🎯Today's Cybersecurity Pulse
Updated 1h agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 16, 2026
Infostealer Malware Found Stealing OpenClaw Secrets for First Time
Hudson Rock reported the first in‑the‑wild incident of an infostealer stealing OpenClaw configuration files. The malware, identified as a Vidar variant, exfiltrated files such as openclaw.json, device.json, and soul.md on February 13, 2026, revealing API tokens, private keys, and personal data. These secrets could allow attackers to impersonate devices, access cloud services, and fully compromise a victim’s digital identity. Researchers anticipate that as OpenClaw adoption grows, more information‑stealing malware will specifically target AI assistant frameworks.
By BleepingComputer
Social•Feb 16, 2026
AI Agents Drive Traffic Surge, Prompt New Security Controls
As AI Agents Take on Tasks in the Real World, New Risks Emerge By 2026, human website visits drop 20% while machine-initiated traffic surges 40%. Zero-click economy emerging where personal AI negotiates on your behalf. Banks must authenticate agents, not just...
By Efi Pylarinou
News•Feb 16, 2026
Telefónica Tech Promotes Digital Identity Management in the Insurance Sector in Spain
Telefónica Tech is launching a unified digital identity platform for Spain’s insurance sector, enabling secure, self‑sovereign access to digital services. The initiative builds on a 2023 European trial and integrates cloud, IoT, big‑data and blockchain capabilities. Partnering with the insurance...
By Identity Week
News•Feb 16, 2026
The Olympics Are Going Mobile — Your Security Strategy Has to Follow
The Milano Cortina 2026 Winter Olympics will see mobile devices become the primary attack surface, mirroring the digital surge seen at Paris 2024 where billions engaged via apps and streaming. Cybercriminals are already deploying Olympic‑themed phishing, fake ticketing sites, malicious apps and QR‑code...
By Security Magazine (Cybersecurity)
News•Feb 16, 2026
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
OysterLoader, a C++‑based multi‑stage malware loader also known as Broomstick and CleanUp, has been updated through early 2026 with enhanced command‑and‑control infrastructure and obfuscation techniques. The loader now employs a three‑step HTTP/HTTPS handshake, custom Base64 alphabets, and a modified LZMA...
By Infosecurity Magazine
News•Feb 16, 2026
Cubbit Powers Swiss Cantonal-Level Sovereign Cloud for Ailanto
IT integrator Ailanto announced a sovereign cloud service for Swiss organizations built on Cubbit’s DS3 Composer software‑defined object storage. The offering launches with 1 PB of capacity hosted in Swiss‑based data centres and will expand later in 2026. It provides S3‑compatible,...
By Blocks & Files
Blog•Feb 16, 2026
Strengthening Your Legal Practice Against Downtime
South African law firms face steep financial and reputational losses from IT downtime, with a single hour costing an average R360,000 for a 20‑person practice and up to R6.5 million for larger firms. The article distinguishes disaster recovery (DR) from simple...
By Tech4Law
News•Feb 16, 2026
Vault Radar 2025 Recap: Expanding Visibility, Deepening Integration, and Simplifying Security
HashiCorp's Vault Radar, launched in 2025, expanded its secret‑sprawl detection across developer tools and cloud services, adding integrations for Jira, VS Code, Amazon S3, Slack, and AWS Secrets Manager. The platform introduced real‑time IDE scanning, direct remediation through Vault, webhook alerts,...
By HashiCorp Blog
News•Feb 16, 2026
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
Operation DoppelBrand, attributed to the financially motivated GS7 group, launched a large‑scale phishing campaign against Fortune 500 financial and technology firms between December 2025 and January 2026. The attackers registered over 150 look‑alike domains, used automated SSL certificates and rotating registrars, and cloned...
By Infosecurity Magazine
Podcast•Feb 16, 2026•29 min
EP263 SOC Refurbishing: Why New Tools Won’t Fix Broken Processes (Even With AI)
In this episode, Daniel Lyman, VP of Threat Detection and Response at Fiserv, discusses why simply adding new security tools— even AI‑driven ones—cannot repair broken SOC processes. He explains the concept of "process gravity," showing how entrenched workflows and cultural...
By Cloud Security Podcast
News•Feb 16, 2026
Passwords to Passkeys: Staying ISO 27001 Compliant in a Passwordless Era
Organizations are rapidly replacing passwords with passkey authentication to curb the 49% of security incidents tied to compromised credentials. Passkeys, built on FIDO2 and WebAuthn, satisfy AAL2/AAL3 standards and are already deployed in billions of accounts, including Google’s 800 million users....
By BleepingComputer
News•Feb 16, 2026
What Your Bluetooth Devices Reveal
A developer released Bluehood, an open‑source Bluetooth scanner that passively logs nearby devices and visualises their appearance patterns. The tool runs on a Raspberry Pi or laptop and can identify phones, wearables, vehicles and IoT gadgets without ever connecting. Its release...
By Hacker News
News•Feb 16, 2026
Passwork 7.4 Enhances Enterprise Security with Centralized User Vault Restrictions
Passwork has launched version 7.4, adding centralized restrictive settings for User vaults. Administrators can now block adding users, sending passwords, creating links, and shortcuts across all personal vaults. The controls apply automatically to existing and new vaults, tightening data‑leak defenses and...
By Help Net Security
Blog•Feb 16, 2026
Crypto-Procrastination: The Dangerous Delay in Preparing for Post-Quantum Data Security
A Citi Institute report warns that a quantum‑enabled cyberattack on a top U.S. bank could jeopardize $2‑3.3 trillion of GDP, turning quantum computing from theory into an operational emergency. The article highlights the “harvest now, decrypt later” (HNDL) threat, where adversaries...
By ComplexDiscovery
News•Feb 16, 2026
Microsoft Equips CISOs and AI Risk Leaders with a New Security Tool
Microsoft has launched a public‑preview Security Dashboard for AI, consolidating posture and real‑time risk signals from Microsoft Defender, Entra, and Purview into a single interface. The tool inventories AI assets—including models, agents, and third‑party applications—and surfaces AI‑related security risks in...
By Help Net Security
News•Feb 16, 2026
Resecurity Highlights AI-Driven Cybersecurity at AI Everything MEA Egypt 2026
Resecurity, a U.S. cybersecurity firm, showcased its AI‑driven threat detection suite at AI Everything MEA Egypt 2026, an event held under President Abdel‑Fattah El‑Sisi’s patronage and organized by the Ministry of Communications and Information Technology. In partnership with Alkan CIT/Alkan Telecom, the company...
By AI-TechPark
News•Feb 16, 2026
5 Reasons Why Detego Case Manager For DFIR Is Ideal For Investigative Teams
Detego Case Manager for DFIR launches as a purpose‑built platform that consolidates digital and physical evidence, audit trails, and chain‑of‑custody logs in a tamper‑proof environment. It offers a unified dashboard delivering real‑time visibility, customizable Kanban‑style workflows, and role‑based permissions for...
By Forensic Focus
News•Feb 16, 2026
260K+ Chrome Users Duped by Fake AI Browser Extensions
Researchers at LayerX uncovered 30 malicious Chrome extensions masquerading as AI assistants, collectively amassing over 260,000 downloads. These extensions embed attacker‑controlled iframes that capture user prompts, emails, and webpage data, then relay them to remote servers while returning plausible AI...
By Dark Reading
News•Feb 16, 2026
He Tried to Extort the Dutch Police. It Didn’t Work Out Well for Him.
A 40‑year‑old man from Ridderkerk attempted to extort the Dutch police by demanding something in exchange for returning compromised files. Police intercepted the scheme and arrested him on Thursday evening around 7:00 PM. The arrest was reportedly triggered by a procedural...
By DataBreaches.net
News•Feb 16, 2026
CISA Gives Feds 3 Days to Patch Actively Exploited BeyondTrust Flaw
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the actively exploited BeyondTrust Remote Support vulnerability (CVE‑2026‑1731) within three days. The flaw, an OS command‑injection that enables unauthenticated remote code execution, affects Remote Support 25.3.1...
By BleepingComputer
Blog•Feb 16, 2026
Odido Salesforce Hack: Up to 6M Customers’ Data at Risk
Odido, the Dutch telecom formerly known as T‑Mobile, suffered a social‑engineering breach that compromised its Salesforce instance, exposing personal data of up to six million current and former customers. Attackers phished employee credentials, impersonated the IT department, and gained unauthorized...
By Salesforce Ben
Blog•Feb 16, 2026
AWS Security Digest #248 - MCPs Denied
AWS introduced new IAM condition keys that specifically target requests routed through Managed Control Plane (MCP) servers, allowing administrators to deny actions taken via that path. The feature is designed to mitigate risks posed by AI agents that programmatically call...
By AWS Security Digest
News•Feb 16, 2026
Leaky Chrome Extensions with 37M Installs Caught Divulging Your Browsing History
Security researcher Q Continuum identified 287 Chrome extensions that secretly transmit users' browsing histories, affecting an estimated 37 million installations worldwide. The extensions span categories such as VPNs, productivity utilities, and shopping add‑ons, and many request broad host permissions that enable...
By CSO Online
News•Feb 16, 2026
Ransomware Gangs Are Using Employee Monitoring Software as a Springboard for Cyber Attacks
Threat actors have weaponized Net Monitor for Employees, a legitimate workforce‑tracking product, as a remote access trojan and paired it with SimpleHelp RMM software to stage ransomware attacks. Huntress identified two separate incidents where the dual‑tool chain was used to...
By ITPro (UK)
News•Feb 16, 2026
Cybersecurity Leader Pete Angstadt Joins DTEX’s Advisory Board
DTEX, a leader in risk‑adaptive security, announced that cybersecurity veteran Pete Angstadt has joined its Advisory Board. Angstadt brings decades of go‑to‑market leadership, having scaled revenue at ForgeRock, Ping Identity, Securiti and Oracle’s cloud security unit. His expertise in identity‑focused...
By AI-TechPark
News•Feb 16, 2026
AuthID Announces Out of the Box
authID (Nasdaq: AUID) unveiled an out‑of‑the‑box biometric security platform that conforms to the Personal Identity Verification (PIV) framework for energy, water, gas and other critical utilities. The solution replaces passwords and physical tokens with live‑face verification, protecting SCADA consoles, privileged...
By AI-TechPark
News•Feb 16, 2026
DVSA Seeks £95K Digital Chief to Steer Test Booking System Out of the Ditch
The UK Driver and Vehicle Standards Agency (DVSA) is recruiting a chief digital and information officer with a £95,000 salary to overhaul its 18‑year‑old practical test booking platform, which has been plagued by bots and resale schemes. A National Audit...
By The Register
News•Feb 16, 2026
ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks
OpenAI has added a Lockdown Mode and Elevated Risk labels to ChatGPT to mitigate prompt‑injection attacks and other security threats. Lockdown Mode restricts tool and network access, allowing admins to create dedicated roles that limit external interactions, initially for Enterprise,...
By Help Net Security
News•Feb 16, 2026
From Findings to Action: How SecurityBridge Is Bringing Trusted AI Into SAP Security
SecurityBridge has launched the AI Companion, the first AI‑powered security assistant built specifically for SAP environments. Leveraging a proprietary, continuously enriched SAP security knowledge base, the tool transforms thousands of technical findings into context‑aware, actionable recommendations delivered via natural‑language interaction....
By ERP News
News•Feb 16, 2026
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix
Researchers at Moonlock Lab discovered that hackers hijacked verified Google Ads accounts belonging to a children’s charity and a Colombian retailer to promote malicious “ClickFix” links. The ads direct users searching for macOS commands to a counterfeit Claude AI page...
By HackRead
News•Feb 16, 2026
Google Patches First Chrome Zero-Day Exploited in Attacks This Year
Google has issued emergency updates to patch CVE‑2026‑2441, a high‑severity use‑after‑free flaw in Chrome’s CSSFontFeatureValuesMap implementation. The vulnerability, confirmed to be exploited in the wild, can cause crashes, rendering issues, or data corruption. Google back‑ported the fix to stable desktop...
By BleepingComputer
News•Feb 16, 2026
10 Years Later, Bangladesh Bank Cyberheist Still Offers Cyber-Resiliency Lessons
A decade after the Bangladesh Bank heist, the 2016 cyberattack that attempted to steal $951 million via the SWIFT network remains a benchmark for nation‑state hacking. Attackers used spear‑phishing malware to obtain valid SWIFT credentials, executing 35 fraudulent payment orders, of...
By CSO Online
.webp?ssl=1)
News•Feb 16, 2026
LockBit 5.0 Emerges: Cross-Platform Ransomware Now Targeting Windows, Linux, and ESXi Systems
LockBit has released version 5.0, a cross‑platform ransomware that encrypts Windows, Linux and VMware ESXi systems with a single code base. The new variant uses XChaCha20 and Curve25519 encryption, while the Windows build adds sophisticated anti‑forensic tricks such as ETW...
By GBHackers On Security
News•Feb 16, 2026
Apple Privacy Labels Often Don’t Match What Chinese Smart Home Apps Do
A new study of 49 Chinese smart‑home apps on Apple’s App Store reveals systematic gaps in by‑stander privacy and frequent mismatches between privacy policies, user‑interface controls, and App Store privacy labels. All apps require real‑name phone registration and collect a...
By Help Net Security
Social•Feb 16, 2026
Tailor Your Privacy with ZK—We’re the Experts
Reminder about Privacy: Privacy can mean a lot of things. Think about how you achieve privacy for different things in your daily life: An envelope gives you privacy for your mail. A window curtain provides privacy to your home. A lock screen maintains the...
By Eli Ben-Sasson
Social•Feb 16, 2026
AI Finds FFmpeg Overflow; Patience Beats Complexity
My son showed me one of the overflow vulnerabilities found in FFmpeg by Google/Deepmind’s security AI agents. I was thinking about how hard these things are to find, and at least this one didn’t seem deep — just required enormous...
By Matthew Green
News•Feb 16, 2026
In GitHub’s Advisory Pipeline, some Advisories Move Faster than Others
A new study of 288,604 GitHub Security Advisories from 2019‑2025 shows that only about 8% (23,563) complete GitHub’s formal review process. Advisories created directly in repositories are reviewed far faster—median under one day—than those imported from the National Vulnerability Database,...
By Help Net Security
News•Feb 16, 2026
Don’t Panic over CISA’s KEV List, Use It Smarter
In a Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains CISA’s Known Exploited Vulnerabilities (KEV) Catalog and clears up common misconceptions. He notes that KEV entries vary in urgency, with some requiring local access and...
By Help Net Security
News•Feb 16, 2026
Lotus Blossom Hackers Breach Official Notepad++ Hosting Infrastructure
Between June and December 2025, the state‑sponsored Lotus Blossom group compromised the shared hosting provider that delivered Notepad++ updates, turning the popular text editor into a covert espionage conduit. By exploiting weaknesses in the older WinGUp updater, attackers redirected update...
By GBHackers On Security
News•Feb 16, 2026
MOS: Open-Source Modular OS for Servers and Homelabs
MOS is an open‑source, modular operating system built on Devuan that targets homelab enthusiasts and small‑scale server operators. It unifies server monitoring, storage pooling, container orchestration, and virtualization behind a browser‑based dashboard and a REST/WebSocket API. The platform leverages mergerfs...
By Help Net Security
News•Feb 16, 2026
Canada Goose Investigating as Hackers Leak 600K Customer Records
Canada Goose disclosed that a 1.67 GB dataset containing over 600,000 customer records was posted by the ShinyHunters extortion group. The leak includes personal identifiers, shipping details, IP addresses and partial payment‑card information, but the company says it found no evidence...
By BleepingComputer
News•Feb 16, 2026
Firewall Penetration Testing: Definition, Process and Tools
The episode explains firewall penetration testing, detailing its purpose of validating filtering rules and boundary controls to prevent unwanted traffic. It walks through a 14‑step methodology—from discovery and port scanning to firewalking, NAT testing, and rule‑base analysis—highlighting the tools (Nmap,...
By Security Boulevard
News•Feb 16, 2026
Making Sense of AI’s Role in Cyber Security
Executive interest in AI has flooded the cyber‑security market, prompting CISOs to evaluate a surge of AI‑enhanced tools. While some solutions genuinely reduce analyst workload and improve detection, many are marketing‑driven add‑ons lacking proven risk reduction. Experts warn that AI...
By ComputerWeekly
News•Feb 16, 2026
Cloud and AI to Ramp up Operational Risk in 2026: Brennan
Brennan’s latest analysis warns that expanding multi‑cloud footprints and rapid AI trials will heighten operational risk in 2026. Seventy‑five percent of surveyed organisations say their attack surface has grown, prompting a move away from pure public‑cloud strategies toward hybrid, repatriated...
By ARN (Australia)
News•Feb 16, 2026
Zero-Knowledge Proofs for Verifiable MCP Tool Execution
The episode examines the trust gap in Model Context Protocol (MCP) deployments, where AI models invoke remote tools without verifiable proof of correct execution. It introduces zero‑knowledge proofs (ZKPs), especially Sigma‑Protocols and non‑interactive variants like SNARKs, as a way for...
By Security Boulevard
News•Feb 16, 2026
Q-Day: Bank Quantum Attack Could Cost US Economy Trillions, Warns Citi
Citi warns that quantum computers could break public‑key encryption within the next decade, estimating a 19‑34% probability of a widespread breach by 2034 and 60‑82% by 2044. A successful quantum attack on a major U.S. bank could generate $2‑3.3 trillion in...
By Finextra
News•Feb 15, 2026
Windows 11 KB5077181 Fixes Boot Failures Linked to Failed Updates
Microsoft has released Windows 11 update KB5077181, fully fixing the UNMOUNTABLE_BOOT_VOLUME boot failure that struck some enterprise machines after recent security patches. The bug, linked to a failed December 2025 update and exacerbated by the January 13, 2026 KB5074109 rollout, affected devices running 25H2...
By BleepingComputer
News•Feb 15, 2026
How Are NHIs Ensuring Protected Data Exchanges in Financial Services?
The episode explores how Non‑Human Identities (NHIs), or machine identities, are essential for securing protected data exchanges in financial services. It explains the lifecycle of NHIs—from discovery and classification to secret rotation and decommissioning—and why holistic management platforms outperform point...
By Security Boulevard
News•Feb 15, 2026
What Makes an Agentic AI System Safe for Medical Records Management?
The episode explores how Non‑Human Identities (NHIs)—machine credentials like tokens and keys—are reshaping cybersecurity in healthcare, especially as cloud adoption and Agentic AI expand. It outlines a lifecycle‑focused NHI management strategy that includes discovery, classification, continuous threat monitoring, and context‑aware...
By Security Boulevard
News•Feb 15, 2026
How Satisfied Are Companies After Integrating NHIs in Compliance Frameworks?
The episode explores how companies are evaluating the integration of Non‑Human Identities (NHIs) into their compliance frameworks, highlighting the benefits of reduced risk, improved regulatory adherence, and operational efficiency. It outlines best‑practice steps such as discovery, automated secret rotation, behavioral...
By Security Boulevard