Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
The Cost of Delaying Password Security for Businesses
Weak passwords cause 81% of data breaches, exposing businesses to costly fallout. Each password reset averages $70 and consumes 30% of IT staff time, amplifying operational expenses. Zoho Vault, included free with Zoho Workplace, provides centralized password management, strong generation, and compliance monitoring. Implementing such tools reduces breach risk, regulatory penalties, and employee fatigue.
Detectify Uncovers Hidden Assets and Risks Across Entire IP Ranges
Detectify has introduced IP Range Scanning, a service that continuously discovers and monitors entire CIDR blocks to surface forgotten assets and hidden risks. The tool goes beyond traditional domain‑focused scanners by detecting services on non‑standard ports and exposing high‑risk databases...
LiteLLM Python Package Compromised by Supply-Chain Attack
A malicious .pth file was discovered in the LiteLLM 1.82.8 wheel on PyPI, automatically executing a credential‑stealing script whenever the Python interpreter starts, without any import of the library. The payload gathers environment variables, SSH keys, cloud provider credentials, and...
3.1 Million Impacted by QualDerm Data Breach
QualDerm Partners disclosed that a December 2025 cyber‑attack compromised the personal, medical, and health‑insurance records of more than 3.1 million individuals. Attackers accessed the network for two days, exfiltrating data from a limited set of systems before the breach was detected...
AiStrike Launches Continuous Detection Engineering at RSA 2026
AiStrike unveiled Continuous Detection Engineering at RSA 2026, a platform that shifts security operations from reactive alert triage to proactive, detection‑as‑code optimization. The solution claims up to a 90% reduction in alert noise by continuously validating and refining detection rules...
Ghost Campaign Uses 7 Npm Packages to Steal Crypto Wallets and Credentials
Security researchers have identified a new "Ghost" campaign that distributes seven malicious npm packages under the author name mikilanjillo. The packages masquerade as popular React utilities and AI trading tools, prompting developers to enter their sudo password during a fabricated...
Xona Targets Real-Time Threat Response in OT Remote Access
Xona Systems unveiled an Active Defense capability that automatically reacts to suspicious behavior during OT remote‑access sessions. The feature links detection platforms to session‑level enforcement, enabling actions such as step‑up authentication, access limitation, or session termination in real time. Initially,...
32% of Top-Exploited Vulnerabilities Are over a Decade Old
Cisco Talos’s 2025 Year in Review shows exploitation timelines are compressing: newly disclosed flaws like React2Shell are weaponized within weeks, while 32% of the top‑targeted vulnerabilities are over a decade old, exemplified by the lingering abuse of Log4Shell. Attackers favor...
Coro Expands AI-Driven Security Ops, Automates 92% of Alerts
Coro announced expanded AI‑driven security operations that automate the full detection‑to‑remediation lifecycle. Over the past year the platform automatically handled 92.3% of security tickets worldwide, moving beyond alerting to real‑time response. New features include automated triage, SOC‑level response actions, and...
How Potentially Unwanted Programs Affect Healthcare Data Privacy and Compliance
Healthcare’s rapid digitization has expanded electronic health records, cloud services, and connected devices, but it also widens the attack surface for potentially unwanted programs (PUPs). These low‑profile applications often arrive through bundled installers or browser extensions, silently collecting and transmitting...
No Successful Hacking of eGov App Despite 1,000 Daily Attempts — DICT
The Department of Information and Communications Technology (DICT) reported that its eGov mobile app has withstood over 1,000 daily cyber‑attack attempts, including spikes of 5,000‑6,000 attempts, without any successful breach. Officials attribute this resilience to multiple security layers, full‑data encryption,...
Microsoft Details AI Prompt Abuse Techniques Targeting AI Assistants
Microsoft released a detailed guide on AI prompt abuse, outlining how crafted inputs can manipulate large language models to bypass safety controls and expose sensitive data. The guide categorizes attacks into direct prompt overrides, extractive abuse, and indirect injection via...
Aging Grid Threatens Security Amid Weather, Cyber Risks
JPMorgan Chase & Co. says aging, run-down grid infrastructure now risks undermining security goals, with everything from extreme weather to cyberattacks posing a growing threat. https://t.co/7x2Dguwv4W
Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
Citrix has issued emergency patches for a critical‑severity vulnerability, CVE‑2026‑3055 (CVSS 9.3), that enables an out‑of‑bounds read and sensitive memory leak in NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider. The update also fixes CVE‑2026‑4368, a high‑severity...
Launch of NetRise Provenance Reveals Who and What Are Behind Open Source, And How Risk Propagates Through the Supply Chain
NetRise, a software supply‑chain security firm, launched NetRise Provenance, a product that links open‑source components to their maintainers and assesses contributor risk across enterprise portfolios. The solution enriches SBOMs with provenance data, offering a policy engine that can automatically block...
US Flags Foreign‑Made Routers as Security Threat
US authorities have turned their attention to routers made outside the US, suggesting they're a national security risk. https://t.co/FxRBqkwa6x
Asia Daily: March 24, 2026
Hong Kong amended its national security law, granting police authority to demand passwords and decryption tools, with up to one year in jail for refusal. A U.S. report warns that retirements and a steep drop in students studying China will...
Infobip Bolsters Fraud Protection for Enterprises with T-Mobile Network API Offerings
Infobip has partnered with T‑Mobile to embed the carrier’s network APIs into its AI‑first cloud communications platform, creating a unified solution for enterprise fraud protection. The integration leverages CAMARA Open Gateway standards, allowing developers to verify device possession and authenticate...
From AI Firewalls to Ethical Hackers: NS and Alstom on Cybersecurity
Dutch Railways (NS) is scaling its cyber defenses, now employing 140 specialists and allocating roughly $545 million to IT security. The firm runs a Red Team of ethical hackers and has deployed an AI‑powered firewall that monitors train‑level IP traffic. NS...
ITDR Won’t Save You if You Can’t Recover – Quest Research
Quest’s State of ITDR 2026 research reveals that while financial institutions have heavily invested in identity threat prevention and detection, recovery capabilities remain a critical gap. Nearly 80% of organisations lack adequate tooling to restore identity infrastructure, with 24% never...
Akamai Updates Guardicore Segmentation with AI to Automate Zero-Trust Policy Enforcement
Akamai Technologies unveiled AI‑enhanced capabilities for its Guardicore Segmentation platform, targeting zero‑trust enforcement in hybrid and multicloud environments. The new features continuously discover application behavior, automatically generate enforcement‑ready policies, and simulate impact before rollout. Proof‑driven enforcement and delegated owner workflows...
Operator of X Denies Japan Gov't Request to Extend Data Retention Period
The Japanese Ministry of Internal Affairs and Communications asked X Corp. to extend its data‑retention window for communication logs to three‑to‑six months to aid defamation investigations. X declined, saying its internal standard of one to two months would become costly...
Globe Turns over IMSI Catcher Detectors over to the NTC, CICC, CIDG to Help Fight Mobile Scams
Globe has transferred IMSI catcher detectors to the Philippines’ National Telecommunications Commission, the Cybercrime Investigation and Coordinating Center, and the Criminal Investigation and Detection Group to strengthen the fight against mobile scams. The detectors enable real‑time identification and location of...
Security Researchers Are in the Last-Chance Saloon to Save Their Jobs From AI
At the BSides security conference in San Francisco, former HackerOne chief policy officer Katie Moussouris warned that AI‑driven automation threatens the jobs of security researchers. She stressed that vulnerability detection still relies on human intuition and expertise. Moussouris, who launched...
Ronald Stein: Security Experts Concerned on Potential Harm of EV Batteries
Cybersecurity and national‑security experts are warning that electric‑vehicle lithium‑ion batteries could be weaponized in terrorist attacks or insider sabotage. The concern stems from the inherent fire and explosion risks of battery chemistry, amplified by the recent Moss Landing plant fire...
Half of Security Leaders Unready for AI Attacks, 59% UK Firms Can't Shut Down AI Quickly
A new EY survey of 500+ security executives reveals just 46% feel strongly confident defending against AI‑enabled attacks, and 67% are still in pilot mode. Meanwhile, ISACA research shows 59% of UK businesses cannot quickly halt an AI system in...
Liminal Custody and Securosys Unveil MPC‑Based HSM Vaults for Institutional Crypto Custody
Liminal Custody and Swiss security firm Securosys announced the Liminal HSM Vaults, an institutional‑grade custody platform that blends multi‑party computation with certified hardware security modules. The solution targets banks, custodians and fintechs seeking FIPS‑level protection and policy‑driven authorization for digital‑asset...
Resolv Labs Hack Mints $80 Million USR Stablecoins, Triggers 80% De‑peg
Resolv Labs' USR stablecoin was compromised when a hacker accessed a privileged off‑chain key, minted roughly $80 million worth of unbacked tokens and extracted $25 million in ETH. The flood of USR drove the peg down to as low as $0.025, sparking...
Banks Urged to 'Shift Left' To Fight Elder Fraud
Elder financial exploitation cost U.S. seniors $4.9 billion in 2024, prompting banks and credit unions to adopt a “shift left” strategy that intervenes earlier in the fraud kill chain. Speakers at RSAC 2026 urged financial institutions to break down cyber‑fraud silos,...
The Dark Reality of Meta’s AI Glasses for Women
Meta’s AI‑enabled smart glasses are being marketed as hands‑free wearables, but women report being filmed without consent as the discreet camera and coverable LED indicator enable covert recording. Victims say videos are uploaded to social platforms, drawing abusive commentary and...
Dutch Finance Ministry Hit By Hack
The Dutch Finance Ministry restricted access to several computer systems after detecting a hack on March 19. The intrusion affected internal processes in the policy department but left tax, customs and benefits services uninterrupted. Officials attribute the attack to the ShinyHunters...
7 Safeguards for Observable AI Agents
Enterprises are moving AI agents from pilots to production, prompting DevOps teams to adopt observability practices that capture every interaction. Experts outline seven safeguards, starting with clear success criteria and operational governance, then defining the exact data to track—prompts, model...
Better Safe Than Sorry: A Gold-Standard Approach To Cybersecurity
Cypress‑Fairbanks ISD, one of Texas’s largest districts, earned the Trusted Learning Environment (TLE) certification, joining only eight other districts statewide. The district instituted a dedicated staff role to oversee vendor data‑privacy agreements and leverages the Student Data Privacy Consortium and...
CIS Signs Strategic Collaboration Agreement with AWS to Advance CIS Hardened Images
The Center for Internet Security (CIS) has signed a strategic collaboration agreement with Amazon Web Services (AWS) to broaden the reach of CIS Hardened Images, pre‑configured virtual machine templates aligned with CIS Benchmarks. The partnership deepens a 25‑year relationship, embedding...
In 7 Months, 90% of Americans Will Vote on Easily Hackable Machines That Leave No Evidence of Tampering
In January 2024, Princeton researcher J. Alex Halderman demonstrated in federal court that a Dominion voting machine could be hijacked using a ballpoint pen, a $20 card reader and a $30 homemade smart card, exposing a vulnerability that leaves no...
Anvilogic Launches Agentic Workflow Automation for AI SOC
Anvilogic unveiled Blueprints, an agentic workflow automation layer for its AI‑SOC platform, at RSA 2026. The feature lets senior analysts capture their investigative methods in natural language and deploy reusable AI‑driven playbooks within a day. By running on the Enterprise Security...
Exein Unveils Next-Generation Runtime Security to Protect the AI-Native World
Exein introduced Photon, a kernel‑level runtime security platform that blocks malicious code before it executes, targeting AI‑native environments such as IoT, edge, and autonomous systems. By moving protection from user‑space detection to pre‑emptive kernel enforcement, Photon eliminates attack windows and...
BBB National Programs Backs CBPR 2.0
BBB National Programs praised the Global Cross‑Border Privacy Rules Forum for finalizing CBPR 2.0, a major update that tightens consumer data protections and accountability in cross‑border transfers. The revision adds stronger safeguards for sensitive and children’s data, a “Preventing Harm” principle,...
Gcore Radar Report Reveals 150% Surge in DDoS Attacks Year-on-Year
Gcore’s Q3‑Q4 2025 Radar report shows a 150% year‑on‑year jump in DDoS incidents, with attack counts climbing to 1.3 million in Q4 2025. Peak traffic surged to 12 Tbps, a six‑fold rise over the previous year, while network‑layer attacks now represent 82% of all...
Channel Partners Are Sleepwalking Into an AI Code Generation Trap
Managed Service Providers are being asked to deliver full AI‑enhanced development stacks, but rapid adoption of AI code generators introduces hidden security risks. Studies show nearly half of AI‑generated code snippets contain vulnerabilities and 67% of organizations fail to assess...
RSAC 2026: ZeroTier Launches ZeroTier Quantum, the World’s First End-to-End Quantum-Secure Networking Platform
ZeroTier announced ZeroTier Quantum at RSAC 2026, positioning it as the world’s first end‑to‑end quantum‑secure software‑defined networking platform. The solution meets the highest NIST and NSA CNSA 2.0 post‑quantum standards and promises on‑wire, data‑center‑level speeds. Built on a Rust‑based ZeroTier Transport...
Cybercriminals Have Open Access to Enterprise PCs 76 Days Per Year, According to New Research From Absolute Security
Absolute Security’s 2026 Resilience Risk Index reveals that endpoint security software fails to protect devices about 21% of the time, leaving enterprise PCs exposed for an average of 76 days per year. The report highlights a 127‑day average lag in...
#276 Why Information Security Is Now a CFO Responsibility, Howard Francioni, Lead Auditor, Akton Boundrie Group
In this episode, host Kevin Appleby talks with Howard Francioni, a lead auditor at Akton Boundrie Group, about why information security is now a core responsibility for CFOs. They discuss the real‑world impact of cyber incidents—such as the Jaguar Land...
SA’s Digital Economy Is Booming – but so Is the Fraud that Comes with It
South Africa’s digital economy is expanding rapidly, but telecom‑linked fraud is surging, costing the country roughly R5.3 billion (about $286 million) each year. SIM‑swap attacks now account for nearly 60% of mobile‑banking fraud, and digital banking losses jumped 74% in 2024 to...
The AI Efficacy Asymmetry Problem
Over the past 18 months AI labs have released protocols and models—Anthropic’s Model Context Protocol and Claude Opus 4.6—that let large language models interact directly with browsers, APIs and command‑line tools, turning them into autonomous agents. Both attackers and defenders have integrated...
Safe AI Adoption Rests on Cybersecurity Professionals, Says RSAC Chairman
RSAC executive chairman Hugh Thompson warned that safe AI adoption hinges on cybersecurity professionals. He highlighted AI's dual role—enhancing threat detection while empowering malicious actors, citing Kaseya data that 83% of phishing emails now use AI and 40% of business...
Strava Data Leak Reveals French Aircraft Carrier Charles De Gaulle's Location
A French naval officer uploaded a 35‑minute run on the deck of the aircraft carrier Charles de Gaulle to Strava, unintentionally broadcasting the ship's location in the eastern Mediterranean. The incident spotlights how public fitness tracking can compromise military security...
Democratic Senators Push Meta to Halt Smart‑Glass Data Collection, Citing Privacy Risks
Senators Ron Wyden, Ed Markey and Jeff Merkley sent an open letter to Meta CEO Mark Zuckerberg demanding a review of the Ray‑Ban Meta smart‑glass program, citing its ability to capture video and feed AI models. The request comes as...
Qualys Unveils Agent Val, First AI Agent for Safe Exploit Validation and Autonomous Remediation
Qualys, Inc. launched Agent Val, the industry’s first AI agent that safely validates exploits and automates remediation within its Enterprise TruRisk Management platform. The tool targets a 6.5‑fold rise in exploited vulnerabilities and aims to shrink the average window of...
FBI, CISA Warn Russian Hackers Hijacked Thousands of Signal Accounts
The FBI and the Cybersecurity and Infrastructure Security Agency issued a joint public service announcement warning that Russian intelligence‑linked hackers have launched a large‑scale phishing campaign against Signal and other commercial messaging apps. The operation has already resulted in unauthorized...