, availability, and confidentiality over the period Nov 1 2025 through Jan 31 2026. Achieving Type...
Container Security Now Central to Government Martech Stacks
Government marketing‑technology platforms are increasingly built on containerized infrastructure, making container security a core concern for public‑sector digital services. Over‑provisioned images and ineffective runtime scans expose agencies to heightened cyber risk, especially as sensitive citizen data flows through these systems....
LLMs on Kubernetes Part 1: Understanding the Threat Model
Running large‑language models (LLMs) on Kubernetes provides familiar scheduling and isolation, but the platform cannot assess the safety of natural‑language prompts or the confidentiality of generated output. The article highlights the OWASP Top 10 for LLM applications and focuses on four...
AI-Fueled Cyberattacks Surge in UAE Amid Rising Regional Tensions
The United Arab Emirates is confronting an unprecedented wave of cyberattacks, with the Cyber Security Council estimating 500,000 to 700,000 incidents each day. Threat actors, including state‑linked groups from Iran, are exploiting artificial‑intelligence tools such as ChatGPT to automate reconnaissance,...
Kantara Initiative to Collaborate with the OIDF on the Role of Authorised Auditor
The OpenID Foundation announced a Memorandum of Understanding with the Kantara Initiative, appointing Kantara as an Authorized Auditor for its independent conformance testing program. In this role, Kantara will evaluate organizations seeking Approved Testing Service Provider status, ensuring they meet...
Iran War Triggers Surge in Spyware Attacks on Israelis and U.S. Firms
Iran-linked hacking groups have launched a coordinated spyware campaign that sent fake shelter‑alert texts to Israelis, while nearly 5,800 cyberattacks have been logged against U.S. and regional firms. The digital offensive underscores how cyber tools are now a core component...
RedotPay Earns ISO/IEC 27001 Certification, Bolstering Stablecoin Payment Credibility
RedotPay, the Hong‑based stablecoin payment fintech, received ISO/IEC 27001 certification from SGS, confirming its information‑security management system meets global standards. The audit highlights robust encryption, data‑access controls and a security‑first culture, positioning the firm for deeper institutional partnerships.
Foster City Cyberattack, Jury Finds Meta and Google Negligent, and Can SF’s Small Clubs Survive?
A ransomware breach forced Foster City to declare a state of emergency, temporarily disabling municipal phone and email services before restoration within a week. A federal jury found Meta and Google negligent for contributing to a youth mental‑health crisis, marking...
Cyber Incidents: Share Price Response Immediate and Sustained
ISS STOXX and ISS‑Corporate analyzed cyber incident disclosures for Russell 3000 companies from 2022‑2024. They found that firms reporting significant cyber breaches underperform the market by roughly 5% on average, with the gap widening to nearly 4.9% after 250 trading...
World Back Up Day 2026 – What Are the Takeaways?
World Backup Day 2026 highlighted that backups alone no longer guarantee security. Experts from WatchGuard, KnowBe4, and Keeper urged organizations to move beyond storage and implement fully tested, recovery‑focused resilience plans. The discussion emphasized that data loss is inevitable, ransomware...
Falsely Accused, Bail Granted; Fraud Was Impersonator Scheme
I want to address what happened to Neeraj and me last week. Of course, it was quite shocking to us as well and honestly very disheartening. But today, we want to talk about what actually happened and more importantly, what...
Cybersecurity Is a Calling, Not Just a Career — Dr. Priyanka Sunder (PD) on Women Leading the Charge
Dr. Priyanka Sunder, a two‑decade cybersecurity strategist and award‑winning leader, discusses how women are reshaping governance, risk and compliance (GRC) in the industry. She highlights the shift from compliance check‑boxes to continuous resilience, emphasizing cloud security controls, data localization, and...
Why Kubernetes Controllers Are the Perfect Backdoor
Kubernetes controllers, the engine behind cluster self‑healing, are being weaponized as stealthy backdoors. Threat actors register rogue MutatingAdmissionWebhooks or custom controllers that watch for pod creation events and inject malicious sidecars, as seen in the Siloscape and Hildegard campaigns. Because...
Why User Behavior Is the Primary Entry Point for Cyberattacks
Cybercriminals are increasingly exploiting human behavior as the primary gateway into enterprises, with credential theft now eclipsing traditional technical exploits. Although perimeter defenses have hardened, 60% of data breaches still stem from user error, amplified by AI‑driven social engineering and...
How OpenClaw’s Agent Skills Become an Attack Surface
OpenClaw, an AI‑agent gateway, gives users deep access to local files, browsers and long‑term memory, but it stores that data in plain‑text files on predictable disk locations. This design creates a low‑effort attack surface: if the host is compromised, an...
6 Trends Redefining Organizations’ Future with IAM
Inductive Automation’s CISO Jason Waits highlights six emerging IAM trends as the company scales, including a 71% surge in session hijacking and expanding identity sprawl across five systems on average. The firm has responded by deepening its use of Cisco...
'The Missing Piece' For Automating Patching Containers at Scale
Container security teams are grappling with the complexity of patching container images at scale, often stalled by tangled dependency trees and coordination across multiple teams. A new automation framework, dubbed the "missing piece," integrates vulnerability scanning, dependency resolution, and rollout...
Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks
Ukrainian cyber‑defense agency CERT‑UA was spoofed with an AI‑generated website and phishing emails that distributed a password‑protected ZIP containing the AGEWHEEZE remote‑access Trojan. The Go‑based RAT offered full screen, input and system control and communicated with a command‑and‑control server on...
“Sleeper Cells” In Telcos Seen Using Novel New BPFdoor Malware
Researchers have identified a novel malware called BPFdoor that exploits the Linux kernel’s eBPF subsystem to filter packets at kernel level, evading firewalls, IDS and deep packet inspection. The threat has been observed operating as “sleeper cells” within telecommunications networks,...
Pondurance Launches Pondurance Kanati(™): The Industry’s First Agentic AI SOC Designed for Autonomous Operations in a Next-Generation Managed Detection and...
Pondurance announced the general availability of Kanati, the industry’s first agentic AI‑driven Security Operations Center that powers its managed detection and response (MDR) service. The platform autonomously handles high‑confidence threats, delivering 90% faster threat analysis, sub‑two‑minute investigation times and an...
Thailand’s Cybersecurity Boom Has a Weak Core
Thailand’s cybersecurity market has expanded rapidly through 2025, driven by aggressive digital transformation, cloud adoption and new data‑infrastructure initiatives. However, operational depth has lagged, with ransomware employing double‑extortion tactics and APT groups targeting financial firms more frequently. A chronic talent...
Global Threat Landscape Report Shows Exploited High and Critical Severity Vulnerabilities Surged 105% as Attack Timelines Collapsed
Rapid7’s 2026 Global Threat Landscape report reveals a dramatic acceleration in cyber‑attack cycles, with exploited high‑ and critical‑severity vulnerabilities more than doubling year‑over‑year, up 105% from 71 in 2024 to 146 in 2025. The median time from vulnerability disclosure to...
Critical Fortinet Forticlient EMS Flaw Now Exploited in Attacks
Threat‑intelligence firm Defused reports active exploitation of Fortinet’s FortiClient EMS vulnerability CVE‑2026‑21643. The SQL‑injection flaw lets unauthenticated attackers execute arbitrary code via crafted HTTP requests to the EMS web GUI. Shodan and Shadowserver data show roughly 1,000‑2,000 publicly exposed instances,...
Continuous Control Monitoring and the Power of Live Cloud Inventories
Traditional cloud inventories rely on periodic scans and manual CMDB updates, leaving dynamic, short‑lived resources invisible. Continuous controls monitoring (CCM) replaces these static methods with near‑real‑time data ingestion, creating a graph‑based, live inventory that covers every asset. By continuously applying...
SystemRescue 13 Updates Its Kernel to Linux 6.18 LTS, Adds New Recovery Tools
SystemRescue released version 13.00, upgrading its core to the Linux 6.18.20 long‑term support kernel. The update also refreshes storage utilities, including Bcachefs 1.37.3 and GParted 1.8.1, and adds new command‑line tools such as yq and the C‑based iotop‑c. HiDPI display...
The EU CRA – Treating Cybersecurity as Product Liability
The EU’s Cyber Resilience Act (CRA) moves cybersecurity from post‑incident tort claims to product‑level liability, obligating manufacturers, importers and distributors to ensure devices are secure by design, supported and able to report vulnerabilities. The regulation, which entered force on Dec 10 2024,...
Stats SA Confirms Data Breach as Hackers Demand R1.7m Ransom
Stats SA confirmed that hacker group XP95 accessed its HR recruitment database, stealing roughly 154 GB of personal data and demanding a $100,000 (R1.7 million) ransom. The agency rejected the demand, citing compliance with South Africa’s Public Finance Management Act and plans...
AI Agents Could Automate Large‑scale Cyberattacks, Warns Experts
A new wave of AI models could turn cyberattacks into something far more scalable. According to industry and government sources, upcoming systems may enable autonomous agents to plan and execute sophisticated attacks with minimal human involvement. What once required teams could...
AI Defense Must Outpace AI Attack to Preserve Internet
Let's hope AI cyber defense beats AI cyber offense, or the internet age is over
Government Likely to Extend SIM-Binding Deadline for WhatsApp, Telegram and Other Messaging Platforms: Report
India's Department of Telecommunications will push the SIM‑binding compliance deadline for messaging apps to the end of December 2026, after companies cited technical hurdles. The rule, introduced in November 2025, requires apps like WhatsApp, Telegram and Signal to link accounts...
North Korea Pressures Russian Officers over Crypto Ransomware
I assess with medium confidence this is a North Korean state actor looking for Russian officers with large crypto holdings from shaking down ransomware cyber criminals.
Why Risk Alone Doesn’t Get You to Yes
Security leaders often present technically sound risk briefings, yet executives delay action because risk data alone doesn’t compel decisions. The gap lies in translating exposure into business‑focused consequences that align with revenue, compliance, and operational goals. Executives need clear, stakeholder‑specific...
ShipSec Studio Brings Open-Source Workflow Orchestration to Security Operations
ShipSec AI has launched ShipSec Studio, an open‑source security workflow automation platform that replaces ad‑hoc scripts with a dedicated orchestration layer. The visual, no‑code builder lets operators chain tools like Subfinder, Nuclei and TruffleHog into automated pipelines, compiling them into...
FIFA World Cup 2026: A Match Between Fans and Scammers
As the FIFA World Cup 2026 approaches, a NordVPN survey reveals that 11% of American internet users have already encountered soccer‑related scams. Betting fraud (46%) and counterfeit ticket offers (44%) are the most common schemes, proliferating on platforms such as...
Stop Scams Steps up to Online Fraud Challenge
Stop Scams UK, a not‑for‑profit founded in 2020, is scaling its data‑sharing platform to combat online fraud across banks, telecoms and tech firms. In the first half of 2025, UK scams cost roughly $800 million, with two‑thirds originating online. The organisation...
Telstra Business Launches Managed IT Service for SMB Market
Telstra Business announced a new managed IT service aimed at small‑ to medium‑sized enterprises with up to 500 staff. The offering bundles IT support, security and maintenance into Basic, Standard and Premium tiers, each featuring a 24/7 service desk and...
The Hidden Tracking Risk Inside Your Tires
In this episode of the Shared Security Podcast, hosts Tom and co‑host Scott Wright explore the privacy risks posed by tire pressure monitoring systems (TPMS). They discuss a recent study by Spain’s IMDEA institute that captured 6 million wireless signals from...
Don’t Count on Government Guidance After a Smart Home Breach
Researchers examined government cybersecurity guidance across 11 countries for smart homes and found that most advice concentrates on prevention—such as regular updates and changing default credentials—while post‑breach support is minimal. Reporting mechanisms exist but are generic and not tailored to...
Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products
Microsoft issued its March 2026 security update, fixing 83 vulnerabilities across Windows, Office, SQL Server, Azure and other core products. The bulletin includes eight critical and 75 important flaws, notably remote‑code‑execution bugs in Office (CVE‑2026‑26110, CVE‑2026‑26113) and the Print Spooler service...
SIM Swaps Bypass 2FA, Exposing Unprotected Accounts
This hack often occurs 1) if accountholder fails to protect account with two-factor authentication and their credentials get leaked thru an infostealer or 2) account is protected with 2FA but hackers succeed to get accountholder's phone SIM swapped to their...
Model Resource Exhaustion as a Denial-of-Intelligence Attack
The article introduces “denial‑of‑intelligence” attacks, where adversaries drain AI inference resources instead of bandwidth. By sending crafted prompts that trigger long contexts, deep reasoning, or multiple tool calls, attackers force costly compute cycles on the target. Because AI request costs...
U.S. Government Bans Foreign‑Made Wi‑Fi Routers Over Security Concerns
The U.S. government announced a ban on foreign‑manufactured Wi‑Fi routers, citing national‑security concerns. The move immediately affects retailers and consumers, raising questions about supply‑chain adjustments and future regulatory actions.
IRS Warns Real‑Estate Investors of Ten Tax Scams That Can Slash Returns
The IRS’s 2026 “Dirty Dozen” warning highlights ten tax‑scam tactics that could drain real‑estate investors’ returns. Industry analysts say the scams—ranging from phishing emails to fake tax credits—are especially risky for investors who file complex returns, and they urge stricter...
Surfshark Names COO Dovydas Godelis CEO, Aims to Turn VPN Into Mass‑Adopted Cybersecurity Suite
Surfshark announced that COO Dovydas Godelis will replace founder Vytautas Kaziukonis as chief executive. Godelis, 36, says the company will evolve from a niche VPN provider into a full‑stack cybersecurity solution for everyday users worldwide.
Ripple Deploys AI‑Powered Security for XRP Ledger Amid Growing Crypto Threat Landscape
Ripple announced the integration of artificial‑intelligence‑driven security tools into the XRP Ledger, aiming to boost fraud detection and network resilience. While the company did not reveal technical details, the move reflects a broader push for AI in crypto, echoing trends...