Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
Officials Worry Salt Typhoon Apathy Is Killing Momentum for Tougher Telecom Security Rules
Two years after Chinese‑state linked group Salt Typhoon breached at least ten U.S. telecoms, officials say the public remains largely indifferent. The hack gave attackers access to call‑detail records for millions of Americans, yet most citizens cannot see a direct impact on daily life. This apathy is eroding the political pressure needed to enact tougher telecom‑security regulations. State and federal leaders, from New Jersey’s cyber chief to former intelligence officials, warn that without public outrage, momentum for comprehensive reforms will stall.
Vibhor Kumar: Transparent Column Encryption in PostgreSQL: Security Without Changing Your SQL
Vibhor Kumar released the first public version of column_encrypt, a PostgreSQL extension that provides transparent column‑level encryption via custom data types. The extension introduces ENCRYPTED_TEXT and ENCRYPTED_BYTEA types that automatically encrypt on INSERT/UPDATE and decrypt on SELECT, requiring no changes...
Top AI SOC Analyst Platforms in 2026
The 2026 roundup evaluates ten AI‑SOC analyst platforms against five criteria—autonomy, time‑to‑value, explainability, integration, and investigation depth. Prophet Security emerges as the clear leader, offering fully agentic AI, day‑one deployment, transparent reasoning, and vendor‑agnostic integration. Palo Alto’s Cortex XSIAM provides...
Social Media Blasted over Fraud
The Consumer Federation of America estimates U.S. consumers lose roughly $119 billion each year to online fraud, a figure derived from FBI and Bureau of Justice Statistics data. California, Texas, New York and Florida bear the heaviest losses, with California alone accounting...
I Evaluated 7 Best Endpoint Management Software for 2026
Darshayita Thakur evaluated over 20 tools and identified the seven best endpoint management platforms for 2026—NinjaOne, ManageEngine Endpoint Central, Datto RMM, Iru, Action 1, Atera and ThreatDown—plus three bonus options. The review highlights each solution’s pricing, core strengths such as automation,...
€1 Million Online Fraud Scheme Uncovered, Three Suspects Arrested
German and French authorities dismantled a cross‑border fraud ring that stole roughly €1 million. Coordinated by Eurojust, the operation on 10 March led to the arrest of three suspects, with the alleged mastermind detained in France pending extradition. Investigators seized cryptocurrencies, jewellery...
Age Verification Mandates Threaten Online Privacy
Will everyone have to share their age to exist on the internet in the future? It’s a trap: strong enforcement of age rules undermines data privacy. https://spectrum.ieee.org/age-verification
Fraud Battle Calls for Cross-Sector Effort
Financial institutions are urging federal rule changes and cross‑sector data sharing to combat AI‑enabled fraud. Panelists highlighted the need for banks, telecoms and social‑media platforms to exchange real‑time signals, creating a unified view of fraud networks. Current safe‑harbor protections under...
Infrastructure Resilience in an Era of Escalation: Why Cross-Sector Coordination Is the Critical Path
U.S. intelligence warns foreign adversaries, especially Iran, are intensifying cyber attacks on critical infrastructure. The 2025 Threat Assessment highlights coordinated efforts by Russia, China, Iran, and North Korea across energy, transport, water, and manufacturing sectors. CISA reports Iranian actors using...
AI Amplifies Both Threats and Defenses in Cybersecurity
I got asked on the news today is Cybersecurity a field that is being impacted by AI or is it a safe field? I explained how I struggle with this personally as well - there's a lot of fear, uncertainty and...
This $30 Smart Router with a Built-In VPN Is the Travel Gadget I Didn't Know I Needed
The GL.iNet Mango (GL‑MT300N‑V2) is a $29.99 mini smart router that packs VPN support, repeater, WAN, and smartphone‑tethering capabilities into a USB‑powered box. It lets travelers extend free Wi‑Fi, plug in a wired connection, or use a 4G dongle with...
2026 Unit 42 Report Reveals AI-Driven Cyber Threat Surge
Please read my article highlighting critical findings from the 2026 Unit 42 Global Incident Response Report (Link to full report incl) #AI #Cybersecurity #CISO @PaloAltoNtwks Unit 42 Link here👇 https://t.co/CT5ozHHKhM #AI #cybersecurity #CISO #PalAltoPartner #CybersphereGroup
Instagram-Powered Iranian Influence Operation Against US Dismantled
Meta announced the removal of nearly 300 Instagram and Facebook accounts linked to an Iranian influence operation that masqueraded as journalists and commentators. The fake personas collectively attracted about 41,000 followers before disseminating anti‑U.S. and anti‑Israel political messages. Engagement on...
Mimecast Adds AI Investigation and Adaptive Controls to Manage Human Risk
Mimecast unveiled a suite of AI‑driven platform enhancements aimed at curbing human‑related security risk. The rollout adds adaptive security policies that auto‑adjust based on individual risk scores, an AI‑powered Mihra Investigation Agent that accelerates incident analysis, and open‑gateway integrations for...
Coalition of Information-Sharing Groups Warns of Cyber, Physical Attacks
A coalition of ten information‑sharing groups issued a joint advisory warning that Iran‑linked state actors, hacktivists and criminal gangs are escalating cyber attacks against U.S. critical‑infrastructure sites. The advisory cites spear‑phishing, DDoS, wiper malware and backdoor implants as primary tactics,...
Socure Launch Enables Startups to Deploy Identity Verification and Fraud Controls
Socure introduced Socure Launch, a plug‑and‑play identity verification and fraud‑prevention suite built on its RiskOS platform. The service lets developers activate enterprise‑grade risk controls within minutes, bypassing weeks of custom development. It targets early‑stage fintech, crypto, gaming, marketplace and e‑commerce...
Cohesity Expands Data Security Portfolio with Cyera’s Industry-Leading DSPM to Future-Proof Cyber Resilience
Data security firm Cohesity announced the launch of Cohesity Data Security Posture Management (DSPM), powered by Cyera’s AI‑native platform. The solution provides agent‑less, high‑precision discovery and classification of sensitive data across cloud, SaaS, and AI workloads, achieving up to 95 %...
Zscaler Enhances Data Sovereignty Controls with Regional Processing and Logging
Zscaler announced a global expansion of its data‑sovereignty controls, adding dedicated control and logging planes in six regions and preparing a deployment in Canada. The Zero Trust Exchange now performs in‑region SSL inspection, malware analysis and offers Private Service Edge...
CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 26‑03, warning that attackers are exploiting a critical authentication‑bypass flaw (CVE‑2026‑20127) in Cisco Catalyst SD‑WAN devices used across federal networks. The vulnerability carries a CVSS score of 10, potentially granting...
China’s CERT Warns OpenClaw Can Inflict Nasty Wounds
China’s National Computer Network Emergency Response Technical Team (CERT) issued a warning that the OpenClaw agentic AI tool suffers from extremely weak default security configurations. The agency posted on WeChat that the tool can be easily exploited, urging users to...
SOC Prime’s DetectFlow Enterprise Moves Threat Detection to the Data Ingestion Layer
SOC Prime unveiled DetectFlow Enterprise, a platform that embeds real‑time threat detection directly into the data ingestion layer. By running tens of thousands of Sigma detections on live Kafka streams with Apache Flink, the solution achieves millisecond mean‑time‑to‑detect (MTTD). It...
Binary Defense’s NightBeacon Brings AI-Driven Analysis to SOCs
Binary Defense unveiled NightBeacon, an AI‑powered security operations platform embedded directly in its SOC. The system cuts mean time to resolution by roughly 30%, accelerates incident summarization 46%, and boosts the number of incidents analysts can handle per shift by...
AI Scams Drove UK Reports of Fraud to Record 444,000 Last Year
UK anti‑fraud body Cifas reported a record 444,000 fraud cases in 2025, a 6% rise driven largely by AI‑powered scams. Criminals are using synthetic media and fraud‑as‑a‑service kits to execute large‑scale account takeovers on mobile, online shopping and credit‑card platforms....
Splunk, Zoom Patch Severe Vulnerabilities
Security vendors Splunk and Zoom released emergency patches this week to remediate multiple critical and high‑severity vulnerabilities across their product lines. Zoom fixed a critical privilege‑escalation flaw in Workplace for Windows and three high‑severity defects in its Windows client software....
The CISO’s Dilemma: How To Scale AI Securely
CISOs are caught between board‑driven AI ambitions and mounting security risks, as AI projects essentially flood enterprises with new API endpoints. In 2025, Wallarm found that 17% of all vulnerabilities were API‑related and 97% could be triggered by a single,...
Lotte Card Fined 9.6 Billion Won for Leaking Users’ Social Registration Numbers
South Korea’s Personal Information Protection Commission fined Lotte Card 9.62 billion won after a hacking attack exposed the resident registration numbers of about 450,000 customers. The breach stemmed from unauthorized access to log files in the card’s online simple‑payment system, affecting data...
Maintaining Security and Protecting Smart Home Devices From Hackers
Smart home devices boost convenience and energy savings but are increasingly targeted by cybercriminals. Common flaws include weak default passwords, lack of updates, and unsegmented Wi‑Fi networks that let attackers move laterally. Recent incidents, such as a robot vacuum breach...
US Charges Another Ransomware Negotiator Linked to BlackCat Attacks
The U.S. Department of Justice has charged former DigitalMint ransomware negotiator Angelo Martino with conspiracy to interfere with interstate commerce by extortion. Martino allegedly supplied BlackCat (ALPHV) operators with confidential negotiation details and received a 20% cut of ransom payments...
FCC Alert on Cybersecurity Risks
The Federal Communications Commission issued an unprecedented cybersecurity alert for telecom operators, noting a fourfold rise in ransomware attacks from 2022 to 2025. The agency urges carriers to patch systems promptly, enable multi‑factor authentication, segment networks, and monitor vendor security...
Phosphorus Sweeps SC Awards Finalist Spots for Innovation and Leadership
Phosphorus, a leader in proactive security for the extended Internet of Things, has been named a finalist in the 2026 SC Awards for Best Vulnerability Management Solution. Its CEO, Chris Rouland, also earned a finalist spot for Security Executive of...
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
Attackers are weaponizing phishing campaigns to overload Security Operations Center (SOC) analysts, turning the investigation process into an informational denial‑of‑service (IDoS) attack. By flooding the SOC with thousands of low‑sophistication emails, they force analysts to triage quickly, allowing a few...
Banking Apps Leaked Other Customers' Transaction Details
Lloyds, Bank of Scotland and Halifax apps showed customers other users' transactions https://t.co/eOyyiGggxP Can an informed person explain what actually went wrong here? I am so curious https://t.co/RE7RR6W41z
The Growing Cyber Risk to Supply Chains
Corporate leaders are shifting view of cybersecurity from an internal IT issue to an operational capability essential for supply‑chain continuity. AI and automation have expanded the digital footprint of vendors, increasing exposure to cyber threats. Simultaneously, the intensifying Middle East...
What Is an SPF Softfail vs Hardfail: Key Differences, Use Cases, and Best Practices
The article explains the technical distinction between SPF softfail (~all) and hardfail (-all) and how each qualifier influences mail handling. Softfail signals probable unauthorized mail and typically results in spam‑folder placement, while hardfail denotes definite unauthorized sources and can trigger...
New PixRevolution Malware Steals Brazil’s PIX Transfers in Real Time
Brazil’s instant payment platform PIX, handling billions of transactions monthly, is being targeted by a new Android malware called PixRevolution. The threat uses an agent‑in‑the‑loop model, displaying a fake loading screen while a human or AI operator swaps the recipient’s...
AI Redefines Cyberwar: From Iran to Code
NEW ODD LOTS - CYBERWAR AND AI Legendary hacker @msuiche talks to me and @TheStalwart about cyber warfare in the age of AI. We talk: - Iran's capabilities - The intersection of kinetic & digital warfare - The impact of AI on coding, hacking, SaaS...
Why Event Log Archiving Is Critical For Timeline Reconstruction
Event log archiving is essential for accurate timeline reconstruction in digital forensics because operating systems routinely rotate and overwrite logs. Relying solely on selective SIEM collection leaves gaps that can cripple investigations. An automated batch script using Windows tools like...
Nordic Semiconductor Adds Lifetime Flat-Rate FOTA Licensing to nRF Cloud as CRA Compliance Looms
Nordic Semiconductor introduced a lifetime, flat‑rate firmware‑over‑the‑air (FOTA) and device‑management license within its nRF Cloud platform to help IoT makers meet the EU Cyber Resilience Act (CRA) requirements. The CRA, effective in 2027, mandates continuous security updates and auditability for...
Regulatory Compliance for Enterprise Email
Enterprise email is now a security perimeter, and regulatory compliance has shifted from a checkbox to a strategic imperative. Certifications such as SOC 1, SOC 2, ISO 27001 and ISO 27701 provide the architectural blueprints that turn email into a trust asset rather than...
Cisco Patches High-Severity IOS XR Vulnerabilities
Cisco issued its semiannual IOS XR security advisory, addressing four high‑severity vulnerabilities. Two CVEs (CVE‑2026‑20040 and CVE‑2026‑20046) each score 8.8 and enable privilege escalation to root via crafted CLI commands. A third flaw (CVE‑2026‑20074) can cause an IS‑IS process restart,...
Microsoft Authenticator Could Leak Login Codes—Update Your App Now
A critical vulnerability (CVE‑2026‑26123) in Microsoft Authenticator for iOS and Android can expose one‑time passwords or deep‑link data to a malicious app on the same device. The exploit requires a user‑installed malicious application and the user inadvertently selecting it to...
Healthcare Under Attack? Why Is Cybersecurity Now Critical?
African hospitals, labs and digital health platforms are experiencing a surge in cyberattacks as they digitise services. In 2025 the continent saw an average of 3,575 weekly attacks—a 38% rise—affecting institutions like Mediclinic, the National Health Laboratory Service and Kenya’s...
New Simulation Platform Lets Energy Operators Train Against Realistic Cyberattacks
German Fraunhofer FKIE researchers unveiled PowerRange, a virtual cyber‑range that lets power‑grid operators test defenses against realistic attacks. The platform models both traditional centralized networks and renewable‑heavy, decentralized grids, integrating IT, OT and control‑room environments. It supports multi‑stage scenarios—reconnaissance, lateral...
1B Identity Records Exposed in ID Verification Data Leak
Researchers uncovered an unprotected MongoDB database belonging to IDMerit that exposed roughly 1 billion identity records across 26 countries, including more than 203 million records in the United States. The data set contained full names, addresses, dates of birth, national ID numbers...
Secure Internal Collaboration: Best Practices for Companies
How To Ensure Secure Internal Collaboration in Your Company by @antgrasso #CyberSecurity #Infosec #IT #Technology https://t.co/gRUVC0kIFY
Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
Security firm Hudson Rock has linked the 2024 Polyfill supply chain attack, which infected over 100,000 websites, to North Korean threat actors, overturning earlier attributions to China. The attack stemmed from the acquisition of Polyfill.io by Chinese CDN Funnull, which...
DNSSEC Validation for SSL Certificates: CA/B Forum Ballot SC-085 Changes in March 2026
Beginning March 2026, the CA/Browser Forum will require Certificate Authorities to validate DNSSEC signatures during CAA checks and Domain Control Validation when DNSSEC is enabled. DigiCert has already implemented this rule, meaning any misconfigured DNSSEC will cause certificate issuance or renewal...
Lloyds Banking App ‘Glitch’ Shows Transactions of Strangers
Lloyds Banking Group’s mobile apps briefly displayed other customers’ transaction histories on the morning of 12 March 2026. The glitch affected users of Lloyds, Halifax and Bank of Scotland apps before being resolved within minutes. The incident has reignited parliamentary...
Southeast Asia Faces Spillover Cyber Risk From Iran War as ‘Blast Radius’ Widens
Southeast Asia is increasingly exposed to cyber spillover from the US‑Israel‑Iran conflict, as state‑linked hackers target energy, shipping and banking networks beyond the Middle East. Iran has pledged attacks on regional economic interests, while the UAE reported up to 200,000...
ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance
ENISA has published its first Technical Advisory on Secure Package Managers (v1.1), incorporating feedback from 15 stakeholders and experts. The document details common supply‑chain risks of third‑party dependencies and offers concrete practices for selecting, integrating, monitoring, and mitigating vulnerabilities across...