Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
Southeast Asia Faces Spillover Cyber Risk From Iran War as ‘Blast Radius’ Widens
Southeast Asia is increasingly exposed to cyber spillover from the US‑Israel‑Iran conflict, as state‑linked hackers target energy, shipping and banking networks beyond the Middle East. Iran has pledged attacks on regional economic interests, while the UAE reported up to 200,000 breach attempts daily, most from advanced persistent threats. The region's heavy reliance on cloud services and subsea cables means a strike on a Middle‑East data centre can disrupt operations in Kuala Lumpur, Jakarta or Singapore. Recent figures show Malaysia alone lost over $300 million to cybercrime in 2024.
ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance
ENISA has published its first Technical Advisory on Secure Package Managers (v1.1), incorporating feedback from 15 stakeholders and experts. The document details common supply‑chain risks of third‑party dependencies and offers concrete practices for selecting, integrating, monitoring, and mitigating vulnerabilities across...
Codoxo’s Deepfake Detection Identifies AI-Generated Medical Records for Health Plans
Codoxo has launched Deepfake Detection, an AI‑driven solution that scans medical documentation, diagnostic images and claim context in seconds to flag synthetic or manipulated records. The tool embeds explainable risk scores into payer fraud‑prevention workflows, enabling health plans to intercept...
Vulnerability Reports: Increase in Quantity, Decrease in Quality?
cURL founder Daniel Stenberg has shut down his HackerOne bug bounty program after a sharp rise in low‑quality, AI‑generated vulnerability reports. In early 2026 his team reviewed 20 submissions, seven arriving within 16 hours, none of which were genuine flaws....
Unified Real-Time Anomaly Detection Across Retail Fraud and Network Intrusion Streams Using Dependency-Aware Feature Extraction
A unified, domain‑aware anomaly detection pipeline maps retail transaction and network traffic streams to a common event schema, enabling real‑time monitoring of rare, high‑impact events. The approach extracts temporal features (e.g., time‑since‑last‑event) and contextual typicality without data leakage, then trains...
India Introduces Bug Bounty Program to Target Gaps in Aadhaar Ecosystem
India’s Unique Identification Authority (UIDAI) launched a formal bug bounty program to harden the Aadhaar ecosystem. A panel of 20 vetted security researchers will probe the official website, myAadhaar portal, and the Secure QR Code app for vulnerabilities. Rewards are...
India Outlines Legal Framework to Protect Children From AI and Online Harm
India’s government announced a comprehensive legal framework to shield children from AI‑driven online harms. Existing statutes such as the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 are being leveraged to mandate rapid removal of illegal...
Apple Urges iPhone Users to Restart Amid Security Threat
Apple warns iPhone users of serious security risk, asks millions to restart devices. (MSN:Times Now) #Mobile #Security https://t.co/Cixh5A4GHc https://t.co/xLNE8J8ugk
ISACA to Build a Skilled Cyber Security Workforce in the Age of AI
ISACA has been named the Department of Defense’s official CMMC Assessors and Instructors Certification Organisation, giving it authority to deliver the full suite of CMMC credentials worldwide. The CMMC framework blends NIST standards with a maturity model, becoming a global...
Domains.co.za Introduces Complete Domain Protection Service
Domains.co.za has launched a Domain Protection add‑on priced at R69 per year, bundling two‑factor authentication, a transfer lock, WHOIS privacy and Anycast DNS in 62 global locations. The package promises a 1 000 % uptime guarantee and discounts on redemption fees for...
Bell Ambulance Data Breach Impacted over 238,000 People
Bell Ambulance, a U.S. emergency medical services provider, confirmed a data breach that exposed personal, financial, and health information of approximately 238,000 individuals. The breach, detected on February 13, 2025, was linked to the Medusa ransomware group, which claimed to...
APNIC Routing Security SIG at APRICOT 2026: Social Engineering, RPKI, ASPA, & TA Constraints
At APRICOT 2026, APNIC’s Routing Security SIG highlighted six RPKI‑related initiatives, most notably Indonesia’s rapid climb to over 90% RPKI coverage driven by the IIX’s drop‑invalid policy. The session introduced the Autonomous System Provider Authorization (ASPA) object for path validation and...
Stryker Breach Puts IT Leaders On Alert. Here’s How To Stay Safe
Medical‑technology giant Stryker disclosed an Iran‑linked cyberattack that compromised its Microsoft Intune mobile device management (MDM) platform, forcing remote wipes of thousands of laptops and smartphones worldwide. The breach, claimed by the Handala collective, showed no ransomware but highlighted the...
The Usefulness of Useless Knowledge
Tim Harford’s FT piece argues that research once dismissed as useless often becomes foundational to transformative technologies. He cites the RSA algorithm, born from abstract number theory, and Flexner’s 1939 defense of pure science that later powered radio, cryptography, and...
Proofpoint Expands AI-Driven Security Strategy While Strengthening Partner Ecosystem
Proofpoint is expanding its AI‑driven security platform to protect the emerging human‑AI workspace, adding intent‑based detection for AI‑generated phishing and modernising threat investigation tools. The company now processes roughly six trillion messages daily, covering about 45 % of global enterprise email...
Meta Disables 150,000 Accounts in Global Sting on Southeast Asian Scam Centres
Meta disabled over 150,000 accounts linked to Southeast Asian scam centres after a joint operation led by Thailand’s Royal Thai Police, the FBI and the U.S. Justice Department. The crackdown resulted in 21 arrests and highlighted the sophisticated, multilingual fraud...
IBM, Signal, and Threema Partner to Fortify Messaging Against Quantum Threats
IBM researchers have teamed up with Signal and Threema to embed post‑quantum cryptography into their messaging platforms. The partnership pivots from classical elliptic‑curve schemes to NIST‑2024 PQC standards, tackling both content and metadata protection. IBM proposes a decentralized gatekeeper model...
How to Use GitLab Container Virtual Registry with Docker Hardened Images
GitLab’s Container Virtual Registry acts as a pull‑through cache for Docker Hub, Docker Hardened Images (dhi.io), Microsoft Container Registry, Quay and internal registries. It consolidates authentication to GitLab, caches images on the first pull and serves subsequent pulls locally, cutting...
Development of Coruna iOS Exploit Kit Pinned on US Military Contractor
U.S. defense contractor L3Harris, through its Trenchant surveillance‑tech division, was identified as a developer of the Coruna iOS exploit kit. Former employees disclosed that the kit, comprising roughly two dozen components originally built for a government surveillance client, has been...
AI Use Risks NDA Violations and Data Exposure
Perplexity has changed my way of work. Love these guys. But not sure we use the word "secure" the same way. Strong protections on data, but both Perplexity and other models they exchange data with open up new threat...
Iran War to Escalate US Organizations' Cyber Risk
The escalating U.S.–Israel conflict with Iran is expected to heighten cyber threats against U.S. public finance issuers, according to Fitch Ratings. Hacktivist and state‑backed actors may increase DDoS, ransomware, and data‑wiping attacks targeting critical infrastructure. Municipalities, which traditionally lag in...
NZ Businesses Report Surge in AI-Related Security Incidents
A Kordia survey of nearly 250 New Zealand firms with 50+ employees shows a sharp rise in AI‑related security incidents. Shadow AI now ranks among the top three cyber risks for 24% of respondents, up from 16% a year earlier. Attacks...
Report: APAC Second Most Targeted Region as Attackers Exploit Basic Gaps
The 2026 IBM X‑Force Threat Intelligence Index shows Asia‑Pacific as the world’s second‑most targeted region, responsible for 27% of tracked cyber incidents. Attackers are leveraging basic security gaps, with AI tools speeding vulnerability discovery and automation. Malware accounts for 45%...
Organizations Track Response, Not Prevention, Survey Finds
A new Malanta survey of 100 security professionals shows enterprises are still focused on response rather than prevention despite investing heavily in threat intelligence. Companies typically run five to eight feeds—some up to 53—with 71% reporting overlapping data and 100%...
Iran-Linked Handala Hackers Claim Major Hacks on Stryker and Verifone
Iran‑linked Handala Hack Team announced cyberattacks on medical‑device maker Stryker and payment‑technology firm Verifone on March 11. Stryker confirmed a network disruption in its Microsoft‑based environment but reported no ransomware or data loss, while Verifone said it found no evidence of...
Seven Essential Security Strategies For Law Firms And Legal Departments
Law firms and corporate legal departments face escalating cyber threats, with one‑third expected to experience a breach this year and average losses exceeding $5 million. The article outlines seven essential security strategies: building a vigilance culture, turning compliance into a market...
AI Needs Human Oversight, Not Blame for Outages
If you are distressed because AI is causing outages at AWS well… don’t jump to conclusions like everyone did with the whole slew of S3 bucket debacles. Yes there will be problems as people learn how to use this new...
FBI Server Hacked; Hacker Threatens to Expose Owner
We live in the worst timeline ever. The FBI got hacked, and the hacker, disgusted at the PDF file images they saw and not realizing that it's a law enforcement server, threatened to turn the "owner of the server" over...
Foreign Hacker in 2023 Compromised Epstein Files Held by FBI
In February 2023 a foreign hacker infiltrated the FBI’s New York Field Office server that housed files from the Jeffrey Epstein investigation. The breach was discovered when a special agent found a warning file, and the hacker later engaged in a...
Assessing Threat Detection Quality: Key Metrics and Methods
"How to Measure Threat Detection Quality for an Organization?" https://t.co/JKld8W1EsR <- this is OLD (2022), but I somehow keep thinking about it (this is from the pre-gen AI era BTW)
Xygeni GitHub Action Compromised Via Tag Poison
Xygeni’s official GitHub Action was compromised through a tag‑poisoning attack that redirected the mutable v5 tag to a malicious commit containing a command‑and‑control implant. The attacker leveraged a stolen maintainer personal access token and a compromised GitHub App private key...
Iran-Linked Hackers Reportedly Targeted Albanian Parliament Email System
Albanian parliament email system was targeted by the Iran‑linked hacking group Homeland Justice. The attackers sought to access or leak emails of senior political figures, and some content later appeared on Telegram. Albania’s National Cyber Security Authority launched an investigation,...
Bell Cyber Launches Fully Managed Cybersecurity Solution for SMEs
Bell Cyber has launched CyberShield Connect, a fully managed cybersecurity service tailored for Canadian small and medium-sized enterprises. Powered by WatchGuard’s Unified Security Platform, the solution combines cloud‑managed security, automated deployment, and Security Operations Centre monitoring into a single offering....
Swiss E-Voting Pilot Can't Count 2,048 Ballots After USB Keys Fail To Decrypt Them
Swiss authorities suspended Basel‑Stadt's e‑voting pilot after 2,048 ballots could not be decrypted, despite three USB sticks containing the correct codes. The pilot, which served roughly 10,300 expatriates and 30 voters with disabilities, collected votes amounting to less than 4%...
SQLi Flaw in Elementor Ally Plugin Impacts 250k+ WordPress Sites
A critical SQL injection flaw (CVE‑2026‑2413) was found in Elementor's Ally plugin, affecting all versions up to 4.0.3 and potentially exposing data on more than 250,000 WordPress sites. The vulnerability allows unauthenticated attackers to inject malicious SQL via a URL...
F5 Brings New Visibility and AI Controls to Big-IP, NGINX
At its AppWorld conference, F5 unveiled a suite of AI‑enhanced updates to its Application Delivery and Security Platform, including the new observability product F5 Insight, AI‑powered risk scoring for its Distributed Cloud WAF, and post‑quantum TLS support in Big‑IP v21.1....
OpenAI Builds AI Agents to Thwart Prompt Injection
Yep, the systems are evolving (like they have to...) OpenAI is addressing prompt injection inputs but also manipulation (social engineering) -> Designing AI agents to resist prompt injection Covers: *Social Engineering Model *Safe URL Mitigation *Source-Sink Analysis *Sandboxing *Safety training https://t.co/jduzjq6Ipk
Iran Warns US Tech Firms Could Become Targets as War Expands
Iranian state‑linked media released a list naming Google, Microsoft, Palantir, IBM, Nvidia and Oracle as legitimate targets in the expanding regional war. The warning follows recent Iranian drone attacks that damaged Amazon Web Services data centers in the UAE and...
ChatGPT Edu Feature Reveals Researchers’ Project Metadata Across Universities (Exclusive)
A flaw in OpenAI's ChatGPT Edu Codex Cloud Environments allows anyone within a university to view the names and interaction counts of GitHub repositories linked to student and staff accounts. Oxford researcher Luc Rocher discovered that project metadata—including how often...
SAP Security Patch Day March 2026 Highlights FS-QUO and Enterprise Portal Risks
SAP’s March 2026 Security Patch Day released 15 security notes, including two critical CVSS 9+ vulnerabilities and one high‑priority denial‑of‑service issue. The critical flaws affect SAP Quotation Management Insurance (FS‑QUO) via an outdated Log4j library, SAP NetWeaver Enterprise Portal Administration through insecure...
This Security Flaw Could Affect 1 in 4 Android Phones - How to Check Yours
Researchers at Ledger’s Donjon team discovered a hardware flaw in MediaTek’s trusted execution environment that affects roughly 25 % of Android smartphones. The vulnerability lets an attacker connect a phone to a laptop via USB and extract cryptographic keys in under...
Iran's IRGC Threatens US Tech Firms Linked to Israel
Iran's IRGC warns that offices/infrastructure of US firms with links to Israel or whose technology has been used to assist the military will be targeted for physical attack. This includes infrastructure of Google, Palantir, Microsoft, IBM, Nvidia, Oracle https://t.co/M5nw4IhpCK
Hackers Leak Customer Data After Telco Refuses to Pay Ransom
Hackers from the ShinyHunters collective stole personal data of over six million Odido customers and demanded a €1 million ransom. Odido refused to pay, following police advice, prompting the attackers to leak a million lines of data daily and eventually publish...
The Game-Changing Technology Helping Businesses Prevent Catastrophic Data Loss
The article highlights how combining Continuous Data Protection (CDP) with artificial‑intelligence creates near‑zero Recovery Point Objectives (RPO) and dramatically lower Recovery Time Objectives (RTO). AI layers such as predictive failure analysis, anomaly detection and automated recovery orchestration boost CDP’s real‑time...
Microsoft .NET Vulnerability Enables Remote DoS Attacks
Microsoft disclosed CVE‑2026‑26127, an out‑of‑bounds read flaw in the .NET framework that enables unauthenticated attackers to trigger remote denial‑of‑service conditions. The vulnerability affects multiple .NET versions and carries a CVSS rating of 7.5, indicating high severity. Microsoft has released a...
WordPress Security Release 6.9.4 Fixes Issues 6.9.2 Failed To Address via @Sejournal, @Martinibuster
WordPress issued version 6.9.4 after the rushed 6.9.2 security release caused site crashes and left some vulnerabilities unpatched. The 6.9.2 update addressed ten flaws but introduced a template‑loading bug that broke sites using non‑standard themes, prompting a fast‑follow 6.9.3 fix. 6.9.4...
European Groups Form Cybersecurity Initiative for Industrial Automation
A European consortium has launched the three‑year ENFORCERS initiative to secure software supply chains, coordinate incident response, and enhance lifecycle resilience for industrial automation. Backed by EU funding, the project brings together manufacturers, cybersecurity vendors, and research institutes to build...
Leveraging Copilot In Excel To Steal Data Without Any User Interaction
Microsoft disclosed a zero‑click cross‑site scripting vulnerability in Excel’s Copilot Agent that can exfiltrate data from open workbooks without any user interaction. The flaw can be triggered through crafted SharePoint or Teams links, causing Copilot to silently save worksheets to...
New PhantomRaven NPM Attack Wave Steals Dev Data via 88 Packages
Security researchers have identified a new wave of the PhantomRaven supply‑chain campaign targeting the npm registry. Between November 2025 and February 2026, Endor Labs discovered 88 malicious packages distributed through 50 disposable accounts, many employing slopsquatting and Remote Dynamic Dependencies...
DLP Reinvented: Jazz Uses NLP to Guard GenAI Data
Traditional DLP was built for email attachments and USB drives. That world is gone. Jazz raised $61M to rebuild DLP from scratch: natural language policies instead of regex. Every time someone pastes data into a GenAI tool, they create flows your DLP...