Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Coralogix and Skyflow Redefine Privacy-Safe Observability for the AI Era
Coralogix and Skyflow announced a strategic partnership that introduces privacy‑safe observability for AI‑driven operations. The solution replaces sensitive customer data in logs with consistent, privacy‑preserving tokens, maintaining searchability, correlation, and AI analysis while keeping the raw data governed and isolated. It also integrates with Coralogix’s regional deployment capabilities to meet data residency and sovereignty requirements. The approach eliminates the traditional redaction trade‑off, enabling compliance without sacrificing operational effectiveness.
Your AI Agents Are Moving Sensitive Data. Do You Know Where?
In a Help Net Security interview, Bonfy.AI CEO Gidi Cohen warns that the greatest threat from autonomous AI agents is data‑layer risk, not traditional prompt‑injection attacks. He outlines Bonfy's three‑pronged approach: controlling grounding data, monitoring content across tool calls and...
Zluri Expands Platform to Deliver Identity Security for the Modern Enterprise
Zluri announced the Zluri Identity Security Platform, extending its SaaS governance suite to discover, govern, and monitor human, machine and AI identities across SaaS, cloud and on‑premises systems. The solution tackles the expanding non‑human identity attack surface by providing automated...
Prepare for AI Swarm Attacks with New Cyber Playbook
AI Swarm Attacks Are Coming, Is Your Business Ready? #AI #swarm attacks, powered by autonomous agents, #deepfake #phishing , and always-on malware, could transform #cybercrime and leave unprepared businesses dangerously exposed. This article explains why leaders need a new #cybersecurity...
Plumber: Open-Source Scanner of GitLab CI/CD Pipelines for Compliance Gaps
Plumber is an open‑source Go tool that scans GitLab CI/CD pipelines for compliance gaps such as mutable container tags, unprotected branches, and outdated templates. It reads the .gitlab-ci.yml file and queries the GitLab API, offering eight configurable controls via a...
NIST Updates Its DNS Security Guidance for the First Time in over a Decade
NIST released SP 800‑81r3, the first major update to its Secure Domain Name System Deployment Guide in over twelve years. The revision emphasizes protective DNS, encrypted DNS protocols (DoT, DoH, DoQ), and modern DNSSEC algorithms such as ECDSA and Ed25519. It...
Women Shaping the Future of Mobile Cybersecurity in a Digital-First Era
India’s mobile‑first digital economy has turned smartphones into the most exposed point in the technology stack, prompting attackers to target mobile applications directly. Companies are shifting from traditional perimeter defenses to embedded solutions like runtime application self‑protection that monitor behavior...
Dual AI Workflow Doubles Quality of Specs and Reviews
Created a chatgpt 5.4 plugin for Claude, it automatically gets a "second opinion", forges the best results for prd/spec/implementation. Once finished and reviewed, submits to chatgpt for bug review / security review analysis. Works insanely better having two work together. ⏺...
Singapore Cybersecurity Firms Showcase SME-Focused Innovations to Counter Rising Cyber Threats at RSAC 2026 Conference
Cyber threats are projected to cost the global economy $23.84 trillion by 2027, leaving small and medium‑sized enterprises especially exposed. Singapore’s CyberSG Talent, Innovation and Growth Collaboration Centre (TIG Centre), backed by S$20 million, is showcasing three home‑grown startups—AgileMark, Scantist and StrongKeep—at...
SANS Stormcast Monday, March 23rd, 2026: GSocket Backdoor in Bash; Oracle Security Alert; Rockwell Attacks
In this episode, Johannes Ulrich reviews a bash-based malware analysis by Xavier that exploits the GSocket backdoor to maintain persistence via a ground job and employs time‑stomping to hide file modifications. He also highlights a critical Oracle security alert for...
Your Smart Home Can Be Easily Hacked. New Safety Standards Will Help, but Stay Vigilant
The Australian government has rolled out mandatory minimum security standards for smart‑home devices, targeting weak default passwords, lack of update policies, and opaque vulnerability reporting. The rules require each product to ship with unique credentials, provide a clear disclosure process,...
When Alignment Becomes an Attack Surface: Prompt Injection in Cooperative Multi-Agent Systems
A new research proposal augments the GovSim multi‑agent platform with a Prompt Infection (PI) module, allowing LLM agents to transfer resources that mimic data theft. The study will vary communication norms, network size, and defensive mechanisms such as police agents...
Apps That Track You: 17 Of The Worst Offenders In Privacy Invasion
A new roundup highlights 17 mobile apps that are among the worst offenders in personal data collection, from Meta’s suite of social platforms to Amazon’s shopping and Alexa ecosystem. The article details the breadth of data each app gathers—Meta tracks...
Cookies, “Significant Risk,” And 2026 CCPA Assessments
California’s privacy law now mandates written risk assessments for any activity that constitutes a “sale” of personal data and presents a significant risk, including behavioral‑advertising cookies, sensitive data processing, and high‑risk automated decision‑making. The final CCPA regulations, released in September 2025,...
UAE Cybersecurity Council Flags 40% Surge in Home Network Attacks Amid Remote‑Work Boom
The UAE Cybersecurity Council announced that cyber incidents tied to remote work have risen more than 40% in recent years, with roughly 38% of attacks now aimed at home routers and VPNs. The warning underscores growing vulnerabilities as the region’s...
New Framework Delivers Unprecedented SCADA Cybersecurity
New framework promises unprecedented level of cybersecurity for SCADA systems #energysky -- via pv magazine global: https://t.co/WiAfR3TSL6
Microsoft Outlines Agentic AI Security Strategy with New Defender, Entra and Purview Capabilities
Microsoft unveiled an "agentic AI" security strategy, rolling out Agent 365 as a centralized control plane for AI agents and embedding new Defender, Entra and Purview capabilities across its suite. The Security Dashboard for AI, Entra backup and tenant‑governance tools, and...
The FBI Just Issued A Warning About A Hidden Threat In Your Home Wi-Fi Network
The FBI has issued a warning that home and small‑business Wi‑Fi networks are vulnerable to residential proxy attacks. In such attacks, criminals compromise a router or device, steal its IP address, and use it as a camouflage for illicit online...
Why Crypto Hacks Don’t End and Continue Even when the Money Is Gone
Immunefi’s 2026 State of On‑chain Security report shows that crypto hacks inflict damage far beyond the initial theft. While the median hack value fell to $2.2 million, the average loss stayed near $24.5 million, with the five biggest exploits accounting for 62%...
Iranians May Soon Target Lucrative Data Center Assets
I wondered when the Iranians would get around to targeting data centers. They're pretty juicy, as potential targets go.
Government Digital IDs Threaten Personal Data Security
This is why government digital ID is a terrible idea. Trusting these useless clowns with your personal data is a recipe for disaster.
Analyst Warns Against Using Microsoft’s Copilot AI on Friday Afternoons
Microsoft’s Copilot AI has suffered several high‑profile mishaps, including hallucinated police reports, exposed passwords, and confidential email summaries. Gartner analyst Dennis Xu warned that companies should consider banning Copilot on Friday afternoons, when employee vigilance tends to wane. The advice...
How to Protect Yourself After Companies House Breach
I’m worried about the Companies House data breach, what can I do? - The Times and The Sunday Times https://t.co/Ob5FvbS46f
Lawmakers Seek VPN Bans to End Online Anonymity
I’ve been repotting on this, there are already state lawmakers pushing for VPN bans. The goal is to fully remove anonymity from the internet
I Had No Idea How Much Google Maps Was Tracking Me Until I Found These Settings
Google Maps continuously records users' whereabouts through its Timeline feature, logging minute‑by‑minute movements and search queries. The app also retains live‑location shares, background location access, and a detailed Maps history unless users manually disable or delete these data streams. The...
I Stopped Using Google Authenticator for This 2FA App, and It’s Much Better
Bitwarden Authenticator, a free open‑source 2FA app, now offers stronger security than Google Authenticator by encrypting codes locally and supporting biometric locks. The author switched after a brief three‑minute migration, noting the process is straightforward via QR export. Bitwarden also...
FBI Alert on Russian Hackers Lacks Verifiable Details in Available Sources
A federal alert reportedly warning that Russian hackers accessed thousands of Signal accounts belonging to U.S. officials and journalists cannot be corroborated with the eight supplied source documents. No direct quotes, numbers, or official statements about the breach appear in...
VoidStealer Malware Steals Chrome Master Key via Debugger Trick
VoidStealer, a malware‑as‑a‑service platform, now bypasses Chrome’s Application‑Bound Encryption by attaching a debugger and setting hardware breakpoints to capture the v20_master_key in plaintext. The technique extracts the master key directly from memory during browser startup, requiring no privilege escalation or...
AI Agents Lack Security Guardrails; NVIDIA Releases NemoClaw
Your AI agent can execute code and call external APIs. How many security guardrails does it have? For most people: zero. NVIDIA just open-sourced NemoClaw. https://t.co/2Kwv30NOkN
Researchers Reveal GlassWorm Malware Hiding in Invisible Unicode Across Open‑Source Repos
Security researchers at Aikido, StepSecurity and Socket identified a new supply‑chain threat called GlassWorm that embeds malicious code in invisible Unicode characters across open‑source repositories. The campaign compromised hundreds of JavaScript, TypeScript and Python packages, including two with roughly 135,000...
Security and Compliance: What Nonprofits Should Know About Online Auction Platforms
Nonprofit organizations increasingly rely on online auction platforms to raise funds, but each event exposes donor names, payment details, and personal addresses to cyber risk. The article stresses that security and compliance are not optional features but core risk‑management criteria,...
Resolv Labs’ Stablecoin Depegs as Attacker Mints Millions of Tokens
Resolv Labs’ USR stablecoin was exploited, allowing an attacker to mint 50 million unbacked tokens after depositing just $100,000 USDC, with an additional 30 million minted due to contract flaws. The sudden supply surge de‑pegged USR, driving its price from a $1...
RSAC 2026 Innovation Sandbox | ZeroPath: From Alarm Accumulation to Executable Fixes
ZeroPath, an AI‑native application security startup founded in 2024, was named a finalist in the RSAC 2026 Innovation Sandbox. Its platform unifies SAST, SCA, secrets and IaC scanning into a single AI‑driven engine that verifies exploitability and produces automated repair pull...
TUMCREATE to Develop Open-Source RISC-V Processor with Integrated Post-Quantum Security
TUMCREATE, the research arm of Technical University of Munich, will lead the QUASAR‑CREATE program to build an open‑source 64‑bit RISC‑V processor with built‑in post‑quantum cryptographic (PQC) accelerators. The processor will be fabricated on GlobalFoundries’ 180‑nm node in Singapore and feature...
The Day Meta’s AI Agent Broke Least Privilege: A MAESTRO Deep-Dive You Can’t Ignore
Meta’s internal LLM‑driven AI agent unintentionally posted remediation guidance to a public engineering thread, prompting a human to apply a mis‑configured access‑control change. The change exposed large volumes of internal and user data for roughly two hours before a SEV1...
Does Your NHI System Deliver Essential Value
Non‑Human Identities (NHIs) now outnumber human users, making machine‑credential security a top priority for enterprises. A robust NHI system manages secrets throughout their lifecycle, providing visibility, automated rotation, and context‑aware controls. Organizations that rely solely on point tools miss hidden...
Is Your Agentic AI Optimized for Latest Threats
Non‑Human Identities (NHIs) are emerging as digital passports that secure machine credentials across cloud environments. A comprehensive lifecycle—discovery, classification, threat detection, and remediation—enables organizations to manage the exploding volume of machine identities in sectors such as finance and healthcare. Integrating...
Silencing AI Noise to Build Practical AWS Automation
I’ve started muting all the accounts pushing hot takes on ai 🤖 so I can focus on getting things done. If it’s not contributing towards accomplish something not really helping. Here’s what I’ve gotten done or trying to get done with...
I Was Exposing My Home Server Every Time I Opened a Router Port — NetBird Fixed It
NetBird, an open‑source WireGuard‑based platform, eliminates the need for router port forwarding by creating private overlay networks for home servers. After installing lightweight clients on the server and endpoints, devices authenticate via a dashboard and connect through encrypted tunnels, with...
You're About to Lose Your Instagram Privacy, so You Might Want to Grab a VPN
Instagram will discontinue end‑to‑end encryption for direct messages on May 8, meaning Meta, ISPs and governments can read private chats. The shift revives concerns that the platform will harvest message data for advertising and AI training. While a VPN can encrypt...
Delve Accused of Misleading Customers with ‘Fake Compliance’
Compliance startup Delve, backed by Y Combinator and a $32 million Series A, faces accusations from an anonymous Substack author that it supplied fabricated evidence to claim customers were fully HIPAA and GDPR compliant. The post alleges Delve generated fake audit reports,...
Trojan Now Impacting Brazilian Financial Institution Clients, Malware Employs Advanced Stealth Tactics : Analysis
Kaspersky’s GReAT team has detailed the GoPix banking Trojan, a Brazilian‑origin threat that has logged roughly 90,000 infection attempts since 2023. The malware spreads through sophisticated malvertising on Google Ads, impersonating services like WhatsApp and Correios to lure high‑value victims....
FBI Alerts on Russian‑Linked Hackers Compromising Thousands of Signal Accounts
The FBI, together with a U.S. cybersecurity firm, issued an alert that Russian‑linked hackers have compromised thousands of Signal accounts. The warning underscores a growing nation‑state threat to encrypted communications and follows recent disclosures of Russian espionage activity on U.S....
Rust Could Block 80% of Chrome’s Recent Exploits
I asked Google AI mode if rust would have prevented these vulnerabilities out of curiosity. Here’s what it said. 1. The "Hard No" (Prevented by Rust) These categories make up about 80% of your list. In "Safe Rust," the compiler simply won't...
Avoid Third‑Party DNS Tools Without Customer Approval
I’m sure this works great. I haven’t tried it yet. As a pentester, don’t use this without customer approval because your customers may not want their vulnerability data stored in third party systems. Also they would have to add a...
BSidesSLC 2025 – • Al Red Teaming For Artificial Dummies
At BSidesSLC 2025, Bryson Loughmiller, Principal Platform Security Architect at Entrata, delivered the session "AI Red Teaming For Artificial Dummies." The talk broke down AI red‑team concepts for non‑specialists, showcasing real‑world attack scenarios and mitigation tactics. Loughmiller emphasized the growing...
2022‑2024 Energy Infrastructure Cyberattacks Mapped
All 2022–2024 cyberattacks on energy infrastructure at a glance #energysky -- via pv magazine global: https://t.co/3bPj3iU1nv https://t.co/PZo92XzX1Q
Chrome Update Fixes 26 Remote Code Execution Flaws
Chrome Security Update Patches 26 Vulnerabilities that Enable Attackers to Execute Malicious Code Remotely https://t.co/LgCt5yd3Zb
Attacker Tested Npm Worm Chain with Dummy Payload
Interestingly, the threat actor is said to have swapped out the ICP backdoor payload for a dummy test string ("hello123"), likely to ensure that the entire attack chain is working as intended before adding the malware.
8 Essential Practices to Secure Your Crypto in 2026
How I keep my crypto safe in 2026 Crypto hackers have stolen $10+ billion in the last 4 years. If you are not careful, you'll be next. This article shares 8 security practices that everyone should be using. https://t.co/5wydObIyx8