Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Akamai Brand Guardian Detects and Removes AI-Driven Brand Impersonation
Akamai launched Brand Guardian, an AI‑driven evolution of its Brand Protector service, to automatically detect and remove fraudulent websites that impersonate brands. Scammers now use generative AI to create convincing fake digital assets in seconds, outpacing manual detection methods. Brand Guardian continuously monitors global internet traffic, prioritizes high‑value threats, and executes automated takedowns with 99.99% accuracy. The solution integrates into existing security workflows, giving security and legal teams real‑time visibility and faster response capabilities.
TP-Link Warns Users to Patch Critical Router Auth Bypass Flaw
TP‑Link released firmware updates fixing multiple critical flaws in its Archer NX series, including CVE‑2025‑15517, an authentication bypass that lets unauthenticated attackers upload firmware. The patch also removes a hard‑coded cryptographic key (CVE‑2025‑15605) and resolves two admin‑level command‑injection bugs (CVE‑2025‑15518, CVE‑2025‑15519)....
Njordium AI Blocks Fake Invoices and Fraudulent Payments
Njordium Cyber Group unveiled an AI‑driven Fraud Detection Module integrated into its new Vendor Management System, instantly flagging fake invoices, phantom services and abnormal pricing. The self‑learning engine extracts data from PDFs, OCR scans, Excel, XML and email, routing high‑confidence...
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Security firm Expel reported a surge in malicious Chrome extensions that silently capture users’ AI conversations, a practice dubbed “prompt poaching.” The extensions monitor open tabs, intercept API calls or scrape the DOM, then transmit prompts and responses to external...
Microsoft Hands Entra ID Users New Option for MFA
Microsoft has made External MFA for Entra ID generally available, leveraging the OpenID Connect standard to let organizations integrate third‑party MFA solutions while retaining Conditional Access controls. The feature appears as an external authentication method that admins can assign to...
U.S. Ban on Imported Consumer Routers Forces Domestic Sourcing for Network Hardware
U.S. regulators have announced a ban on the import of specific consumer routers, requiring manufacturers to source network hardware domestically. The move aims to tighten supply‑chain security and could ripple through the GovTech sector, affecting vendors, federal agencies and end...
FCC Adds All Foreign‑Made Consumer Routers to Covered List, Banning New Imports
The Federal Communications Commission placed every consumer‑grade Wi‑Fi router manufactured outside the United States on its Covered List, effectively banning the import and sale of new foreign‑made models. The move, driven by a national‑security determination, threatens the supply chain of...
Virtual Machines, Virtually Everywhere – and with Real Security Gaps
Virtual machines have become ubiquitous in multi‑cloud and hybrid environments, but their ease of provisioning has led to unchecked growth, known as VM sprawl. Organizations often leave idle or over‑privileged VMs running without updates or proper monitoring, creating blind spots...
Check Point Launches AI Defense Plane to Secure the Agentic Enterprise at Scale
Check Point unveiled its AI Defense Plane, a unified security control layer that safeguards the emerging agentic enterprise. The platform extends protection beyond model safety to runtime governance of AI applications, employee tools, and autonomous agents. Built on the company’s...
Codenotary Introduces AgentX for Autonomous Linux Infrastructure Security
Codenotary unveiled AgentX, an autonomous platform that uses coordinated AI agents to manage, secure, and protect large‑scale Linux infrastructure across cloud and on‑premises environments. The solution automates configuration reviews, policy enforcement, and remediation while preserving full administrator control through zero‑trust...
Saviynt Unveils Identity Security for AI Agents
Saviynt launched Saviynt Identity Security for AI, a platform that extends enterprise‑grade identity controls to autonomous AI agents. The solution addresses a reported 91% of enterprises facing blind risk from unmanaged agents by delivering continuous discovery, lifecycle governance, and real‑time...
Grameenphone Taps Mobileum to Address Rising 5G Security Threats
Mobileum has launched its AI‑driven risk management platform at Grameenphone, one of Bangladesh’s largest telecom operators. The solution is already cutting fraud exposure and improving customer experience on the carrier’s 5G network. Mobileum’s integrated suite combines roaming, security, testing, and...
Persistent Systems & Global Defense Leaders Advance Secure Multinational Networking
Persistent Systems hosted its third Technical Exchange Meeting, gathering over 400 Wave Relay MANET users from more than 20 nations to tackle secure multinational networking for defense. The two‑day event in Brooklyn emphasized a data‑centric architecture that enables allied forces...
Dutch Finance Ministry Investigates Data Breach in Internal Systems
On March 19, the Dutch Ministry of Finance detected unauthorized access to internal policy‑department systems after a third‑party flagged suspicious activity. The ministry quickly blocked the intrusion and took affected systems offline, while core citizen services such as tax, customs...
Drone‑Attack Drill Uncovers Critical Gap in U.S. Power Grid Defense
A North American Electric Reliability Corp. (NERC) simulation revealed that unmanned aircraft systems can breach critical power‑grid assets, prompting utilities and regulators to demand new detection and interdiction tools. The exercise underscores the urgency of aligning federal guidance with industry...
Cybersecurity Firms Begin Hiring AI Agents as Autonomous Analysts Amid Enterprise AI Surge
Leading cybersecurity vendors are deploying autonomous AI agents to act as analysts in security operations centers, mirroring broader enterprise AI adoption such as Braze's Agent Console launch. While firms keep specifics private, the move signals a shift toward AI‑driven threat...
WebAssembly Proposed as Safeguard for AI-Generated Code in Production
Dan Phillips, founder of WebAssembly Chicago, urged the DevOps community to adopt WebAssembly as a kernel‑free sandbox for AI‑generated code at the Wasm I/O conference in Barcelona. He argued that Wasm can isolate untrusted agent output more efficiently than containers,...
Ledger Researchers Reveal Method to Steal PINs and Crypto Keys From Powered‑Off Android Phones
Ledger’s Donjon team disclosed a vulnerability that lets attackers pull PINs, storage encryption keys and crypto‑wallet seed phrases from powered‑off Android phones. The flaw, present in roughly one‑quarter of Android devices that use MediaTek processors and Trustonic’s Trusted Execution Environment,...
Wearable Health Trackers Spark Privacy Outcry as Big Data Harvest Grows
Consumer groups and regulators warned that data from millions of smartwatches, period‑tracking apps and smart rings is being sold to advertisers and could be subpoenaed in criminal cases. The scrutiny comes as the U.S. smart‑ring market hits 2.6 million units in...
Agentic AI and the Future of Threat Intelligence Operations - Sachin Jade - RSAC26 #2
At RSA 2026, Cyware’s Chief Product Officer Sachin Jade unveiled the company’s Agentic Fabric, an AI‑driven platform that embeds specialized agents into threat‑intelligence, detection‑engineering, and response workflows. The discussion highlighted how raw threat data can be transformed into actionable insights through STIX/TAXII...
Bitcoin Security Under Scrutiny as Quantum Threat Looms and Developers Start Mitigation
A security report warned that Bitcoin’s elliptic‑curve cryptography could be vulnerable to future quantum computers, prompting core developers to begin post‑quantum mitigation work. The warning comes as Bitcoin rallied over 4% and the U.S. government’s $15 bn Bitcoin forfeiture draws renewed...
Your Domain Is the Security Foundation, Not a Card
Treating your domain name as just a digital business card is a massive security oversight. In reality, it is the bedrock of your Security Infrastructure. 🛡️ If your domain is compromised, everything else - your email, your SSL certificates, and your...
Security Evolves: From Cost Center to AI Enabler
Just dropped: Securing the Agentic Enterprise - my deep-dive post-platformization analysis of Palo Alto Networks' big RSAC 2026 moves. From chatbots to autonomous agents: security must evolve from cost center to business enabler. Prisma AIRS 3.0, secure browser, NGTS & unified...
Manage Vulnerability Noise at Scale with Auto-Dismiss Policies
GitLab has launched auto‑dismiss vulnerability policies that let security teams codify triage rules and apply them automatically on every default‑branch pipeline. By matching on file paths, directories or vulnerability identifiers (CVE/CWE), the system can dismiss up to 1,000 findings per...
Securing the Agentic Economy: Future of Finance Webinar
Excited to be joining Skyler Fox from @ProveIdentity to lead a webinar exploring the practical requirements for securing the agentic economy and what this means for the future of financial services. Register here: https://t.co/YLubCFXpnR @chyppings #agenticai #digitalidentity https://t.co/xeWxcrgXty
Thousands' Driver's Licenses Misused for Fake Delivery Accounts
Oh, it's far worse that what has been reported on thus far. There are thousands of Americans who have had pictures of their licenses used to create accounts across delivery apps.
Autonomous Cyberattacks Have Arrived, Defense Executives Say
Black‑hat groups have fully automated cyber‑attack capabilities using frontier AI models, a shift that outpaces current defense architectures, according to executives at the RSA Conference. These models can identify and weaponize unpatched software flaws, with a new wave expected within...
Beware: Fake DMs Claiming to Be Me—Report Them
⚠️ Heads up: if you get a DM from an account that looks like me, it isn’t me. I don’t DM followers or use alternate accounts. Please report it. Appreciate the help.
PTC Warns of Imminent Threat From Critical Windchill, FlexPLM RCE Bug
PTC has disclosed a critical remote‑code‑execution vulnerability (CVE‑2026‑4681) affecting its Windchill and FlexPLM product‑lifecycle‑management platforms. The flaw stems from unsafe deserialization of trusted data and impacts all supported versions, including every critical patch set. German federal police (BKA) have sent...
_imageBROKER.com_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
CSA Launches CSAI Foundation for AI Security
The Cloud Security Alliance unveiled CSAI, a new 501(c)3 nonprofit dedicated to AI security and safety, with a focus on governing the emerging "agentic control plane" that manages identity, authorization, and trust for autonomous AI agents. CSAI will run six...
Encrypted Frontier Models Enable Private, Monetizable Inference
I’m often asked about the possibility of using frontier models in an open source environment. I believe that one way or another, frontier companies will eventually adopt the same approach as @near_ai has to privacy, secure enclaves, and end-to-end encryption....
Google Releases 60‑control Checklist and Terraform for Cloud Security
346: Zuckerberg Finally Finds His People, They Are All AI Agents One does not simply walk into cloud security - but Google just published a 60-control checklist and some Terraform to help you try. Ryan loves it, but what does...
CTEM for Healthcare: A Guide to Continuous Threat Exposure Management
Continuous Threat Exposure Management (CTEM) is a Gartner‑originated framework that shifts healthcare cybersecurity from periodic, patch‑centric vulnerability programs to real‑time, threat‑informed risk mitigation. CrowdStrike’s field CTO Cristian Rodriguez highlights that CTEM correlates exposures with exploitability, adversary behavior, and business impact,...
US Mortgage Sued over Ransomware Attack
Former US Mortgage employee Richard Bernich filed a federal negligence lawsuit after the lender suffered a ransomware attack in May 2025 that compromised Social Security numbers, financial details and limited medical data of consumers and staff. US Mortgage, which originated...
Australia's Critical Infrastructure Security Laws "Toothless"
An independent review has labelled Australia’s Security of Critical Infrastructure (SoCI) Act “toothless,” arguing that its penalties are treated as a routine cost rather than a deterrent. The review urges a shift from paperwork‑centric compliance to a penalty‑based risk‑management regime...
Addressing Mobile Device Risks in Healthcare: Strategies for Better Security and Compliance
Mobile devices have become essential in healthcare, but attacks on Android devices have surged 244%, exposing critical vulnerabilities. A recent Imprivata survey shows 44% of organizations lack formal mobile device policies and 55% have no visibility into device usage. Without...
Supply-Chain Attacks Demand Isolated, AI-Driven Code
🚨 Supply chain attacks are the scariest threat in modern software. The LiteLLM compromise was an absolute nightmare scenario. The reality check: → A compromised update hit a package with 97M downloads a month → Grabbed SSH keys, database passwords, and API keys → Spread...
Post‑Quantum .NET Encryption Boosts Performance by Stripping Excess
Tonight was learning about post-quantum encryption in .Net & performance improvements by ditching ... well most everything 😆 https://t.co/LAUpVGDpiW
HPE Bolsters Hybrid Mesh Firewall Platform
Hewlett Packard Enterprise announced an upgrade to its hybrid mesh firewall portfolio, adding AI‑focused controls that surface usage of AI applications, block high‑risk AI sites, and filter keywords and file uploads. The enhancements unify policy enforcement across physical, virtual and...
Malware on Support PC Gave Hacker 24‑hour Network Access
A support agent's computer was infected with malware, giving a hacker 24 hours of play time inside Crunchyroll's network. https://t.co/tBl0LR3AdO
AWS Now Adds IDs to Security Group Rules
I thought there was a problem with the security group rules created by my bootstrap script initially but there was not. AWS added ids to security group rules which threw me for a loop in my tired state when I...
Popular AI Proxy LiteLLM Got Hacked with Malware that Spreads Through Kubernetes Clusters
Open‑source AI proxy library LiteLLM was compromised on PyPI, with versions 1.82.7 and 1.82.8 containing malware. The malicious code steals SSH keys, cloud credentials, database passwords, and Kubernetes configurations, encrypts them, and exfiltrates data to an external server while propagating...
Why Mac Users Should Pay More Attention to Malware Risks
Macs are shedding their reputation as malware‑free devices as Apple’s market share and remote‑work adoption surge. Cybercriminals now deploy adware, spyware, infostealers and trojans that exploit both technical flaws and human error. Social‑engineering attacks, pirated software and fake update prompts...
How Scammers Are Using the Iran Conflict to Try to Steal Your Money and Information
Scammers are exploiting the Iran conflict to launch impersonation, romance, and fake‑charity scams. They falsely claim fraudulent charges from Iran, pose as deployed military partners, or create bogus relief organizations to steal money and personal data. The Federal Trade Commission...
Windows 11 Security Update Fails: Why and What to Do
Stuck with a Security Update that's failing every time you try to install it on your Windows 11 PC? It's a widespread problem for PC owners. Here's what's going on and how to keep your PC safe in the meantime......
Understanding Wiz’s Approach to Securing the AI Supply Chain
The AI supply chain’s layered, multi‑cloud nature creates visibility gaps and unique vulnerabilities that traditional software‑security tools can’t fully address. Wiz proposes an AI‑CNAPP framework that unifies asset discovery, cloud‑posture management, workload protection, and continuous risk assessment across the entire...
Litellm Breach Pales Beside Worse AI Supply Chain Threats
the litellm compromise is bad… But you’d 🤮 if you’ve seen some of the stuff in the AI supply chain I’ve seen 🫠
All AI and Security Teams Need Transparent Data Pipelines
Organizations that rely on opaque AI data sources expose themselves to integrity risks, compliance gaps, and trust deficits. Without auditable pipelines, security teams cannot verify data quality, leading to hallucinations and regulatory violations such as under the EU AI Act....
Biometric Privacy Laws: What Your Business Needs to Know About Compliance
Employers increasingly use biometric technologies—fingerprint time clocks, facial recognition, and dash‑cam scanning—to boost security and efficiency. However, three states (Illinois, Texas, Washington) have enacted biometric privacy statutes that mandate employee notice, written consent, and strict data handling protocols. Illinois' Biometric...
Threat Handoffs Now Occur in Seconds, Not Hours
"In 2022, the median time between an initial access event and the hand-off to a secondary threat group was more than 8 hours. In 2025, that window collapsed to just 22 seconds." https://t.co/gjePO94A0N < important security data in this new...