🎯Today's Cybersecurity Pulse
Updated 1h agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 17, 2026
New Keenadu Backdoor Found in Android Firmware, Google Play Apps
Kaspersky has uncovered a sophisticated Android backdoor named Keenadu, embedded in firmware of multiple device brands and distributed through compromised OTA updates, system apps, and even Google Play applications. The malware can infiltrate every installed app, grant attackers unrestricted control, and harvest data such as messages, banking credentials, and incognito search queries. As of February 2026, Kaspersky reports 13,000 infected devices across Russia, Japan, Germany, Brazil, and the Netherlands, with the most potent variant residing in firmware. Google confirmed removal of the malicious Play Store apps and highlighted Play Protect’s role in defending users.
By BleepingComputer
News•Feb 17, 2026
Cybersecurity Excellence Awards Reveal Nomination Shift From AI Hype to Governance Execution
Cybersecurity Insiders' 2026 Excellence Awards reveal a notable shift in vendor nominations from AI hype toward concrete governance, identity, and data security solutions. While agentic AI categories are growing rapidly, nominations now emphasize oversight mechanisms, ISO‑42001‑aligned frameworks, and human‑in‑the‑loop controls....
By HackRead
Podcast•Feb 17, 2026•25 min
The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467
In this episode, Brian Rust, SVP and Deputy CISO at Worldpay, explains how fraudsters now target SaaS platforms and ISVs by exploiting weak onboarding, transaction logic, and refund processes. He outlines the fraud kill‑chain—from synthetic business creation and card‑testing spikes...
By Leaders in Payments
News•Feb 17, 2026
API Threats Grow in Scale as AI Expands the Blast Radius
API vulnerabilities accounted for 17% of the 60,000+ flaws disclosed in 2025, and 43% of exploited weaknesses were API‑related, underscoring a growing attack surface. Wallarm’s report highlights a dramatic 270% rise in Model Context Protocol (MCP) flaws between Q2 and...
By SecurityWeek
Social•Feb 17, 2026
Zero‑day Chrome Exploit, Chinese Telco Breach, AI‑crafted Malware
DHOM SitRep #002 just dropped. Chrome's first zero-day of 2026 is being exploited NOW. Chinese hackers owned ALL 4 Singapore telcos. And AI just built its first malware framework. Your weekly cybersecurity briefing — subscribe to Don't Hack On Me. https://t.co/eOI2j9M68A
By Marcus J. Carey
News•Feb 17, 2026
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Teleport’s 2026 State of AI in Enterprise Infrastructure Security report reveals that AI workloads with excessive access rights suffer a 4.5‑times higher incident rate than those governed by least‑privilege controls. Seventy percent of surveyed security leaders say AI systems enjoy...
By Infosecurity Magazine
Blog•Feb 17, 2026
Poorly Crafted Phishing Campaign Leverages Bogus Security Incident Report
A phishing campaign leveraged a fake PDF security incident report hosted on Amazon S3 to intimidate MetaMask users into enabling two‑factor authentication. The PDF, created with ReportLab, contains no malicious code but mimics an official security alert. Researchers noted the...
By Security Affairs
Social•Feb 17, 2026
SMEs Must Expect Cyber Attacks, NCSC Warns
SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks: NCSC Boss War - Infosecurity Magazine https://t.co/DjHx7581nV
By Chuck Brooks
News•Feb 17, 2026
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Researchers have uncovered a new SmartLoader campaign that distributes a trojanized Oura Health Model Context Protocol (MCP) server to install the StealC infostealer. The malicious server is hosted in fabricated GitHub repositories and submitted to the MCP Market registry, exploiting...
By The Hacker News
Blog•Feb 17, 2026
Side-Channel Attacks Against LLMs
Recent research uncovers multiple side‑channel attacks that exploit timing, packet‑size, and speculative decoding characteristics of large language model (LLM) services. By monitoring encrypted network traffic, attackers can infer conversation topics with over 90 % precision, fingerprint specific prompts with up to...
By Schneier on Security
News•Feb 17, 2026
Checkmarx Enhances IDE-Native Agentic Application Security in Kiro
Checkmarx announced that its AI‑driven Developer Assist tool is now embedded directly within the AWS Kiro integrated development environment. The integration scans source code and dependencies in real time, surfacing security findings inside the IDE and synchronizing them with the...
By SD Times
Blog•Feb 17, 2026
Sovereignty-First ITSM: How Geopolitical Risk Is Reshaping Service Management in 2026
In 2026 enterprises are treating data location as a strategic risk rather than a compliance checkbox, prompting a shift toward sovereignty‑first IT service management (ITSM). Traditional cloud‑based ITSM platforms that store data in foreign jurisdictions expose organizations to sudden geopolitical...
By ITSM.tools
News•Feb 17, 2026
Poland Arrests Suspect Linked to Phobos Ransomware Operation
Polish authorities detained a 47‑year‑old man suspected of collaborating with the Phobos ransomware group during a joint operation in the Małopolska region. The arrest, part of Europol‑coordinated Operation Aether, yielded computers and phones loaded with stolen credentials, credit‑card data, and server‑access...
By BleepingComputer
News•Feb 17, 2026
How to Securely Edit and Redact Sensitive PDFs: A Cybersecurity Guide
PDFs remain the go‑to format for confidential data, yet hidden metadata, annotations, and embedded objects often leak information despite password protection. In 2023, over 400 breach incidents were traced to incomplete redactions or metadata exposure. The guide outlines a six‑step...
By HackRead
Blog•Feb 17, 2026
Encrypted RCS Messaging Support Lands in Apple’s iOS 26.4 Developer Build
Apple introduced end‑to‑end encrypted Rich Communication Services (RCS) messaging in the iOS 26.4 developer beta, extending the feature to iPadOS, macOS and watchOS in future updates. The encryption is currently limited to iPhone‑to‑iPhone conversations and depends on carrier support, with a...
By Security Affairs
News•Feb 17, 2026
Cloud On Demand & StorVault Announce Partnership to Strengthen Local Data Protection
Cloud On Demand and South African backup specialist StorVault have announced a partnership that combines scalable cloud delivery with locally‑grounded, immutable data protection. The joint offering targets ransomware, hardware failures and endpoint vulnerabilities that threaten hybrid workforces, while delivering point‑in‑time...
By IT News Africa
News•Feb 17, 2026
3 Threat Groups Started Targeting ICS/OT in 2025: Dragos
Dragos’ 2026 Year in Review OT/ICS report adds three new adversaries—Sylvanite, Azurite and Pyroxene—targeting industrial control systems in 2025. Sylvanite acts as a rapid‑exploitation broker, weaponising n‑day flaws within 48 hours and handing access to the Voltzite group across power, oil,...
By SecurityWeek
News•Feb 17, 2026
Citizen Lab Links Cellebrite to the Hacking of a Kenyan Presidential Candidate’s Phone
Citizen Lab’s forensic analysis uncovered Cellebrite’s phone‑cracking software on Kenyan activist Boniface Mwangi’s device, indicating that state authorities used the tool after his arrest. The evidence shows the phone was unlocked without a password, exposing personal photos, messages, and his...
By CyberScoop
News•Feb 17, 2026
Unit 42: Nearly Two-Thirds of Breaches Now Start with Identity Abuse
Unit 42’s annual incident‑response report reveals identity abuse now initiates roughly two‑thirds of network intrusions, with social engineering responsible for one‑third of the 750 incidents examined. Compromised credentials, brute‑force attacks and permissive identity policies further fuel the trend, while identity‑related...
By CyberScoop
News•Feb 17, 2026
Magnet Virtual Summit 2026 Kicks Off February 23!
The Magnet Virtual Summit 2026 runs February 23‑26, featuring over 50 leading experts who will discuss AI, mobile forensics, cloud investigations, deepfakes, eDiscovery, and incident response. The event spotlights the new Magnet One platform, promising faster, AI‑enhanced case building, and...
By Forensic Focus
News•Feb 17, 2026
The Copilot Problem: Why Internal AI Assistants Are Becoming Accidental Data Breach Engines
Internal AI copilots are being deployed across enterprises as search and decision‑aid layers, inheriting every permission granted to users. Their ability to index, retrieve, and combine data from email, file shares, and SaaS tools exposes vast amounts of previously hidden...
By Security Magazine (Cybersecurity)
News•Feb 17, 2026
Harnessing AI to Secure the Future of Identity
Artificial intelligence is reshaping identity management, with machine and AI agents now surpassing human users in many environments. This surge creates a broader attack surface, as each automated identity demands governance yet often appears outside IT‑approved systems. Channel partners are...
By ITPro
![Security Service Edge (SSE) (Noun) [Word Notes]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://megaphone.imgix.net/podcasts/8797f03a-a50b-11ea-b6c0-87ebb093948d/image/hacking-humans-cover-art-cw.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
Podcast•Feb 17, 2026•8 min
Security Service Edge (SSE) (Noun) [Word Notes]
In this brief episode, host Rick Howard defines Security Service Edge (SSE) as a cloud‑centric security architecture that blends the shared responsibility model, vendor‑provided security stacks, and direct network peering with major content providers and their fiber networks. He highlights...
By Hacking Humans
News•Feb 17, 2026
India’s Cybersecurity Cost Equation
India’s enterprises are boosting cybersecurity spend as multi‑cloud, API‑led ecosystems expand, yet Security Operations Centre (SOC) capacity lags behind. The average data‑breach cost has climbed to ₹22 crore (≈US$2.6 million), highlighting the financial stakes. Tool proliferation generates more alerts, but analyst throughput...
By TechRepublic – Articles
News•Feb 17, 2026
Netrio Named to CRN’s MSP 500 List For 2026
Netrio has been named to CRN’s 2026 Managed Service Provider (MSP) 500 list in the Elite 150 category, highlighting its role as a leading AI‑driven managed IT and cybersecurity provider for mid‑market enterprises. The Elite 150 spot recognizes Netrio’s end‑to‑end...
By AI-TechPark
News•Feb 17, 2026
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat
A malicious fork of the legitimate Triton macOS client was posted on GitHub, masquerading as an official release while embedding a Windows‑only malware payload. The attacker, operating under the account “JaoAureliano,” used a deceptive README and raw asset links to...
By GBHackers On Security
News•Feb 17, 2026
How to Choose a Password Manager for Your Business
Choosing a password manager is now a strategic security decision, not just a convenience tool. While consumer‑focused apps handle basic storage, enterprise‑grade solutions add centralized provisioning, role‑based access, and detailed audit trails. Decision‑makers must evaluate encryption models, zero‑knowledge architecture, MFA...
By TechRepublic – Articles
Podcast•Feb 17, 2026•24 min
Resilience’s Long: 2026 Cyberthreat Landscape Poses New Challenges for Insurers
The episode examines the evolving cyber‑threat landscape of 2026 and its implications for insurance carriers, focusing on rising ransomware, supply‑chain attacks, and AI‑driven exploits. It highlights how insurers must adapt underwriting criteria, pricing models, and claims handling to address more...
By AM Best Audio (AM Best Radio)
News•Feb 17, 2026
DSS Files Charges Against El-Rufai Over Alleged NSA Phone Interception
The Department of State Services has filed a three‑count criminal charge against former Kaduna governor Nasir El‑Rufai for allegedly intercepting the telephone communications of National Security Adviser Nuhu Ribadu. Prosecutors say El‑Rufai admitted the illegal interception during a televised interview on 13 February 2026,...
By The Cyber Express
News•Feb 17, 2026
CVE-2026-1357: WordPress Plugin RCE Exposes Sites to Full Takeover
A critical remote code execution flaw, CVE‑2026‑1357, has been discovered in the WPvivid Backup & Migration WordPress plugin, affecting over 900,000 active sites. The vulnerability lets unauthenticated attackers upload and run arbitrary PHP files via the plugin’s backup‑receive endpoint, granting...
By Security Boulevard
News•Feb 17, 2026
How SSO Simplifies Identity Management for Deskless and Frontline Workforces
Frontline and deskless workers comprise roughly 80% of the global labor force, yet traditional identity systems struggle with shared devices, shift changes, and high turnover. Single Sign‑On (SSO) consolidates credentials, cutting password‑reset tickets and speeding up access at shift handovers....
By Security Boulevard
News•Feb 17, 2026
REMnux V8 Brings AI Integration to the Linux Malware Analysis Toolkit
REMnux released version 8, rebuilt on Ubuntu 24.04 LTS, and introduces a new Cast‑based installer that handles fresh deployments, upgrades, and container installs. The highlight is the REMnux MCP server, which implements the Model Context Protocol to connect AI agents with the...
By Help Net Security
News•Feb 17, 2026
How Red Teaming Reduces Breach Risk?
Red Teaming, also known as adversary simulation, pits authorized security experts against an organization’s defenses to expose real‑world attack gaps. By mimicking the full cyber kill chain—from OSINT‑driven reconnaissance to covert data exfiltration—teams reveal weaknesses that traditional scans miss. The...
By Security Boulevard
News•Feb 17, 2026
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X‑labs uncovered a new phishing campaign that spoofs the US Social Security Administration to deliver a malicious .cmd script. The script auto‑elevates, disables Windows SmartScreen and Mark‑of‑Web, and leverages Alternate Data Streams to hide before silently installing a compromised...
By HackRead
News•Feb 17, 2026
Montana Hospital Restores Phones as Cyber-Related Network Disruptions Persist
Livingston HealthCare in Montana announced that its phone system has been fully restored after a recent cybersecurity incident forced the hospital to shut down communications and other network services. The disruption, first reported on Feb. 13, stemmed from a potential...
By DataBreaches.net
News•Feb 17, 2026
FOI Is Arming Cyberattackers – Here Is How to Fix It
Freedom of Information (FOI) requests on cybersecurity governance are exposing a stark inconsistency in public‑sector disclosures. Large NHS trusts and other big bodies tend to refuse or invoke national‑security exemptions, while smaller organisations often provide granular details. This uneven approach...
By PublicTechnology.net (UK)
Social•Feb 17, 2026
U.S. Unready for Potential GPS Attack, Warns Former NSA Chief
"America is dangerously unprepared for a GPS attack," Adm. Michael Rogers, U.S. Navy (ret.), former commander of the U.S. Cyber Command and director of the National Security Agency. https://t.co/hYWXOZoxEZ
By John Spencer
News•Feb 17, 2026
Introducing Red Hat Build of Podman Desktop: Enterprise-Ready Local Container Development Environments
Red Hat has announced the general availability of its own build of Podman Desktop, delivering an enterprise‑grade, secure‑by‑design local container development environment. The offering bridges the long‑standing gap between developers’ laptops and hardened OpenShift clusters, leveraging the same trusted RHEL components....
By Red Hat – DevOps (Category)
News•Feb 16, 2026
Marietta Also Affected by BridgePay Ransomware Attack.
The BridgePay Network Solutions ransomware attack disrupted the City of Marietta’s online credit‑card processing, halting business‑license payments on February 6, 2026. BridgePay’s forensic review found no payment‑card data was compromised, and the ransomware group remains unidentified. The city is deploying a temporary,...
By DataBreaches.net
News•Feb 16, 2026
The Rise of Credential Stuffing Attacks
Credential stuffing attacks are surging as attackers exploit reused passwords harvested from past breaches. The technique is cheap, highly automated, and blends into normal traffic, making detection difficult. Small‑to‑mid‑size businesses, SaaS platforms, and customer‑facing portals are prime targets because they...
By TechRepublic – Articles
News•Feb 16, 2026
Washington Hotel in Japan Discloses Ransomware Infection Incident
Washington Hotel, a Japanese hospitality chain with 30 properties and 11,000 rooms, disclosed a ransomware breach on February 13, 2026 that compromised business data on its servers. The hotel immediately isolated the affected systems, formed an internal task force and enlisted police,...
By BleepingComputer
News•Feb 16, 2026
MCP Leaves Much to Be Desired when It Comes to Data Privacy and Security
The Model Context Protocol (MCP) was introduced as a universal interface that lets AI agents tap into enterprise data and services. In practice, the protocol has become a lightning rod for privacy breaches: a rogue MCP server harvested WhatsApp chats...
By SD Times
Social•Feb 16, 2026
Start Crypto Agility Now Before Quantum Day Arrives
⏳ Data stolen today will be cracked tomorrow. Post-Quantum Cryptography (PQC) isn't a "next year" problem—it’s a multi-year migration that starts now. I’m looking for "Crypto Agility" on the floor at #RSAC2026. Are you ready for the Q-Day countdown? https://t.co/6PIC4o7OmO #QuantumSecurity...
By Tim Crawford
News•Feb 16, 2026
Eurail Says Stolen Traveler Data Now up for Sale on Dark Web
Eurail B.V., the Dutch operator of European rail passes, confirmed that data stolen in a breach earlier this year is now being offered for sale on the dark web. A threat actor also posted a sample of the compromised records...
By BleepingComputer
News•Feb 16, 2026
Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware
A new social‑engineering campaign uses a fake Cloudflare‑style CAPTCHA to trick Windows users into pasting a malicious PowerShell command. The clipboard‑to‑run technique launches the fileless StealC malware, which injects reflective shellcode into svchost.exe and exfiltrates browser credentials, cryptocurrency wallets, Outlook...
By TechRepublic – Articles
News•Feb 16, 2026
BeyondTrust RCE Exploited for Domain Control
Attackers are actively exploiting CVE‑2026‑1731, an unauthenticated OS command injection flaw in self‑hosted BeyondTrust Remote Support and Privileged Remote Access appliances. The vulnerability enables remote code execution, allowing threat actors to run commands as SYSTEM, install the SimpleHelp RMM tool,...
By eSecurity Planet
News•Feb 16, 2026
Indian Cyber-Tech Is the Model for European Airports
Indian firms WAISL and GRAMAX have created AeroWise, an AI‑driven airport predictive operation centre that blends digital‑twin technology with embedded cyber‑security. The solution includes miniature physical models of terminals, runways and ancillary systems that can be “war‑gamed” to visualize attack...
By Airport Improvement Magazine
News•Feb 16, 2026
Virtual IT Group Crowns Maurice McCarthy as New CEO
Virtual IT Group has appointed Maurice McCarthy, a former Optus customer‑success director, as its new chief executive officer, succeeding founder Christian Pacheco. McCarthy brings 25 years of telecom leadership and will focus on client outcomes, service reliability, and responsible AI integration. Pacheco transitions...
By ARN (Australia)
News•Feb 16, 2026
Identity Is the New Perimeter for State Government Cybersecurity
State and local governments are shifting from perimeter‑based defenses to an identity‑first security model, as highlighted in the State CIO Top 10 Priorities for 2026. The article argues that who a user—or nonhuman account—is matters more than where they connect,...
By StateTech Magazine
News•Feb 16, 2026
When Is It Time to Upgrade Your Control System?
Control system upgrades are back on plant executives' agendas as new capital budgets roll out for the year. The article highlights three primary risks of aging automation: hardware failure, cybersecurity vulnerabilities, and the erosion of tribal knowledge. It urges decision‑makers...
By Control Design