🎯Today's Cybersecurity Pulse
Updated 54m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
Blog•Feb 18, 2026
Actionstep Completes SOC 2® Type 2 Examination, Reinforcing Commitment to Law Firm Security
Actionstep, a cloud‑based practice‑management platform used by nearly 5,000 law firms, announced completion of its SOC 2 Type 2 examination conducted by Prescient Assurance. The audit evaluated both the design and operating effectiveness of the company’s security controls over a defined period, providing independent validation of its data‑protection measures. By achieving SOC 2 Type 2 compliance, Actionstep demonstrates a mature security posture that aligns with growing client expectations for vendor risk management. The report is available to customers and qualified prospects under confidentiality agreements.
By Legal Tech Daily (aggregator)
Social•Feb 18, 2026
Risk Assessments Are Performative; Focus on Impact, Not Count
🔥🔥🔥 This hits on something that has bothered me for most of my career... Much of what orgs do to "assess risk" is largely performative, and has very little do with actual risk. Impact is what matters. Your AI Pentester Found...
By Casey Ellis
News•Feb 18, 2026
SANS and siberX Introduce NOW // AI to Help Leaders Manage AI Risk, Strengthen Security Controls, and Defend Enterprise Value
SANS Institute and cybersecurity firm siberX have launched NOW // AI, an immersive simulation program built on the SANS AI Blueprint. The curriculum targets executives and security teams, focusing on three pillars—Protect AI, Utilize AI, and Govern AI—to tighten risk...
By AiThority
News•Feb 18, 2026
New SysUpdate Variant Malware Discovered, Decryption Tool for Linux C2 Traffic Released
Researchers at LevelBlue identified a new SysUpdate variant targeting Linux systems, packaged as a packed ELF64 binary that mimics a system service. The malware employs a custom, multi‑layered symmetric cipher to encrypt its command‑and‑control traffic across several protocols. By emulating...
By GBHackers On Security
News•Feb 18, 2026
Lasso’s Intent Deputy Secures AI Agents Through Real-Time Behavioral Intent Analysis
Lasso Security unveiled Intent Deputy, a runtime behavioral‑intent framework that secures autonomous AI agents by interpreting their decision flow and operational context. The solution claims 99.83% threat detection at sub‑50 ms latency and a 570‑fold cost advantage over cloud‑native guardrails. By...
By Help Net Security
News•Feb 18, 2026
Suped Review – Features, User Experience, Pros & Cons (2026)
Suped is a cloud‑based DMARC monitoring platform aimed at small to mid‑size businesses, offering a visual dashboard, guided DNS setup, and an AI Copilot that translates technical errors into plain‑language tasks. Users can onboard in minutes and see initial data...
By Security Boulevard
Social•Feb 18, 2026
Siemens' OT Security Needs Centralized Certificate Management
With the TIA Portal and platforms like WinCC Unified, Siemens Industry is clearly strengthening its security capabilities. ✔️ Encrypted communication ✔️ Certificate-based authentication ✔️ Hardened PLCs, HMIs and drives Technically strong. No doubt. But let’s be honest: Where is the truly practical solution for centralized certificate...
By Michael Grollmus
News•Feb 18, 2026
KnowBe4 Report Reveals U.S. Public Sector Faces Unrelenting Cyber Threats
KnowBe4 released a white paper highlighting the U.S. public sector’s exposure to escalating cyber threats, with ransomware affecting an estimated 43 % of local governments by 2025. The report identifies four core challenges: relentless attacks, chronic staffing shortages, mounting compliance pressures,...
By AI-TechPark
News•Feb 18, 2026
Microsoft Defender Update Lets SOC Teams Manage, Vet Response Tools
Microsoft Defender now includes a Library Management feature that lets security operations centers (SOCs) organize, preview, and control the scripts and tools used in live response. Analysts can upload PowerShell, batch, and other response files ahead of investigations, making them...
By Help Net Security
News•Feb 18, 2026
AWS Coding Agents Gain New Plugin Support Across Development Tools
AWS introduced Agent Plugins, a framework that equips AI coding assistants with native AWS capabilities. The initial "deploy‑to‑AWS" plugin lets developers issue natural‑language prompts to generate architecture recommendations, cost estimates, and infrastructure‑as‑code templates. It currently integrates with Claude Code and...
By Help Net Security
News•Feb 18, 2026
The New Paradigm for Raising up Secure Software Engineers
AI‑assisted coding is set to dominate enterprise development, with Gartner projecting 90% of engineers using AI assistants by 2028. As AI automates line‑level vulnerability detection, security teams face a surge in code volume and reduced review windows. This forces a...
By CSO Online
News•Feb 18, 2026
The Defense Industrial Base Is a Prime Target for Cyber Disruption
Cyber adversaries are moving beyond classic espionage to disrupt the defense industrial base (DIB), aiming to cripple production capacity and supply chains. Attackers now target everything from large primes to niche startups, especially firms with dual‑use technologies, using ransomware and...
By Help Net Security
News•Feb 18, 2026
New Phishing Campaign Exploits Booking.com Partners, Targets Customers in Multi-Stage Fraud Scheme
A coordinated phishing campaign is exploiting Booking.com’s partner platform to steal hotel staff credentials and then target guests with payment‑stealing lures. The operation uses a three‑stage chain: email phishing to hotel inboxes, a bespoke partner login kit to harvest credentials,...
By GBHackers On Security
News•Feb 18, 2026
Everyone Uses Open Source, but Patching Still Moves Too Slowly
Enterprise security teams now rely on open source for core infrastructure, development pipelines, and production applications, yet patching cycles remain sluggish. TuxCare’s 2026 Open Source Landscape Report shows that 60% of recent incidents involved known vulnerabilities that were not patched...
By Help Net Security
Podcast•Feb 18, 2026•1h 3m
Risky Business #825 -- Palo Alto Networks Blames It on the Boogie
In this episode, Patrick Gray, Adam Boileau, and James Wilson dissect a week of cybersecurity headlines, from Palo Alto Networks’ decision to avoid publicly attributing a Chinese‑linked hacking campaign to geopolitical concerns, to the rise of data‑only extortion as ransomware...
By Risky Business
News•Feb 18, 2026
Regtech SlowMist Exposes Supply Chain Threats in ClawHub’s AI Plugin Ecosystem
SlowMist has uncovered a wave of supply‑chain attacks targeting ClawHub, the official plugin repository for the OpenClaw AI agent framework. Over 340 malicious plugins were identified among roughly 3,000 listings, many embedding Base64‑encoded commands in the SKILL.md documentation that download...
By Crowdfund Insider
News•Feb 18, 2026
Understanding the U.S. Coast Guard’s Maritime Cybersecurity Framework
The U.S. Coast Guard’s Cybersecurity in the Marine Transportation System rule took effect in July 2025, imposing mandatory cybersecurity and incident‑response plans for U.S.-flagged vessels, OCS facilities and MTSA‑covered sites. Owners must appoint a Cybersecurity Officer, enforce account lockouts, maintain...
By The Maritime Executive
News•Feb 18, 2026
Government Explores Unified ID and Verification System for Businesses
The UK Department for Business and Trade has signed a 10‑week, £300,000 contract with Deloitte to explore a unified digital business ID that would provide a single login and a cross‑government business entity directory. The discovery phase will assess existing...
By PublicTechnology.net (UK)
News•Feb 18, 2026
GDS Public Sector Monitoring ‘Finding and Fixing over 100 Critical Vulnerabilities a Month’
The Government Digital Service’s Vulnerability Monitoring Service (VMS), launched in summer 2024, now has over 700 public‑sector organisations signed up and is detecting more than 100 critical vulnerabilities each month. Offered free through the National Cyber Security Centre, the service...
By PublicTechnology.net (UK)
News•Feb 18, 2026
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
Singapore’s Cyber Security Agency and the nation’s four major telcos (M1, Simba Telecom, Singtel, StarHub) launched the "Cyber Guardian" operation, expelling the China‑linked threat actor UNC3886 after an 11‑month campaign. The attackers breached critical network segments but did not steal...
By Dark Reading
Blog•Feb 18, 2026
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
The Electronic Frontier Foundation (EFF) has sent a letter to Wisconsin’s entire legislature urging a vote against S.B. 130 and A.B. 105, bills that would ban VPN use and impose invasive age‑verification on certain websites. The measures have cleared the...
By Electronic Frontier Foundation — Deeplinks —
News•Feb 18, 2026
Fortanix and NTT DATA Partner to Solve Challenges Around Data Sovereignty and Security for AI Factories With NVIDIA
Fortanix, NTT DATA and NVIDIA have launched a joint service that lets Indian enterprises run AI Factories within hardware‑based secure enclaves. The offering combines Fortanix’s Confidential Computing platform, NVIDIA’s secure GPUs and NTT DATA’s full‑lifecycle managed services to protect data and models...
By Business Wire — Executive Appointments
News•Feb 18, 2026
Smart Contracts Auditing Process
Smart contract auditing is a critical pre‑deployment step that safeguards blockchain applications by uncovering coding errors and security vulnerabilities. The process follows a structured workflow—from specification gathering and automated scanning to manual line‑by‑line analysis, functional testing, and iterative remediation—culminating in...
By Financial Crime Academy – Blog
News•Feb 18, 2026
Intellexa’s Predator Spyware Used to Hack iPhone of Journalist in Angola, Research Says
Amnesty International reported that a government client of sanctioned spyware firm Intellexa used its Predator tool to compromise the iPhone of Angolan journalist Teixeira Cândido in 2024. The intrusion was delivered through a malicious WhatsApp link, exploiting an outdated iOS...
By TechCrunch (Cybersecurity)
News•Feb 18, 2026
Simplify Red Hat Enterprise Linux Provisioning in Image Builder with New Red Hat Lightspeed Security and Management Integrations
Red Hat has rebranded its Insights service as Red Hat Lightspeed, keeping core advisor, vulnerability and compliance capabilities while emphasizing AI‑driven speed. New Image Builder integrations now auto‑register RHEL images to Red Hat Satellite and Ansible Automation Platform, and allow compliance profiles...
By Red Hat – DevOps (Category)
News•Feb 17, 2026
Hong Kong Fortifies Cybersecurity Training in the AI Era
Hong Kong released its Cybersecurity Outlook 2026, revealing that nearly 30% of local firms lack dedicated security staff and only 26% of SMEs have such roles compared with 59% of large enterprises. To address the talent gap, the government, HKPC...
By OpenGov Asia
Blog•Feb 17, 2026
Waymo Overseas Human Assist Wasn't Secret, But Is It Secure?
Waymo disclosed that a single remote‑assist operator supports roughly 40 autonomous vehicles, a ratio that underscores its reliance on human fallback. The company confirmed that many of these operators are based overseas, a fact previously hinted at but not widely...
By Brad Ideas (Robocars)
News•Feb 17, 2026
Texas AG Sues Wi-Fi Company over Links to China
Texas Attorney General Ken Paxton sued TP‑Link Systems Inc., alleging the Wi‑Fi maker deceived consumers by marketing its routers as "Made in Vietnam" while sourcing most components in China. The complaint cites longstanding firmware vulnerabilities that Chinese state‑backed hackers have...
By Courthouse News Service
News•Feb 17, 2026
CompTIA Launches SecAI+ Certification
CompTIA unveiled SecAI+, its first Expansion Series certification, aimed at securing AI systems and leveraging AI tools within cybersecurity operations. The credential builds on foundational certifications such as Security+, CySA+ and PenTest+, requiring three to four years of IT experience...
By Network World (sitewide)
News•Feb 17, 2026
How to Transform Your SOC Through XDR and MDR
In a recent Palo Alto Networks webcast, experts highlighted that modern attackers compress breach timelines to under an hour, overwhelming traditional SOC processes. They argued that XDR platforms like Cortex XDR solve the data‑silo problem by unifying telemetry across endpoints,...
By SC Media
News•Feb 17, 2026
Flaws in Popular VSCode Extensions Expose Developers to Attacks
Security researchers at Ox Security uncovered critical and high‑severity vulnerabilities in four widely used Visual Studio Code extensions, collectively downloaded over 128 million times. The flaws—affecting Code Runner, Markdown Preview Enhanced, Live Server, and Microsoft Live Preview—allow attackers to execute remote...
By BleepingComputer
News•Feb 17, 2026
OpenClaw Flaw Enables AI Log Poisoning Risk
A log‑poisoning flaw was discovered in OpenClaw’s gateway server, affecting versions up to 2026.2.12. The vulnerability arises from unsanitized WebSocket headers—such as Origin and User‑Agent—being written directly to structured logs when a handshake is aborted. An unauthenticated attacker could inject...
By eSecurity Planet
News•Feb 17, 2026
Cyber Attacks Enabled by Basic Failings, Palo Alto Analysis Finds
Palo Alto Networks’ 2026 Global Incident Response Report shows cyber‑attack timelines have collapsed, with the fastest breaches moving from initial access to data exfiltration in just 72 minutes, down from nearly five hours in 2024. The acceleration is largely driven...
By CSO Online
News•Feb 17, 2026
CVE-2026-25903 Impacts Apache NiFi Users
A new vulnerability, CVE‑2026‑25903, affects Apache NiFi versions 1.1.0 through 2.7.2 and was patched in 2.8.0. The flaw allows users with limited privileges to modify the configuration of already‑deployed restricted components, bypassing the platform’s authorization checks. While it does not...
By eSecurity Planet
News•Feb 17, 2026
HCP Packer Adds SBOM Vulnerability Scanning
HashiCorp announced that HCP Packer now offers SBOM vulnerability scanning in public beta, while its package‑visibility feature has moved to general availability. The new scanning capability cross‑references each artifact’s software bill of materials against the MITRE CVE database and flags...
By HashiCorp Blog
News•Feb 17, 2026
Quesma Releases BinaryAudit
Quesma unveiled BinaryAudit, an independent benchmark that measures how well artificial‑intelligence models can spot hidden threats in software binaries. The tool aims to shift binary analysis from a reactive, post‑breach activity to a proactive safeguard applied before deployment, during updates,...
By DEVOPSdigest
Social•Feb 17, 2026
Boards Pivot to Recovery as Breach Assumption Grows
As more companies “assume breach,” I am seeing a shift from prevention to recovery. Boards are starting to ask different questions.
By Sean D. Mack
Social•Feb 17, 2026
All Breaches Affect Limited Files; “Limited” Is Meaningless
Apparently, the hackers stole “a limited number of files”. Humour me here, but when does a breach ever *not* affect a limited number of files? I mean, when was the last breach you can remember that impacted an *unlimited* number...
By Troy Hunt
News•Feb 17, 2026
The 2026 Security 100
AI has become the baseline for security vendors in 2026, with advanced generative AI and agentic features now considered essential rather than differentiators. Leaders like MicroAge note that clients increasingly expect AI‑enhanced upgrades across their security stacks. As large language...
By CRN (US)
Social•Feb 17, 2026
Continuous Security Audit Across 62,000+ Open Skills
We partnered with @socketsecurity, @snyksec, and @gendigitalinc to continuously audit https://t.co/NfXI7skfWe for security vulnerabilities. There are now 62,000+ skills in the open ecosystem https://t.co/rtwkKCBeBz
By Guillermo Rauch
News•Feb 17, 2026
Aware Points to Independent PAD and Bias Testing as Remote ID Pressure Mounts
Aware announced that its biometric platform has earned independent validation for presentation‑attack detection (PAD) at ISO/IEC 30107‑3 Levels 1‑3, completed bias testing under ISO/IEC 19795‑10, and participated in the U.S. Department of Homeland Security’s 2025 Remote Identity Validation Rally. The company ties these...
By Mobile ID World
News•Feb 17, 2026
WSO2 Joins MOSIP and IIIT-Bangalore to Refresh eSignet Authentication for National IDs
WSO2 has partnered with IIIT‑Bangalore and the MOSIP project to overhaul eSignet, the open‑source authentication layer used in national digital ID systems. The effort focuses on boosting scalability, OpenID Connect‑style flows, and offline QR support for low‑connectivity environments. By integrating...
By Mobile ID World
News•Feb 17, 2026
Energy Department ‘Center of Excellence’ Delves Into OT Cybersecurity
The U.S. Department of Energy has established a Center of Excellence to tackle operational technology (OT) cybersecurity across its labs and agencies. Sponsored by the Office of Science and the National Nuclear Security Administration, the effort unites cyber experts to...
By Federal News Network
News•Feb 17, 2026
Bluefin and Basis Theory Offer Unified Token Strategy Across Digital and In-Person Payments
Bluefin and Basis Theory have formed a strategic partnership to deliver a unified token strategy that bridges digital and in‑person payment channels. By integrating Bluefin’s PointConex platform with Basis Theory’s API‑driven tokenization and vaulting, merchants can capture, tokenize, and reuse...
By Finovate
News•Feb 17, 2026
CAN Networks Can Meet EU CRA Requirements, but Security Levels Matter
The CAN in Automation (CiA) group warns that all CAN‑based products sold in the EU now fall under the European Union Cyber Resilience Act (EU CRA) unless covered by sector‑specific rules. Compliance hinges on achieving the appropriate IEC 62443 security level (SL),...
By Control Design
Social•Feb 17, 2026
Deep Dive Into Weaponized Malicious SVG Files
Good read and research on malicious SVG file analysis and how it's weaponized by Adam Paulina @Binary_Defense https://t.co/65gf6f2XNn #BinaryDefense
By Dave Kennedy
Blog•Feb 17, 2026
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
In this episode, CredShields announces the release of the OWASP Smart Contract Top 10 2026, a risk prioritization framework built from a structured analysis of 2025 smart contract incidents that caused hundreds of millions in losses. The discussion highlights that governance and...
By Security Ledger
News•Feb 17, 2026
UL Solutions Develops New Certification Program for Solar Inverter Cybersecurity
UL Solutions has introduced a new certification program that establishes the first industry‑wide cybersecurity baseline for distributed energy resources (DER) and inverter‑based devices. The program follows UL 2941, a standard covering access management, cryptography, and data handling, and complements the existing...
By Solar Power World
News•Feb 17, 2026
What 5 Million Apps Revealed About Secrets in JavaScript
Intruder scanned five million JavaScript bundles and uncovered more than 42,000 exposed secrets, including active GitHub, GitLab, and SaaS API tokens. The research revealed 688 repository tokens that granted full access to private code and CI/CD pipelines. Traditional static and...
By BleepingComputer
News•Feb 17, 2026
Palo Alto Networks To Acquire ‘Agentic Endpoint’ Security Startup Koi
Palo Alto Networks announced it will acquire AI‑agent security startup Koi, a move aimed at strengthening visibility and protection for AI‑driven workloads on endpoint devices. While the purchase price was not disclosed, a prior report suggested a $400 million valuation. Koi’s...
By CRN (US)