Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Thankfully, the Infinite Campus Incident Did Not Involve a Lot of Non-Directory Student Information
DataBreaches downloaded the Infinite Campus leak posted by ShinyHunters and examined its contents. The majority of files were proprietary or client‑related and did not contain personal student information. Approximately two dozen support tickets referenced students by name, with two tickets revealing sensitive disciplinary and arrest details. The analysis found no evidence that core student databases were compromised.
EU Commission Cloud Platform Hit by Cyber‑Attack, Details Sparse
The European Commission confirmed that its cloud hosting platform suffered a cyber‑attack, though the extent of the breach and the number of users affected were not disclosed. The incident underscores growing security challenges for large‑scale networking services and could have...
Lessons From CalPrivacy PlayOn Order
California Privacy Protection Agency (CalPrivacy) fined PlayOn Sports $1.1 million for illegal tracking of student data between January 2023 and December 2024. The company sold personal information to third parties without a functional opt‑out, used a cookie banner that forced consent, and ignored...
Security Gaps Exposed in Pharma AI Research Platforms Amid Rising Cyber Risks
A recent industry report warns that AI‑driven drug discovery platforms are vulnerable to cyber‑attacks and data‑privacy breaches, citing outdated hardware, fragmented compliance frameworks, and supply‑chain pressures. The findings could force pharma firms to overhaul security protocols and accelerate regulatory engagement.
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Iran‑linked threat actors operating under the Handala Hack persona breached the personal email of FBI Director Kash Patel, leaking historical messages from 2010 and 2019. The same group claimed a destructive wiper attack on medical‑device giant Stryker, wiping thousands of...
Worth Reading 032826
Recent technical publications from NIST, APNIC, and industry commentators expose a series of systemic challenges across internet infrastructure and emerging technologies. NIST’s new DNS deployment guidelines emphasize zero‑trust controls, while APNIC highlights architectural bottlenecks that curb eBPF’s use in web...
From Data to Intelligence: Why More Signals Don’t Equal Better Security
The article argues that simply accumulating more security signals does not improve protection; instead, organizations need to convert raw data into actionable intelligence through verification, attribution, and context, especially around identity. It highlights problems like alert fatigue, false positives, and...
Pete Recommends – Weekly Highlights on Cyber Security Issues, March 28, 2026
The weekly highlights expose a surge in cyber‑security threats: WebinarTV covertly records Zoom webinars and repurposes them as AI‑generated podcasts; the FCC has banned all new foreign‑made routers, reshaping the U.S. hardware market; a novel CAPTCHA‑based scam is delivering malware;...
New Infinity Stealer Malware Grabs macOS Data via ClickFix Lures
Infinity Stealer, a new macOS infostealer, uses a Python payload compiled with the open‑source Nuitka compiler to produce a native binary that evades static analysis. The malware is delivered via a ClickFix lure that mimics Cloudflare’s CAPTCHA, prompting users to...
RSAC 2026 Innovation Sandbox
The RSAC 2026 Innovation Sandbox showcased ten finalists, each tackling security challenges that emerged only after 2024, such as autonomous AI agents, non‑human identities, and AI‑generated code vulnerabilities. Geordie AI captured the top prize with its Beam platform, a proactive...
Woodfords Family Services Notifying Patients and Families About 2024 Ransomware Attack
Woodfords Family Services, a Maine provider for people with disabilities, disclosed a ransomware breach that first occurred on April 8, 2024 but was only publicly notified on March 27, 2026 for some victims. The organization previously reported a 2023 incident...
Simple Ways to Stay Safe When Installing New Software
The article emphasizes proactive security habits when installing new software, highlighting system updates, reputable sources, and careful installation steps as primary defenses. It recommends consulting niche tech blogs and community sites for practical risk assessments beyond generic advice. Core practices...
U.S. Government Bans Foreign‑Made Wi‑Fi Routers Over Security Concerns
The United States announced a ban on the sale and distribution of foreign‑manufactured Wi‑Fi routers, citing national‑security concerns. The move targets equipment from several Asian vendors and could force a rapid shift toward domestically produced networking gear.
Echoworx Rolls Out Multi‑Cloud Secure Communications Platform for Regulated Enterprises
Echoworx announced a new secure‑communications suite that natively integrates with Amazon Web Services, Microsoft Azure and Google Cloud, aiming to meet the “sovereign‑first” compliance demands of regulated enterprises. The move reflects a broader shift from fragmented encryption to cloud‑native, jurisdiction‑aware...
Cloudflare Expands Platform, Adds AI Security and SASE Breakthroughs
At #RSAC2026, @Cloudflare doubled down on its expanding platform strategy. AI Security for Apps reached general availability, they rolled out free AI endpoint discovery across all plans, and Cloudflare One became the first SASE solution to secure Model Context Protocol...
Fake Airline ‘Help’ Accounts Surge on X as Middle East Disruption Fuels New Wave of Scams
Travelers across the UK and Europe are seeing a sharp rise in fake airline customer‑service accounts on X as the Middle East conflict forces widespread flight cancellations and delays. Fraudsters impersonate carriers such as Emirates, Etihad and Qatar Airways, replying...
Thousands of Corewell Health Patients Affected by Security Breach
Corewell Health disclosed that its former consulting partner, Pinnacle Holdings, suffered a data breach in 2024, potentially compromising the personal information of thousands of patients. The health system promptly initiated an internal review to determine the scope of exposure and...
IRS Issues Dirty Dozen Alert as AI-Powered Tax Refund Scams Surge
The Internal Revenue Service released its 2026 "Dirty Dozen" list, flagging 12 tax‑refund scams—including AI‑generated robocalls and sophisticated phishing—targeting millions of filers. The agency logged over 600 social‑media impersonators in FY 2025 and warned that the scams are more aggressive...
Supply‑Chain Breach of Aqua Security's Trivy Hits Millions of Developers
Aqua Security confirmed that its open‑source Trivy vulnerability scanner was hijacked on March 19, 2026 by the hacker group TeamPCP. The attackers injected malicious binaries and GitHub‑Actions tags, stealing 300 GB of credentials and affecting millions of developers who rely on the tool.
GitHub to Train Copilot Models on User Data, Sharing Results with Microsoft
GitHub announced that, beginning April 24, it will collect usage data from free, Pro and Pro+ Copilot users to train its own AI models and share the data with Microsoft. Business, Enterprise and users who opt out are exempt, sparking...
Secure Authentication Starts With Secure Software Development
The MojoAuth blog stresses that secure authentication begins with secure software development, not just choosing the right protocol. It highlights how modern methods like passkeys, WebAuthn, OAuth, and JWT introduce implementation challenges that can become breach vectors. The article outlines...
What Is Shift Left Security?
Shift‑Left Security embeds protection into the earliest phases of the software development lifecycle, moving security checks leftward on the SDLC diagram. Gartner forecasts cloud spending will exceed $1 trillion by 2028, intensifying the need for proactive AppSec. By integrating automated SAST,...
Open VSX Scanner Vulnerability Lets Malicious Extensions Go Live
Open VSX, the extension marketplace for VS Code forks, patched a critical “Open Sesame” vulnerability that let malicious extensions bypass its pre‑publish scanning pipeline. The flaw stemmed from a Boolean logic error that treated scanner failures as a “no scanners configured”...
China Used Fake LinkedIn Profiles to Spy on NATO, EU: Security Source
Chinese state security operatives deployed fabricated LinkedIn recruiter accounts to infiltrate NATO and EU institutions, posing as head‑hunters to solicit sensitive information. The fake profiles, such as the "Kevin Zhang" persona, offered paid reports before requesting classified data, paying recruits...
NightBeacon's Primary Model Acts as Evaluator for Better Reasoning
One cool component of NightBeacon is different models trained on the same data, but look at the work that the main model does - think of it as an evaluator, judge, or tier 3 soc analyst that looks at the...
South Korea Launches $13 Million Data Space Pilot Program to Accelerate Secure Data Sharing
South Korea's Ministry of Science and ICT and the National Information Society Agency announced a call for Data Space pilot projects, pledging up to 16.8 billion won (about $13 million) for a medical initiative and additional funding for general‑field pilots. The move...
Fidelity's $2.5M Settlement Highlights Persistent Banking Cyber Risks
Fidelity is preparing to close the door on a class action lawsuit stemming from a recent data breach, agreeing to pay $2.5 million to affected customers. While the settlement amount is relatively modest for a company of Fidelity's scale, the...
Airrived Unveils AetherClaw, Bridging Governance Gap
Closing the Governance Gap: A Plain-English Guide to Airrived’s AetherClaw Announced at RSAC 2026 https://t.co/IhDEL5K3P6
A New Phishing Scheme Is Targeting NFL and NBA Stars: Here’s How the ‘Adult Film Star’ Scam Works
A Georgia man, Kwamaine Jerell Ford, is accused of running a phishing operation that duped NFL and NBA players by posing as an adult film star. The scheme harvested iCloud credentials, stole credit‑card data and secretly filmed victims during coerced...
Real-World LockBit Response Reveals Key Cybersecurity Lessons
What are we reading? Title: “Locked Up - Cybersecurity Threat Mitigation Lessons from a Real-World LockBit Ransomware Response” Author: Zach Lewis Publisher: Wiley @wiley_global #Books #Leadership #SocialSelling #Cybersecurity #Cyberattack https://t.co/PZ1cI5jLVu https://t.co/O9FBmlGxvb
Enterprise Devices Lagging Updates Risk Security and Workflow
Enterprise devices lag in updates and stability, exposing Windows and Mac fleets to security gaps, workflow interruptions, and upgrade pressures. https://t.co/zh91WVTxnQ
Don't YOLO Your File System
Developers are increasingly seeing AI agents wipe files, empty directories, and corrupt home folders when given unrestricted system access. The new open‑source tool jai offers a single‑command sandbox that isolates an agent’s workspace while keeping the current working directory writable....
Apple: Lockdown Mode Remains Unbreached After Four Years
Four years in, hackers and scammers haven't been able to get past Lockdown Mode, Apple says. https://t.co/w7MXWH0ex3
Euro Tech Hubris Threatens Privacy with Mass Message Scanning
These people want to scan ALL YOUR MESSAGES the euro boomer tech incompetency and hubris (not understanding risks) is beyond comprehendible
TrendAI Report Finds 67% of Firms Push GenAI Forward Amid Rising Security Risks
TrendAI's latest survey of 3,700 decision‑makers shows 67% of enterprises are under pressure to adopt generative AI even as they grapple with data‑leak risks, malicious prompts and weak governance. The firm also announced a partnership with NVIDIA to embed security...
No Known Danish or Swedish Cases of Biometric Device Seizure
Have there been any cases in Denmark or Sweden where the authorities have gained access to a journalist’s device using Touch ID or Face ID? Ref: the FBI and WaPo in January. https://t.co/v0vfip6VUz
Delete Scam Emails; Verify Through Official Sites Only
Another day, another scam 🚨 SSA won’t email you a benefits PDF IRS won’t send account info as an attachment If you get one → delete it. Need info? Go straight to the official site and log in. https://t.co/ambNOfA6NZ
'From 16 Hours to Under 5 Minutes': How Gen AI Is Turning Fraud Into a $400B+ Global Industry — and...
Generative AI is slashing the time needed to craft fraud schemes from over 16 hours to under five minutes. The acceleration has helped push global financial losses past $400 billion in a single year, with two‑thirds of scams succeeding within a...
Instantly Generate Detection Rules From Any Source
If you missed this post, it’s a good read on a the ability to rapidly almost instantly push new detection capabilities or gaps within a monitoring environment. I developed a component of NightBeacon called Nexus Intelligence, it’s an agent where you...
Breach of Confidence – 27 March 2026
The security community faced a wave of incidents in late March, starting with the compromise of Trivy, a popular open‑source scanner, which turned a defensive tool into an attack vector. A separate breach of McKinsey’s AI platform exposed 22 unauthenticated...
![[Expired – Class Action Settlement] [Targeted, CA only] Patelco Credit Union $300 Checking Bonus](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://www.doctorofcredit.com/wp-content/uploads/2025/01/patelco-400.png)
[Expired – Class Action Settlement] [Targeted, CA only] Patelco Credit Union $300 Checking Bonus
Patelco Credit Union is offering a $400 new‑account bonus, split into $300 for opening a free or interest checking account, $50 for adding a Money Market account, and $50 for enrolling in the RoundUp savings feature. To earn the $300...
ShinyHunters Walk Away From BreachForums, Leak 300,000-User Database
The ShinyHunters hacker collective announced it is abandoning BreachForums, labeling the platform a waste of time after an FBI seizure in October 2025. Simultaneously, the group released a fresh dump containing data on more than 300,000 BreachForums users, including full...
AI‑SOC Tool Deconstructs Attacks, Slashes MTTR and False Positives
Here's a small taste of NightBeaconAI (our human driven but AI-SOC augmented solution I've built) @Binary_Defense - it has attack path deconstruction - can see every part of an attack chain with details on each part of it. Doesn't matter...
AI‑Powered Fraud Evolves Into Fast, Organized Threat
Fraud has scaled into an organized system driven by AI speed, complex deception methods, and limited response windows for institutions worldwide. https://t.co/daIf9K8o01
F5, Breached by an APT Last Year, Says BIG-IP APM Exploited
F5’s BIG‑IP Access Policy Manager (APM) vulnerability CVE‑2025‑53521 is being actively exploited, granting unauthenticated remote code execution. Attackers can disable SELinux, write in‑memory webshells, and seize control of authentication and VPN services used by Fortune 500 firms. The exploit follows a...
Panasonic Launches First Grid‑scale BESS Cybersecurity Monitoring Trial
Panasonic claims world’s first trial of cybersecurity monitoring for grid-scale BESS #energysky -- via pv magazine global: https://t.co/BPgKqiFdUD
Windows PCs Crash Three Times As Often As Macs, Report Says
Omnissa’s 2026 State of Digital Workspace report, based on global telemetry, finds Windows PCs crash 3.1 times more often than Macs and freeze 7.5 times more frequently. Windows devices are typically refreshed every three years, compared with five years for Macs, leading...
Anthropic’s Mythos Leak Is a Wake-Up Call: Phishing 3.0 Is Already Here
Anthropic’s accidental disclosure of its upcoming Claude Mythos model has ignited concerns about AI‑driven cyber threats, but the real alarm is that today’s publicly available generative AI already powers sophisticated phishing attacks. These models can scrape public data, mimic corporate tone,...
FBI Director Kash Patel and White House Instagram Hacked by Iran
The episode dives into recent Iranian cyber‑operations, focusing on the hack of FBI Director Kash Patel's personal email and the simultaneous breach of the White House's Instagram and X accounts. Host Dean Blundell reviews leaked photos and emails from Patel's...
US Puts $10M Bounty on Iranian IOControl Hackers
US offering $10 million for info on Iranian hackers behind IOControl malware | The Record from Recorded Future News https://t.co/2wnlp84kjx