Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector
Poland recorded a dramatic rise in cyber activity in 2025, logging roughly 270,000 attacks—2.5 times more than the previous year. The most serious incident was a destructive infiltration of a combined heat‑and‑power plant on Dec. 29, affecting services for about 500,000 customers. Authorities linked the attack to Russian‑aligned groups, notably Dragonfly and Sandworm, marking the first known destructive energy cyber‑attack among NATO members. The government under Prime Minister Donald Tusk is accelerating cyber‑defense measures in response to the heightened threat.
OVHcloud Founder Denies Massive 590TB Data Breach Claims
OVHcloud founder Octave Klaba denied a purported 590 TB data breach alleged by a user on BreachForums. The poster claimed to have exfiltrated data from 1.6 million OVH Fresh customers and up to 6 million active websites, yet only supplied a trivial email‑and‑phone sample....
Synthetic Data Keeps Customer Info Safe From Frontier AI
Most of these AI solutions right now for the cybersecurity industry are utilizing frontier models. That should scare a lot of folks - customer data going into extremely new technology platforms that they literally state their new models, features/functionality are...
Cyber Pros Must Grasp the Vibe Coding Nettle, Says NCSC Chief
National Cyber Security Centre chief Richard Horne warned that AI‑enhanced software generation, dubbed “vibe coding,” must be secured before it becomes mainstream. He argued that while insecure AI‑generated code could spread vulnerabilities, well‑trained models could produce secure‑by‑design software, reshaping development....
Securing UALink in AI Clusters with UALinkSec-Compliant IP
Synopsys announced the UALinkSec_200 Security Module, the first hardware implementation that complies with the UALink 200 G specification’s security framework. The module provides end‑to‑end AES‑GCM encryption and authentication at the full 200 GT/s lane rate, integrating with Synopsys’ UALink controller IP and...
Internet-Exposed EoL Microsoft IIS Servers Remain Prevalent
More than 511,000 Microsoft Internet Information Services (IIS) servers that have reached end‑of‑life remain exposed on the public internet, according to the Shadowserver Foundation. Nearly half of these servers have outlived Microsoft’s Extended Security Updates window, leaving them unpatched and...
NightBeacon AI Detects Phishing in Seconds, Automates Response
NightBeacon AI today identified an insanely cool phishing email attack that showed up on GTI/other sources as benign/non malicious. How it worked: NightBeacon determined the tonality was creating urgency (key indication of social engineering), it looks for any URLs, it went...
Even Supposedly Secure Systems Face Unauthorized Third‑party Integration Risks
This has earth-shattering implications for systems that thought they were immune from unauthorized 3rd-party integrations.
Attack Handoff Times Plummet, Exploits Remain Leading Attack Vector
The median time for attackers to hand off compromised networks fell dramatically to just 22 seconds in 2025, down from over eight hours in 2022, driven by tighter coordination and automation. Exploits continued to dominate initial infection, with CVE‑2025‑31324, CVE‑2025‑61882...
Italy Mandates Cybersecurity for Large Solar Installations
Italian solar sector gears up for cybersecurity regulations on PV systems over 100 kW #energysky -- via pv magazine global: https://t.co/uHG0ChzaJN
AT&T, Ericsson Call for 5G Network Security Rethink
AT&T and Ericsson have released a joint security blueprint that outlines how 5G networks—and the forthcoming 6G era—should be protected against AI‑driven threats, open‑architecture risks, and future quantum attacks. The paper advocates a collective, ecosystem‑wide approach, urging vendors, operators and...
Over 800 OpenClaw Skills Flagged as Malware
Digging into the latest thinking from @Google Security. One comment... there are >800 skills in #OpenClaw that are known malware. #CIO #CISO #RSAC #AI #Cybersecurity https://t.co/AqDeTBCXdm
Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and From the Internet
A critical Azure API Management (APIM) flaw lets attackers bypass the "disable signup" toggle and create accounts anonymously. Praetorian’s research shows 97.9% of internet‑facing Developer Portals still accept signup requests, exposing valid API keys and backend data. The vulnerability stems...
Credit Card Fraud Surging: Why You Should Freeze Your Credit
Credit card and identity fraud are accelerating, with the FTC reporting 503,450 credit‑card fraud cases and 379,898 other identity‑theft incidents in the first three quarters of 2025. A Pew Research Center survey finds 73% of U.S. adults have encountered an...
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
Silver Fox, a cyber intrusion group, shifted its tactics from 2025 to early 2026, blending espionage with financially motivated crime. The campaigns targeted finance staff across Taiwan, Japan, and eight South Asian nations using tax‑authority phishing lures. Attack vectors progressed...
Google Brings AI-Powered Dark Web Analysis to Enterprise Security Teams
Google Cloud announced at RSA 2026 an AI‑driven agent called “Triage and Investigation” within its Security Operations platform, automating alert review and reducing false positives for SOC analysts. The same rollout includes an AI‑powered dark‑web analysis tool that sifts through...
Strengthen Cyber Resilience by Shifting to a Modern DR Model
Enterprises are moving away from the legacy Share tier disaster‑recovery model toward a workload‑first framework that groups applications into three recovery classes—basic, prioritized, and assured cyber recovery. The new approach emphasizes rapid restoration to a trusted state after ransomware, AI‑driven...
Risk-Based Security Is Reshaping the Channel Playbook
The managed services industry is moving from reactive ticket‑based support to proactive, risk‑based security models. Clients now demand continuous risk assessments, governance programs aligned with NIST CSF 2.0, ISO 27001 and SOC 2, and measurable outcomes that tie cyber risk to business performance....
Sumo Logic Extends SOC Analyst Agents to Enhance Threat Detection, Investigation, and Response
Sumo Logic announced an expanded suite of AI‑driven SOC Analyst Agents designed to move security operations from pure detection to actionable recommendation. The Dojo AI platform now offers a preview SOC Analyst Agent that suggests next‑best actions with explainable reasoning,...
This Microsoft Security Team Stress-Tests AI for Its Worst-Case Scenarios
Microsoft’s AI Red Team, operating since 2018, rigorously stress‑tests new artificial‑intelligence models before they reach customers. The group simulates attacks ranging from prompt‑jamming to code generation, probing whether systems can be coaxed into producing malicious outputs or aiding cyber‑crime. In...
MoltbookThreat Modeling Report
The report applies the CSA MAESTRO framework to dissect security flaws in the Moltbook forum and OpenClaw AI‑agent ecosystem. It documents a rapid surge to 1.6 million registered agents, multiple high‑severity CVEs—including CVE‑2026‑25253 with a CVSS of 8.8—and a massive data leak...
Treasury Asks Whether Terrorism Risk Insurance Program Should Bolster Cyber Coverage
The U.S. Treasury Department has opened a public comment period to consider expanding the Terrorism Risk Insurance Program (TRIP) to cover cyber‑related losses stemming from acts of terrorism. The agency will incorporate feedback into a mandatory report to Congress due...
Quantum-Resistant Cryptography Breakthrough: The Race to Secure Our Digital Future
Researchers at the Global Quantum Security Institute unveiled ShieldQ, a new lattice‑based cryptographic algorithm designed to resist attacks from both classical and quantum computers. The open‑source solution promises only a 15% performance overhead, making it viable for existing financial, cloud...
The AI Safety Conversation Is Focused on the Wrong Layer
Enterprises are grappling with fragmented identity systems that were designed for human users, but AI agents operate at machine speed, exposing critical security gaps. Ev Kontsevoy, CEO of Teleport, argues that the real problem is the lack of a unified...
Databricks Leverages Anthropic AI to Enter Cybersecurity
Databricks enters cybersecurity... with Anthropic's models inside. The company that stores data now wants to secure it too. The incumbents prepared for AI entering the market.... less clear they're prepared for the data vendor thats already inside the building Sitting down w...
Why a Secure Industrial Supply Chain Depends on Layered AI
Industrial supply chains are increasingly exposed to AI‑driven cyber threats that bypass traditional perimeter defenses. Vendors, OT devices, and cloud services now intersect, creating a unified attack surface where a single compromised credential can cascade across production, logistics, and revenue...
News: AI-Native Security Assurance Leads the GRC Transformation
TrustCloud unveiled an AI‑native Security Assurance Platform that replaces legacy GRC tools with continuous, automated risk monitoring. The solution delivers live control signals, connected data and AI‑driven automation, giving CISOs real‑time visibility and credible reporting. Early adopters report up to...
Huntress Brings ITDR to Google Workspace as Identity Attacks Surge
Huntress announced the extension of its Managed Identity Threat Detection and Response (ITDR) solution to Google Workspace at RSA Conference, joining its existing coverage of Microsoft 365. The company now protects more than 10 million Microsoft 365 identities across 93,000 organizations,...
KnowBe4 Expands AIDA to Eight AI Agents at RSAC 2026, Targeting Fully Autonomous Human Risk Management
KnowBe4 unveiled an expanded AIDA suite with eight AI agents at RSAC 2026, including the fully autonomous AIDA Orchestration Agent that creates and manages personalized training and phishing simulations. The Orchestration Agent reportedly cuts users’ risk scores by nearly threefold versus...
Utimaco Survey: 78% of US Companies Say Data Breaches Are the Top GenAI Risk, But Most Haven’t Acted
Utimaco’s 2026 Digital Trust Report, based on a 250‑company survey, finds that 78% of U.S. enterprises view data breaches as the greatest generative AI risk, while 57% have yet to deploy any safeguards. Intellectual‑property theft ranks a close second, and...
SVG New Sponsor Spotlight: Verimatrix’s Juan Martinez on Safeguarding Live Sports Content
Verimatrix, a security firm with over 400 customers and 200 engineers, is positioning itself as a global leader in anti‑piracy technology for live sports. In a new SVG Sponsor Spotlight, VP of Product Management Juan Martinez explains that the time‑sensitive...
Former Ukrainian Foreign Minister Dmytro Kuleba to Address the New Cyber Frontline at Infosecurity Europe
Infosecurity Europe will feature former Ukrainian foreign minister Dmytro Kuleba as the headline keynote at its June 2‑4, 2026 conference in London. Kuleba will discuss “Ukraine’s Hybrid War and the New Cyber Frontline,” sharing lessons from Russia’s coordinated cyber‑attacks and the shift...
Mimecast Expands Incydr with Runtime Data Security for AI and Human Risk
Mimecast announced a major upgrade to its Incydr platform, adding runtime data security that monitors both human users and AI agents across endpoints, browsers, SaaS apps, and email. The new features provide unified visibility, shadow‑AI detection, adaptive risk scoring and...
New Lumu Defender Capabilities Provide Visibility Beyond the Network
Lumu announced major upgrades to its Lumu Defender NDR platform, extending its Continuous Compromise Assessment beyond the network to endpoints, cloud workloads, and user identities. The enhanced solution now correlates malicious network traffic with specific devices, accounts, and cloud services,...
Vigil: The First Open-Source AI SOC Built with a LLM-Native Architecture
Vigil, launched at RSA Conference 2026, is the first open‑source AI‑driven Security Operations Center built on a native LLM architecture. It ships under an Apache 2.0 license with 13 specialized AI agents, more than 30 integrations and over 7,200 detection rules...
Inverter Cyber Attacks Surge Amid Expanding Solar Threats
Solar cyber threats expand, but inverters still stay in the crosshairs #energysky -- via pv magazine usa: https://t.co/zoWwiHb0Db
Databricks Enters Cybersecurity Market with Lakewatch Launch, Bulking up Ahead of IPO
Databricks is entering the cybersecurity arena with Lakewatch, an AI‑powered security‑information‑and‑event‑management (SIEM) platform that leverages large language models to automate threat detection. Early adopters such as Adobe, National Australia Bank and Anthropic are already using the service, which is priced...
How a Large Bank Uses AI Digital Twins for Threat Hunting
JPMorgan Chase is deploying an AI‑driven system that creates digital fingerprints and digital twins to monitor employee and AI‑agent behavior across its global workforce. The technology flags anomalous actions, rates their malicious potential, and contextualizes them against external events, aiming...
CyberProof Unveils Reveal360 Hub for Security and Business Outcomes
CyberProof, a UST company, launched CDC Reveal360, a centralized visibility hub that consolidates threat, exposure, defense, and asset data into role‑specific workspaces. The platform delivers continuous insights into security posture, service performance, and operational outcomes for CISOs, security managers, and...
The Scrapers At MyChart's Gate
Fan Pier Labs released an open‑source MyChart connector that automates login, 2FA, and exposes 35+ tools to read and write patient data via the web UI. Unlike official FHIR APIs, it can perform any action a patient can, including messaging providers and...
Delve Halts Demos After Fake‑Certification Scandal, Insight Partners Pulls Funding
Compliance startup Delve has suspended all product demonstrations after a scandal involving fabricated certifications. Insight Partners, a key backer, has withdrawn its investment, underscoring governance risks in Y‑Combinator‑backed B2B SaaS companies.
Novee Introduces Autonomous AI Red Teaming to Hunt LLM Vulnerabilities
Novee unveiled an autonomous AI red‑team agent designed to probe large language model (LLM) applications for security flaws. The platform continuously simulates sophisticated attack scenarios such as prompt injection, jailbreaks, and data exfiltration, delivering detailed vulnerability assessments and remediation guidance....
Barracuda Expands BarracudaONE Platform and Overhauls Partner Success Program
Barracuda Networks announced a major upgrade to its BarracudaONE platform, adding enhanced email protection for Google Workspace, a broadened SecureEdge Access solution that bundles SASE, zero‑trust, and AI policy controls, and a new AI Security layer that monitors generative‑AI usage...
F5 and Forcepoint Partner to Secure AI Across Data and Runtime Lifecycle
F5 and Forcepoint announced a partnership to secure AI throughout its data and runtime lifecycle. The joint solution merges Forcepoint’s AI‑native data discovery and classification with F5’s AI Red Team and Guardrails features. It enables real‑time vulnerability detection, policy enforcement,...
How to Master Multi-Source Intelligence with AI Agents
Swimlane’s Hero AI Threat Intelligence Agent tackles the long‑standing threat‑intelligence correlation problem by automatically aggregating data from multiple feeds—VirusTotal, Recorded Future, Cisco Umbrella, and others—and synthesizing a single, explainable assessment. The agent applies a reasoning engine that weighs source reliability,...
The Cost of Delaying Password Security for Businesses
Weak passwords cause 81% of data breaches, exposing businesses to costly fallout. Each password reset averages $70 and consumes 30% of IT staff time, amplifying operational expenses. Zoho Vault, included free with Zoho Workplace, provides centralized password management, strong generation,...
Detectify Uncovers Hidden Assets and Risks Across Entire IP Ranges
Detectify has introduced IP Range Scanning, a service that continuously discovers and monitors entire CIDR blocks to surface forgotten assets and hidden risks. The tool goes beyond traditional domain‑focused scanners by detecting services on non‑standard ports and exposing high‑risk databases...
LiteLLM Python Package Compromised by Supply-Chain Attack
A malicious .pth file was discovered in the LiteLLM 1.82.8 wheel on PyPI, automatically executing a credential‑stealing script whenever the Python interpreter starts, without any import of the library. The payload gathers environment variables, SSH keys, cloud provider credentials, and...
3.1 Million Impacted by QualDerm Data Breach
QualDerm Partners disclosed that a December 2025 cyber‑attack compromised the personal, medical, and health‑insurance records of more than 3.1 million individuals. Attackers accessed the network for two days, exfiltrating data from a limited set of systems before the breach was detected...
Ghost Campaign Uses 7 Npm Packages to Steal Crypto Wallets and Credentials
Security researchers have identified a new "Ghost" campaign that distributes seven malicious npm packages under the author name mikilanjillo. The packages masquerade as popular React utilities and AI trading tools, prompting developers to enter their sudo password during a fabricated...