Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Cyber‑Safety Book Series 'Byte Sized Lessons' Launches for Young Readers
Cybersecurity expert Dr. Rae Rivera has released the children's book series 'Byte Sized Lessons with Zola and Zena,' a playful guide that teaches kids how to spot phishing, create strong passwords and stay safe online. The series is now available worldwide through major booksellers, giving educators and parents a new tool for digital‑citizenship education.
Secure Tomorrow’s Data Centers with Platform Firmware Resiliency
The National Institute of Standards and Technology released SP800‑193, a framework for platform firmware resiliency (PFR) that guides data‑center operators in protecting, detecting, and recovering from firmware attacks. The standard distinguishes secured boot, which blocks untrusted code, from measured boot,...
BSidesSLC 2025 – LLM-Assisted Risk Management For Small Teams & Budgets
At BSidesSLC 2025, cloud architect Connor Turpin presented a framework for leveraging large‑language models (LLMs) to streamline risk management in security‑constrained environments. He demonstrated how open‑source LLMs can automate vulnerability triage, threat‑intel summarization, and ticket generation for teams with limited...
Skullcandy Taps Riskified for Fraud Prevention
Skullcandy partnered with Riskified via the Shopify app to overhaul its fraud‑prevention workflow. By adding a secondary review layer and recalibrating AI‑driven thresholds, the retailer cut its fraud‑decline rate to about 0.1% and kept chargebacks around 0.06% over 12 months....
GPT Can’t Trace an Attack Chain. A Purpose-Built Cybersecurity LLM Can.
Cybersecurity teams face a chronic talent gap, with 4.8 million positions unfilled and 71% of SOC analysts reporting burnout. General‑purpose LLMs like GPT‑4 can summarize alerts but fail to trace attack chains or correlate data across dozens of tools. Purpose‑built cybersecurity...
RSAC 2026: Sonar Shares Why Code Security Must Shift Before CI
At RSAC 2026, Sonar’s VP of Code Security Jeremy Katz warned that traditional CI/CD checkpoints are no longer sufficient as AI‑assisted, agent‑driven development accelerates code creation. He highlighted a critical gap: security must be applied before code reaches CI, with...
Biometrics Adoption, Inclusion Gains Depend on Bridging the Understanding Gap
Researchers from Hong Kong and Germany examined 22 older Chinese adults’ experiences with biometric payments, finding that convenience and perceived security drive adoption while fears of loss of control and data misuse hinder it. The study, slated for the 2026...
Gitleaks Creator Returns with Betterleaks, an Open Source Secrets Scanner for the Agentic Era
The creator of the popular secret‑scanning tool Gitleaks has launched Betterleaks, an open‑source scanner designed as a drop‑in replacement with faster performance and more flexible validation. Backed by AI‑focused security startup Aikido, Betterleaks swaps hard‑coded entropy checks for CEL‑based rules...
Single-Account Governance Led to $25M DeFi Exploit
$25 million stolen. In this episode of Uneasy Money, hosts @kaiynne, @tayvano_ & @LucaNetz are joined by @omeragoldberg to unpack the Resolv exploit and Aave v4 governance approval: 🤔 Why was the USR minting function governed by a single account? ⁉️ How did...
Ransomware Attack Totally Cripples Jackson County Sheriff’s Office in Indiana
A ransomware attack crippled the Jackson County Sheriff’s Office IT infrastructure last week. The breach likely began with a phishing email that delivered malicious code, which lay dormant before encrypting files and spreading laterally. The resulting total network outage forced...
FBI Confirms Theft of Director’s Personal Emails by Iran-Linked Hacking Group
The FBI confirmed that a hacking group tied to Iran's Ministry of Intelligence and Security, operating under the name Handala, breached the personal email account of FBI Director Kash Patel and leaked photos and routine correspondence from 2010 and 2019....
Cubs' VDX.tv Partner Faces Scrutiny Over Deep Fan Data Collection
The Chicago Cubs' partnership with VDX.tv, a sports streaming vendor, has come under fire for harvesting extensive fan data—including IP addresses, device identifiers, browsing behavior and location—through cookies that persist for up to 90 days. Privacy advocates warn the practice...
AI Security Concerns Intensify as Firms Expand Generative Tools and Face Regulatory Pushback
Google rolled out a Gemini feature that moves chats and personal data between bots, Meta announced a $10 billion AI data center in Texas, and a U.S. judge temporarily halted the Pentagon's blacklist of Anthropic. The three developments underscore mounting security...
Palantir Wins £360K FCA Pilot, Boosting Its Government‑Sector Credibility
Palantir Technologies has secured a 12‑week pilot with the UK Financial Conduct Authority worth more than £30,000 a week—about £360,000 ($460,000) in total. The deal gives the data‑analytics firm access to flag fraud, money‑laundering and insider‑trading activity, prompting praise from...
Anthropic’s ‘Mythos’ Model Leaked, Marking a Step‑Change in AI Power
Anthropic disclosed that its unreleased Claude Mythos model, described as a “step change” in AI performance, is being tested with early‑access customers after a Fortune‑reported data leak exposed internal documents. The leak also revealed a new model tier named Capybara,...
Pro-Iran Hackers Claim Breach of FBI Director’s Email
Pro‑Iran hacktivist group Handala announced it accessed FBI Director Kash Patel’s personal email and posted screenshots online. An insider familiar with the breach said the leaked material appears authentic, though the FBI maintains it contains only historical personal information and...
Robin Tombs Talks UK Digital ID with Trinsic as Yoti Passes 23M Global Downloads
Yoti, the reusable digital identity wallet founded in 2014, has now exceeded 23 million global downloads, including 7.8 million in the United Kingdom, with 5 million added in the past year. CEO Robin Tombs discussed the platform’s evolution on Trinsic’s Future of Identity...
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
WatchGuard researchers have uncovered a new BianLian ransomware campaign that distributes malicious SVG invoice images to companies in Venezuela. The SVG files hide XML code that silently contacts a shortened ja.cat URL, redirects through compromised Brazilian domains, and drops a...
AI Agents Are About to Overtake Cybersecurity — for Better, or Worse?
At RSAC 2026 the cybersecurity community warned that AI agents are moving from a defensive tool to a primary weapon for attackers. These autonomous agents can hijack identities, rewrite security policies and launch supply‑chain attacks at machine speed, outpacing traditional...
Microsoft Tells Crusty Old Kernel Drivers to Get with the Windows Hardware Compatibility Program
Microsoft will cease trusting kernel drivers signed through the long‑deprecated cross‑signed root program, requiring all drivers to be certified via the Windows Hardware Compatibility Program (WHCP). The change rolls out in an "evaluation mode" with the April 2026 Windows Update, allowing...
Persistent Hacktivist Activity and AI Integration Drive EMEA DDoS Activity
The second half of 2025 saw a surge in DDoS attacks across Europe, the Middle East and Africa, with 3.33 million incidents recorded, nearly double any other region. Hacktivist groups Keymous+ and NoName057(16) drove the majority of campaigns, targeting governments, financial...
Lawmakers Question VPN Impact on Americans' FISA Surveillance Protections
Senate and House Democrats sent a letter to DNI Tulsi Gabbard asking whether using virtual private networks could strip Americans of their heightened FISA protections. They argue VPNs obscure a user’s true location, potentially reclassifying U.S. persons as foreign targets...
Ditto Launches to Orchestrate Next Generation Identity with Cryptographic Certainty
Ditto, formerly Uniken, launched a privacy‑first digital identity platform that delivers cryptographic certainty for customer identity access management. The solution combines reusable digital wallets, zero‑knowledge proof verification, and strong authentication across devices, positioning it for compliance with eIDAS and the...
Apple Says No One Using Lockdown Mode Has Been Hacked with Spyware
Apple announced that, since introducing Lockdown Mode four years ago, it has not detected any successful mercenary spyware attacks on devices with the feature enabled. The company’s spokesperson confirmed there are no known breaches, echoing earlier claims and citing observations...
RSAC 2026: How Zscaler Is Securing the AI Ecosystem
At RSAC 2026 Zscaler unveiled an AI Security Suite that moves beyond point‑solution fixes to protect the entire AI ecosystem. The platform delivers an inventory of AI assets, applies zero‑trust controls to AI traffic, and automates lifecycle defenses such as...
SC Awards Winner: Best CTEM Solution - Reach Security - Garrett Hamilton - SCA26 #1
At RSAC 2026, Reach Security’s CEO Garrett Hamilton announced the company’s win of the SC Awards’ Best Continuous Threat Exposure Management (CTEM) Solution. The platform continuously identifies, prioritizes, and remediates real‑world risk by focusing on misconfigurations, configuration drift, and control‑level exposure...
Google Issues High-Risk Security Patch for 3.5 Billion Chrome Users: What You Need to Know
Google has deployed a high‑severity security update for Chrome, addressing eight critical vulnerabilities that impact roughly 3.5 billion users worldwide. The flaws span WebAudio, WebGL, WebGPU, font handling and FedCM, and are rated “High,” meaning they could enable code execution or...
March Rundown: RSAC Warnings and Arm's AGI CPU
At the RSA Conference (RSAC), industry leaders warned that autonomous AI agents are emerging as a significant cyber‑threat vector, demanding new safeguards from security teams. Speakers highlighted the dual role of AI as both an opportunity and a risk, urging...
Insufficient Source Data to Report on 'Internet Yiff Machine' Breach
The requested story about researchers accessing 93GB of anonymous crime tip data via the 'Internet Yiff Machine' hack cannot be verified because none of the provided sources contain information on this incident.
Strengthening Subsea Cable Security in the Indo-Pacific
The Center for Strategic and International Studies (CSIS) proposes a cooperative framework to bolster subsea cable security across the Indo‑Pacific, a region that now carries roughly 95% of global data traffic. Japan alone operates at least 20 landing stations, underscoring...
Google Sets 2029 Deadline for Quantum-Safe Cryptography
Google announced it will complete a post‑quantum cryptography (PQC) migration across its products and services by the end of 2029. The timeline aligns with NIST’s 2024 PQC standards, which the company is already using for internal rollouts. Google’s roadmap emphasizes...
Salesforce’s New Email Domain Verification Explained
Salesforce is mandating verification of any custom email domain used to send messages from its platform, effective with the Spring ’26 release. Administrators must configure either a DKIM key or an Authorized Email Domain record to prove ownership, or outbound...
European Commission Investigating Breach After Amazon Cloud Account Hack
The European Commission has opened an investigation after a threat actor gained access to at least one of its Amazon Web Services (AWS) accounts and allegedly exfiltrated more than 350 GB of employee data. AWS clarified that its infrastructure was not...
Android 17 to Introduce Quantum-Safe Architecture Based on NIST PQC Standards
Google announced that Android 17 will embed post‑quantum cryptography (PQC) based on the U.S. NIST standards, marking the first major mobile OS to adopt quantum‑safe algorithms at the system level. The company will begin beta testing later this year, covering key...
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
On 26 March the UK government announced sanctions against Xinbi, the region’s largest illicit cryptocurrency marketplace that moved roughly $19.7 billion in fraudulent funds. Xinbi, based in China, is tied to the #8 Park scam compound in Cambodia, which houses up to 20,000...
Free Open-Source AI App Hacker Beats $117M Startup
🚨 A startup got $117M to build an AI app hacker. An open-source alternative just dropped that does the exact same thing. It breaks into your app, steals your data, and hands you the fix. Now running directly in your CI/CD pipeline. 100% Free...
Systemd's Birthdate Storage Sparks Distro Privacy and Compliance Debate
Recent systemd updates store user birth dates for age verification, causing debate across Linux distros over legal compliance and privacy concerns. https://t.co/lWEa7CN3BT
Network Security Management Challenges and Best Practices
Enterprises are confronting AI‑enhanced ransomware, phishing and deep‑fake attacks that push average U.S. breach costs above $10 million. The 2025 IBM report shows AI and automation now shave roughly 80 days off breach detection times, highlighting the urgency of integrated network security...
Iran-Linked Hackers Breach FBI Director Kash Patel's Email
FBI Director Kash Patel's email breached by hackers linked to Iran, sour... https://t.co/CmeuUp2yiA via @YouTube
Democrats Question VPN Use Over Foreign Surveillance Risks
Six Democrats sent a letter to the Director of National Intelligence seeking clarity on whether using a commercial VPN could strip citizens of their privacy rights by exposing them to foreign surveillance laws. https://t.co/6Uq3Y7oKvv
Apple Says Customers Should ‘Update iOS to Protect Your iPhone From Web Attacks
Apple has issued an urgent advisory urging iPhone owners to update to the latest iOS version after identifying sophisticated web‑based attacks targeting older software. The company is rolling out critical background security patches that can be applied automatically on supported...
IOS 26.4 and iPadOS 26.4 Patch Numerous
A lot of security vulns addressed in this update About the security content of iOS 26.4 and iPadOS 26.4 - Apple Support https://t.co/R0oUJMKheX
Google Targets 2029 for Post‑quantum Authentication Rollout
Quantum cryptography now has a deadline. Google has announced that it has set 2029 as the year by which it will have migrated authentication services to post-quantum cryptography. Will it win the race to secure against quantum attacks before they...
Apple’s Lockdown Mode Remains Unbreached Spyware Shield
Apple’s Lockdown Mode feature is the best defense we have against spyware on iOS, macOS, watchOS, and iPadOS. Apple launched the feature four years ago and has not yet seen a device with Lockdown Mode on be compromised. https://t.co/0lF1BbEWZE
Apple Silently Patches iOS via Hidden Incremental Updates
Apple has been installing silent fixes on your devices. These fixes don't require an entire OS update, and they get same version # as previous whole update, but with (a) appended to version #. These silent fixes then get incorporated...
OneDrive’s Personal Vault Adds Biometric‑protected Storage
Microsoft OneDrive cloud storage is a cornerstone of the modern Windows experience, but did you know it includes a biometric secure storage area? Welcome to your Personal Vault... https://t.co/cee7hX96oT #onedrive #privacy #security https://t.co/2Ra5U1ULHP
AWS Adopts Quantum‑safe Crypto; Start Preparing Now
For those who are not yet worried about quantum cryptography…should start thinking about it. AWS already uses quantum safe cryptography in many of its services.
Attack Triggers only via Lithuanian‑registered iPhone Link
"the attack would be launched only if I would access the link using an iPhone registered in Lithuania"
Shared Observability Unites SOCs and DevOps Agents
SOCs and DevOps will need shared observability for agents: data access, tool calls, MCP interactions, and risk levels in one view. #Security #DevOps https://t.co/tRGwCPc4Mb
Europe May Soon Ban Foreign WiFi Routers
An #unthinkable scenario, but not impossible: What happens if UK or Europe follow the US and try to ban foreign WiFi routers? https://t.co/63TLrKcnki