Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
IBM and Cobalt Iron Are Introducing Secure Automated Backup with Compass
IBM and Cobalt Iron have launched Secure Automated Backup with Compass, a Backup‑as‑a‑Service (BaaS) solution for IBM Cloud customers. The offering extends the proven protection model from IBM Power Virtual Server to a broader set of workloads across hybrid and multi‑cloud environments. It delivers a fully managed, self‑service experience that automates policies, provides instant visibility, and eliminates the need for backup hardware. Security features include encryption, immutability, erasure coding, and integrated compliance controls.
UK Launches New Crackdown Unit to Tackle Cyber-Fraud at the Source
The UK Home Office and National Crime Agency announced the creation of an Online Crime Centre, set to begin operations in April. The unit will pool expertise from police, intelligence, banks, mobile networks and major tech firms to identify and...
Fixing Request Smuggling Vulnerabilities in Pingora OSS Deployments
In December 2025 Cloudflare was alerted to three HTTP/1.x request smuggling flaws (CVE‑2026‑2833, ‑2835, ‑2836) in the open‑source Pingora framework when used as an ingress proxy. The issues allowed attackers to bypass proxy security, desynchronize request handling, and poison caches...
Why AI Security Is Emerging as the Fourth Pillar of Cybersecurity
The article argues that AI security is becoming the fourth pillar of cybersecurity, driven by the rise of autonomous agents that operate primarily through APIs. Traditional pillars—endpoint, network, and cloud—were built for earlier computing shifts and lack the controls needed...
Cybersecurity Shifts Focus: Protect Data Behind Infrastructure
In Houston this week for the Cyber Security for Critical Assets Summit. Looking through the agenda, one thing stands out. The conversations are no longer just about protecting infrastructure. They are about protecting the data and systems that operate infrastructure. If you're...
AI-Based Cybersecurity Monitoring
AI‑based cybersecurity monitoring leverages machine learning and behavioral analytics to analyze massive streams of telemetry across networks, endpoints, cloud services, and identities. By learning normal activity patterns, these platforms flag anomalies, correlate events, and prioritize alerts, dramatically reducing false positives...
MITRE ATT&CK as a Governance Tool
MITRE ATT&CK is being promoted as a governance tool for accounting and finance professionals to meet SEC cyber‑disclosure requirements. Unlike traditional control‑centric frameworks, ATT&CK provides a threat‑intelligence view of adversary tactics and techniques. The framework is endorsed by CISA and...
Authenticator Apps: A Better Multi-Factor Option than Text or Email
Authenticator apps are the most secure multi‑factor authentication (MFA) option compared to email and SMS. Email‑based MFA is vulnerable because a compromised email account can unlock any linked service. SMS MFA suffers from unencrypted messages and SIM‑swap fraud, a risk...
Operationalizing Secure Semiconductor Collaboration: Safely, Globally, and at Scale
Semiconductor fabs now face a massive cyber‑attack surface as software components proliferate across thousands of suppliers. Traditional isolation and ad‑hoc VPNs can’t keep pace with rapid patching needs, leaving long exposure windows. Industry standards such as SEMI E187/E188/E191 set a...
AI Investment Boosts Cybersecurity Amid Market Uncertainty
Even as concern around artificial intelligence leads to market fluctuations in other sectors, cybersecurity is poised to benefit. Here's why governments and companies around the world are investing in AI as a defense mechanism: https://bit.ly/3OWDASt
Australia, NZ, Tonga Alert Surge in Pacific Ransomware Attacks
Australia, New Zealand, Tonga, Warn of Rising INC Ransom Attacks Targeting Pacific Networks https://t.co/7RXek7etJs https://t.co/ceSfRJQxvy
Emma Pickering, Head Of Technology-Facilitated Abuse And Economic Empowerment, Refuge
Refuge reports a 62% jump in referrals for technology‑facilitated and economic abuse in 2025, with the final quarter setting a new record. Younger victims are increasingly targeted, as referrals involving survivors under 30 rose 24%. Perpetrators are exploiting wearables, hidden...
FreeBSD Capsicum Vs. Linux Seccomp Process Sandboxing
FreeBSD’s Capsicum and Linux’s seccomp‑bpf both aim to curb the ambient authority of compromised processes, but they take opposite approaches. Capsicum adopts a subtraction model: a single irreversible cap_enter() call strips the process of all global namespaces, leaving only explicitly granted...
Quantum Threat Drives Enterprise Shift to Post‑Quantum Crypto
Great conversation with enQase We discussed why #Quantum Threat & Post-Quantum Cryptography is becoming a top priority for enterprise #CISOs & #CTOs 📍FULL episode👇 https://t.co/QSA6g4byhP 📍Sched your mtg at #RSAC 👇 https://t.co/qQiSVb0J91 #PQC #cybersecurity #CEO https://t.co/FORk5259Nc
An AI-Powered Poly-Crisis Is Here, and It Is Rewriting Cyber Postures. Are You Breach Ready Yet?
AI‑powered attacks are reshaping cyber risk, highlighted by the recent breach of Mexican government data using Anthropic’s Claude. The incident, involving theft of ~150 GB of tax and voter records, demonstrates how compromised AI assistants can act as “confused deputies,” enabling...
Advanced Protection Mode to Block Chrome WebGPU
Android's Advanced Protection Mode may soon start disabling WebGPU in chrome to protect against security threats ✅ Details & screenshot - https://t.co/c6KBB1avG2 https://t.co/XWUB3K7om6
Internet Infrastructure TLD .arpa Abused in Phishing Attacks
A threat actor is exploiting the .arpa top‑level domain, which is intended solely for reverse DNS, to host phishing sites. By creating A records for IPv6 reverse‑DNS zones through providers such as Cloudflare and Hurricane Electric, the attacker serves malicious...
Q&A: Can a Virus Jump From One Drive to Another?
The post answers whether a computer virus can move from one drive to another, explaining that malware can indeed transfer via autorun scripts, shared folders, and removable media. It outlines the technical pathways viruses exploit, such as hidden executable files...
WinMagic Reveals What Comes After Passkeys: Identity Assurance That Lives Beyond Login
WinMagic announced Live Key and Live Identity in Transaction (LIT), technologies that extend cryptographic verification beyond the initial login to protect entire sessions and transactions. The company argues that passkeys, while securing authentication, leave a gap once a session is...
Trump Cyber Strategy Puts Crypto Security on the Agenda
The White House released a National Cyber Strategy that explicitly targets cryptocurrency and blockchain security. The plan calls for bolstering digital defenses across government and private sectors while promoting privacy‑preserving technologies. A key component is the development and adoption of...
Largest Shopping Center in the Netherlands Affected by Data Breach
Westfield Mall of the Netherlands, the country’s largest indoor shopping centre, disclosed a data breach that exposed personal information of loyalty‑program members and newsletter subscribers. The compromised database contained names, email addresses, phone numbers, postal codes and dates of birth,...
IT Governance as a Prerequisite for Zero-Trust Identity Architecture
Organizations are increasingly turning to zero‑trust identity architecture to counter sophisticated cyber threats, but the model’s success hinges on strong IT governance. A recent study shows firms with mature governance are 32% more likely to prevent identity‑related breaches, while 74%...
New Attack Against Wi-Fi
AirSnitch is a newly disclosed Wi‑Fi attack that exploits cross‑layer identity desynchronization between Layers 1 and 2, breaking client isolation mechanisms. The technique enables a full, bidirectional man‑in‑the‑middle attack across the same SSID, different SSIDs, or separate network segments, affecting home, office,...
Fake Claude Code Install Pages Highlight Rise of “InstallFix” Attacks
Security researchers at Push Security discovered that attackers are publishing counterfeit Anthropic Claude Code installation pages. These look‑alike sites, promoted through paid Google ads, replace legitimate install commands with malicious scripts that download the Amatera stealer on Windows and comparable malware...
West Asia Conflict: Nasscom Urges Member Firms to Step up Vigilence, Cyber Resilience
NASSCOM has issued a fresh advisory urging Indian technology firms to heighten vigilance and cyber‑resilience as the West Asia conflict escalates following US and Israeli strikes on Iran. The body recommends activating business‑continuity plans, enabling remote work for staff in...
We’ve Seen Ransomware Cost American Lives. Here’s What It Will Actually Take to Stop It.
Ransomware attacks surged in 2024, with the Department of Homeland Security reporting over 5,600 publicly disclosed incidents worldwide and nearly half targeting the United States. The FBI notes a nine‑percent year‑over‑year rise, and the average breach now costs $2.73 million, threatening...
Eurofiber, Colt Announce Cross-Carrier Quantum-Secured Fiber Corridor
Eurofiber and Colt Technology Services announced a cross‑carrier Quantum Key Distribution (QKD) corridor linking the financial hubs of Amsterdam, London and Brussels. The partnership leverages Eurofiber’s dense fiber infrastructure and Colt’s ultra‑low‑latency carrier‑grade services to deliver quantum‑secured, high‑performance connectivity. The...
Land Bank Tightens Security After Ransomware Attack
The Land and Agricultural Development Bank of South Africa confirmed a ransomware attack on 12 January 2026 that encrypted parts of its server environment and several laptops. The breach entered through a vulnerable internet‑facing server, but the bank’s core banking, ERP and...
Infinite Potential—Insights From the Cyber Surprise Scenario
RAND’s “Day After AGI” exercises on the Infinite Potential platform examined a Cyber Surprise scenario in which China rapidly deploys a powerful cyber‑AI capability that outpaces U.S. defenses. Six runs with analysts and former officials revealed a strong preference for...
4 Best Practices to Get IAM Implementation Right the First Time
Enterprises are finally receiving budget approvals for identity access management, with 82% of financial decision‑makers increasing spend, according to Cisco Duo’s 2025 State of Identity Security. The article outlines four best‑practice pillars—user experience, staged testing, device health verification, and ongoing...
RSAC 2026 Conference: Key News and Industry Analysis
RSAC 2026, themed “The Power of Community,” convenes 44,000 security professionals in San Francisco from March 23‑26, featuring over 700 vendors, 500 sessions across 25 tracks, and a focus on collaborative defense. Pre‑conference coverage highlights AI agent overload, breach transparency, IoT vulnerabilities,...
High-Risk Security Vulnerabilities in Avira: Attackers Can Execute Code with System Privileges
Researchers at Quarkslab and Trend Micro uncovered three high‑risk vulnerabilities in Avira anti‑malware products, including Avira Free Security. The flaws—found in the updater, System Speedup, and Optimizer components—allow attackers to delete arbitrary files or execute code with SYSTEM privileges, each...
Pete Recommends – Weekly Highlights on Cyber Security Issues, March 7, 2026
Pete Weiss’s weekly roundup spotlights five pressing cyber‑security developments. It warns that the greatest AI threats stem from insider misuse, offering a twelve‑point defense playbook for organizations. Anthropic announced a new migration feature as users consider boycotting ChatGPT, while Samsung...
Third‑party Integrations, Not SAP Core, Drive Breaches
Concerned about cybersecurity with your SAP system? Third-party tools, not S/4HANA, are often the real culprits in breaches. Hackers exploit vulnerabilities in integrated systems, not the core SAP software itself. #SAP #Cybersecurity #TechTips https://t.co/QTo2Og2Ct2
Webinar: Compliance Without Compromise: Test Data Management That Finally Fits
Redgate hosted a webinar titled "Compliance Without Compromise: Test Data Management That Finally Fits," highlighting how modern test data management can meet strict compliance requirements without slowing development. Speakers Kellyn Gorman, Redgate’s Multiplatform Database/AI Advocate, and Product Manager James Hemson...
Kremlin Hackers Attempting to Compromise Signal, WhatsApp Accounts Globally
Russian state‑linked hackers are conducting a global campaign to hijack Signal and WhatsApp accounts belonging to government officials, military personnel, and journalists, Dutch intelligence warned. The operation relies on social‑engineering tactics—impersonating support staff to obtain verification codes or trick users...
Agentic AI Accelerates SecOps/ITOps While Keeping Humans
Early agentic AI in SecOps nd ITOps: automated triage, narrative investigations, hypothesis-driven analysis, and faster MTTR with humans still in the loop. #AI #ITOps #SecOps https://t.co/e3w3lXkvfc
Critical Nginx UI Flaw CVE-2026-27944 Exposes Server Backups
Security researchers have disclosed a critical vulnerability in Nginx UI (CVE‑2026‑27944) with a CVSS score of 9.8. The flaw allows unauthenticated users to call the /api/backup endpoint, retrieve a full server backup, and decrypt it using an AES‑256 key exposed...
DORA Raises the Bar on Operational Resilience
The EU Digital Operational Resilience Act (DORA) has been in force since January 2025, obligating financial services firms to retain operational control during severe IT incidents, not merely avoid failures. While many institutions have bolstered continuity and cyber‑response capabilities, a Veeam‑commissioned...
EU Court Adviser Says Banks Must Immediately Refund Phishing Victims
Advocate General Athanasios Rantos of the EU Court of Justice issued an opinion that banks must instantly refund victims of unauthorized phishing transactions under the EU Payment Services Directive (PSD2), unless they have reasonable grounds to suspect fraud. The opinion...
Passkeys Were Supposed to Replace Passwords, but They're Failing for the Most Predictable Reason
Passkeys, a public‑private key pair paired with biometric verification, were heralded as the successor to passwords, yet most users remain unaware of how they work. Websites often present the option without clear guidance, and many keep passwords as a fallback,...
Spoofing an Emergency Traffic Preemption Signal
Security researcher xssfox reverse‑engineered a Tomar Strobecom II emergency vehicle preemption (EVP) system and demonstrated that an Arduino‑based infrared transmitter can spoof the signal to turn traffic lights green. The analysis revealed the protocol relies on pulse‑skipping infrared bursts and...
The Developer’s Practical Guide to Passwordless Authentication in 2026
Passwordless authentication is becoming the default for modern B2C apps in 2026, with developers able to deploy magic‑link, email/SMS OTP, WhatsApp OTP, or passkey flows in a single day using platforms like MojoAuth. The approach removes the need for a...
What Makes Secrets Management Key to Safe Agentic AI
Enterprises are increasingly reliant on non‑human identities (NHIs) such as machine‑issued tokens and keys, making secrets management a critical security pillar. As cloud adoption and AI workloads expand, unmanaged NHIs create attack surfaces that can lead to data breaches, compliance...
Fideo Intelligence Expands Dark Web Monitoring
Fideo Intelligence has broadened its dark‑web monitoring to deliver early‑stage fraud signals for banks, fintechs, PSPs and merchants. The upgraded service surfaces synthetic identity creation, account takeovers and credential‑replay attacks before they reach a transaction. Integrated into its Verify and...
OpenClaw's Prompt Injection Defenses for Web Data Safety
Thinking about putting together a post about all the security measures I have in openclaw to protect against prompt injections. Critical if your openclaw ingests any web data, emails, etc. Would you read it?
Your Android Phone Has a Built-In Tracker — Here's How to Control It
Android phones embed multiple trackers—Location History, Web & App Activity, and app permissions—that feed data into Google services. Users can inspect this information through the Google Maps Timeline and the Google Account activity dashboard. The article outlines step‑by‑step instructions to...
Define Policy Once, Enforce Everywhere with GenAI
Regulated orgs should target "define policy once, enforce everywhere," with genAI helping map policy to each provider's primitives. #Cloud #CISO #CIO https://t.co/vBzM21vM14
New Social Security Scam Emails Use Fake Tax Documents to Hijack PCs
A new phishing campaign impersonating the Social Security Administration is flooding U.S. inboxes ahead of tax season. The emails feature urgent “Important Disclosures” language and a fake PDF titled like a Social Security statement. When recipients click the link, a...
Termite Ransomware Breaches Linked to ClickFix CastleRAT Attacks
Velvet Tempest, a long‑standing ransomware affiliate, leveraged a ClickFix malvertising lure to breach a U.S. nonprofit’s network of 3,000+ endpoints. The group performed hands‑on AD reconnaissance, harvested Chrome credentials, and staged the DonutLoader and CastleRAT backdoor, but stopped short of...