Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Huawei Launches Xinghe Solution for Cost-Effective, Quantum-Secure WANs
Huawei unveiled the Xinghe Intelligent Traffic‑Encryption Integration Solution at MWC Barcelona 2026, embedding a built‑in Quantum Key Distribution (QKD) board into its NetEngine 8000E router series. The technology uses a high‑precision noise‑reduction algorithm to allow quantum, negotiation and data channels to share a single fiber‑optic cable, cutting infrastructure needs. Huawei claims the approach reduces total project costs by more than 60 % compared with traditional QKD deployments. The move targets finance, telecom and other sectors facing imminent quantum‑computing threats.
Cato Networks Unveils Dynamic Prevention to Stop Stealthy, Long-Running Cyberattacks
Cato Networks has introduced Dynamic Prevention, an auto‑adaptive threat prevention engine built into its SASE platform. The service continuously correlates months of networking and security sensor data to spot low‑signal malicious behavior that blends with legitimate activity. When a threat...
Talion Expands Governance-Aligned Agentic SOC as Board Cyber Scrutiny Intensifies
Talion, an MSSP spun out of BAE Systems, announced under CEO Keven Knight an expanded governance‑aligned Agentic SOC that embeds board‑level oversight into managed cyber defence. The model integrates automation, human expertise and real‑time governance, giving executives transparency and regulatory...
New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security
A new phishing‑as‑a‑service framework called Starkiller proxies real login pages of major brands, delivering authentic HTML, CSS, and JavaScript to victims. By running a headless Chrome instance inside Docker, it captures credentials and, crucially, steals MFA session cookies after users...
Access to National Healthcare Systems: The Deadline for Action Is Getting Closer
NHS England has set a firm deadline to retire the CIS1 authentication service, removing access on 28 February 2027 after reducing its SLA to silver on 1 October 2025. The move forces NHS trusts and other European hospitals to adopt the newer CIS2 platform,...
HyperBUNKER Granted US Patent for Hardware-Enforced Offline Data Vault
HyperBUNKER received US Patent No. 19/290,836 for its offline, hardware‑enforced Data Storage Security System that uses one‑way optocouplers, PLC‑governed drive cycling, and a multi‑vault architecture. The design physically isolates backups, eliminating network connections and login interfaces. It promises full system recovery...
Security Advisory: QNAP Warns Users of a Fraudulent Website Impersonating Qfinder Pro
QNAP Systems issued a security advisory warning that a fraudulent website, qfinder-pro.com, is impersonating its official Qfinder Pro utility. The fake site mimics QNAP branding to trick users into downloading tampered software, potentially exposing personal data and networks to malware....
Brian Harrell — Top Cybersecurity Leaders 2026
Brian Harrell, former DHS Assistant Secretary and current Chief Security Officer at Avangrid Energy, is highlighted as a top cybersecurity leader for 2026. He oversees a converged security portfolio that includes IT/OT cyber, physical security, privacy, fire protection, and business...
Dr. Bryan Stoker — Top Cybersecurity Leaders 2026
Dr. Bryan Stoker, a third‑degree Taekwondo black belt and former NSA senior leader, has become Chief Technology Officer at Dispersive Holdings. He spent over 40 years at the NSA and three years as USCYBERCOM J2 technical director, where he built...
AI Agent Overload: How to Solve the Workload Identity Crisis
Zscaler will address the growing workload identity crisis at RSAC 2026, focusing on AI agents and other non‑human identities that span multi‑cloud and on‑prem environments. The session will expose prevalent insecure practices such as static IP mapping and unrotated keys, and...
Malvertising Actor ‘D-Shortiez’ Exploits WebKit Back-Button Hijack in Forced-Redirect Campaign
A threat group known as D‑Shortiez has launched a malvertising campaign that exploits a WebKit flaw to hijack the back button in Safari and other iOS browsers. The malicious JavaScript injects a fake history entry and binds a redirect to...
AI Doubled Auto Industry Cyberattacks: Upstream
Upstream’s 2026 Global Automotive and Smart Mobility Cybersecurity Report shows that cyberattacks on the auto sector more than doubled in 2025, driven by AI‑enabled vehicle architectures and expanding API exposure. Ransomware accounted for 44% of incidents, the fastest‑growing threat, while...
Bybit Claims New Fraud System Stopped $300M of Risky Withdrawals in Q4 2025
Bybit rolled out an AI‑assisted risk monitoring system that flagged about $500 million in withdrawal requests during Q4 2025, ultimately blocking $300 million in suspected scam‑related withdrawals. The platform protected more than 4,000 users with real‑time alerts and identified 350 high‑risk fraud addresses,...
Cheap AI Gadgets at MWC26 Threaten Your Privacy
AI companions are everywhere at MWC26. So are red flags. Low price. Unknown brands. Zero transparency on where your data goes. The device isn’t the investment. Your privacy is. https://t.co/5vHc6cpKwi
Zerobot Malware Exploits Tenda Command Injection Vulnerabilities to Deploy Malicious Payloads
A new Zerobot campaign is weaponizing two critical flaws – CVE‑2025‑7544 in Tenda AC1206 routers and CVE‑2025‑68613 in the n8n workflow‑automation platform – to deliver a Mirai‑derived payload called Zerobotv9. The exploit chain uses simple HTTP requests or malicious workflow...
Huge “Shadow Layer” Of Organizations Hit by Supply Chain Attacks
Black Kite’s 2025 Third‑Party Breach Report reveals a massive "shadow layer" of supply‑chain attacks, with 136 verified breaches exposing 719 downstream companies and 433 million individuals. Vendors reported an additional 26,000 unnamed corporate victims, suggesting even higher impact. Software‑services providers accounted...
Star Citizen Game Dev Discloses Breach Affecting User Data
Cloud Imperium Games disclosed a security breach on January 21, 2026 that exposed basic account information of an undisclosed number of Star Citizen users. The compromised data included usernames, email addresses, dates of birth and names, but no passwords, financial...
Detego Global Achieves ISO 27001:2022 Certification, Reinforcing Commitment To Information Security
Detego Global, a developer of digital forensics and endpoint monitoring solutions, has earned ISO 27001:2022 certification after a 12‑month audit. The certification validates the company’s Information Security Management System across its software, hardware, and support services. It provides independent assurance that...
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Hackers are turning Telegram into a live marketplace for stolen VPN, RDP and cloud credentials, accelerating initial access to corporate networks. Threat actors harvest stealer logs, post searchable credential feeds, and negotiate sales in private chats, cutting the gap between...
Open Cyber Standards Key to Cross-Platform Integration
Enterprises are turning to open cyber standards to break the cycle of vendor lock‑in that has plagued multi‑year managed service contracts and early hyperscale cloud deployments. By adopting protocols such as OAuth, OpenID and RESTful APIs, organizations can achieve true...
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Iran‑linked threat actor Dust Specter launched a sophisticated phishing campaign against Iraqi government officials in January 2026, masquerading as the Ministry of Foreign Affairs. The operation deployed previously unseen malware families—including SplitDrop, TwinTask, TwinTalk and GhostForm—some of which were assembled with...
Home Routers in Singapore Must Meet Higher Security Standards by 2027
Singapore’s Cyber Security Agency and IMDA will raise mandatory security standards for residential routers to Cybersecurity Labelling Scheme (CLS) Level 2 by the end of 2027. The move follows a 2025 cyber‑operation that uncovered over 2,700 compromised devices, including routers, feeding...
IDEMIA Secure Transactions, Tele2 IoT and Cisco Launch SGP.32 IoT Solution
At Mobile World Congress, IDEMIA Secure Transactions, Tele2 IoT and Cisco unveiled the first commercially available end‑to‑end IoT solution built on the GSMA SGP.32 eSIM standard. The offering combines IDEMIA’s certified eSIM ecosystem, Cisco’s Mobility Services Platform, and Tele2 IoT’s global connectivity...
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft warned that threat actors are exploiting OAuth redirect functionality to deliver malware to government and public‑sector targets. The attackers create malicious applications with rogue redirect URLs, send phishing emails containing crafted OAuth links, and use an invalid scope to...
Cloud Architects Earn the Highest Salaries
Cloud architects remain the most in‑demand cloud role, commanding total compensation often exceeding $200,000. Their core value lies in translating business intent into secure, cost‑controlled designs that scale across dozens of teams. While many organizations can spin up workloads quickly,...
UAE Banks Replace SMS OTPs with Biometrics, AI Security
UAE banks ditch SMS OTPs: biometrics, in-app approvals, and tighter AI governance become the new security baseline UAE banks must stop using SMS and email OTPs by end-March 2026 More UAE banks now tighten security with biometrics logins, AI fraud checks -...
Strengthening Critical Infrastructure Security with OSINT
The article spotlights a free, 10‑hour YouTube course titled "OSINT for ICS and OT" created by Mike Holcomb, aimed at closing the training gap in industrial control system security. It underscores how operational technology—power plants, water treatment, railways and factories—has become a...
Iranian Drones Strike Amazon Data Centers in Gulf
Amazon reports that its data centers in Bahrain and the UAE have been hit by Iranian drones. https://t.co/OlIkT0DOwO
What Are Biometric IDs? What Are the Risks?
Across Africa, governments are rolling out biometric digital ID systems to streamline access to voting, healthcare, education and social protection. A new report by the African Digital Rights Network, based on ten country case studies, finds millions excluded due to...
Secure Agility Sets Sights on AI, Security, IoT and Telco-Led Growth in 2026
Secure Agility, a Sydney‑based tech services firm with roughly 100 staff and $70 million in annual revenue, is shifting from a low‑profile engineering focus to aggressive customer acquisition and national expansion. The company now offers production‑ready AI, IoT and cybersecurity platforms,...
Cybersecurity Implications of the 2026 Middle East Escalation: When Cloud Infrastructure Becomes a Target
On March 1, 2026, an unidentified projectile struck an AWS data center in the UAE, igniting a fire that knocked out more than 60 services across the Middle East and forced customers to shift workloads to Europe. The physical attack coincided...
Nordic Lessons for Romania’s Information Defense: Adapting Psychological and Societal Resilience Models for Hybrid Warfare
Romania’s Constitutional Court annulled its 2024 presidential election after intelligence uncovered a massive Russian hybrid campaign that included 34 coordinated attacks, 85,000 cyber intrusions and a TikTok‑driven disinformation surge that lifted a fringe far‑right candidate to a first‑round win. The...
Blog 107a. Hackers Make ATMs Spit Cash — FBI Sounds Alarm on Ploutus Malware!
The FBI issued a FLASH advisory on February 19, 2026 warning that ATM jackpotting attacks are accelerating across the United States. Since 2020, roughly 1,900 incidents have been recorded, with 700 occurring in 2025 alone, and total losses topping $20 million....
GM Is Facing A Lawsuit Over Selling Drivers' Onstar Data
Iowa Attorney General has filed a lawsuit against General Motors alleging the automaker sold driver location and personal data collected through its OnStar telematics service without consent. The complaint expands on earlier actions, accusing GM of selling the information to...
🛑STOP Installing OpenClaw on Your Computer
The episode warns against installing OpenClaw, an autonomous AI coding agent, directly on personal computers, likening it to leaving a front door open. It explains that such agents can read and modify files, execute terminal commands, and access sensitive data,...
Substantially Reduce Your PCI DSS Control Burden Through Inherited Infrastructure
Upsun introduces an "Inherited Compliance" model that shifts most PCI DSS infrastructure responsibilities to its secure‑by‑default cloud platform. Automated patch deployment and built‑in change logs keep the environment continuously compliant without manual effort. By defining the entire stack in a...
Forensic IT Takes on Chris Hatfield as Exec General Manager
Infotrust subsidiary Forensic IT has appointed Chris Hatfield as executive general manager. Hatfield, a former managing director at FTI Consulting with 26 years of forensic and service experience, will lead the firm’s national digital forensics and incident response (DFIR) expansion....
Evoke Wellness at Hilliard Updates Its Breach Notification
Evoke Wellness at Hilliard submitted a confusing breach notification to the Maine Attorney General, claiming a July 2024 insider incident was only discovered in August 2025 and affecting 261 patients. Earlier reports documented a former employee stealing data in 2024, with 240‑plus...
How Healthcare Organizations Can Build Ransomware Resilience
Scott Doerr, virtual CISO at Fortified Health Security, will present a session on ransomware resilience at HIMSS 2026. He outlines a phased approach that moves ransomware from a reactive crisis to a managed operational risk, emphasizing assessment, planning, simulation, execution,...
The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era
Developers and security teams are clashing over mounting firewall rule backlogs as AI‑driven development accelerates. Aviatrix reports up to 3,000 pending requests with approval cycles of two to four weeks, forcing developers to idle. Cloud adoption has turned static IP‑based...
The FBI’s Cyber Chief Is Using Winter SHIELD to Accelerate China Prep, Threat Intelligence Sharing
The FBI’s cyber division, led by Brett Leatherman, has launched Operation Winter SHIELD to boost preparation for Chinese cyber threats, improve adversary contestation, and accelerate threat‑intelligence sharing with industry. The campaign spotlights ten practical security controls and combines regional events,...
Data From Insight Hospital and Medical Center Leaked on Dark Web
Insight Hospital and Medical Center disclosed that an unauthorized actor accessed its network from August 22 to September 11, 2025, compromising extensive personal and health data. The breach involved roughly 360 GB of files—about 900,000 records—including names, Social Security numbers, and medical images. On...
30 Alleged Members of 'The Com' Arrested in Project Compass
Europol’s Project Compass, launched in January 2025, has led to the arrest of 30 alleged members of the cyber‑extremist collective known as “The Com,” while identifying a further 179 participants across 28 partner nations. The operation targets a loosely organized network of...
Fake Google Security Site Uses PWA App to Steal Credentials, MFA Codes
A phishing campaign masquerading as a Google Account security page deploys a malicious Progressive Web App (PWA) to harvest one‑time passwords, cryptocurrency wallet addresses, and device data. The PWA, hosted on google‑prism.com, requests clipboard, notification, and location permissions, uses the...
Wisconsin K-12 District Hit by Weeklong Outage
The Denmark School District in Wisconsin experienced a five‑day internet outage after a reported cyber incident that appears to be a ransomware attack claimed by the group INC Ransom. The attackers say they encrypted roughly 70.76 GB of district data and posted...
With Quantum Transformation Looming, No Time to Waste in Maturing Cryptography Management
Quantum computers can break RSA and ECC encryption in seconds, prompting urgent action for healthcare data security. At HIMSS26, DigiCert’s Mike Nelson and other experts will outline practical steps for post‑quantum cryptography (PQC) migration, emphasizing crypto agility and automated management....
Incode Aces iBeta Level 3 Biometric PAD Test for Both iOS and Android
Incode’s Deepsight liveness detection software passed iBeta’s Level 3 presentation‑attack detection tests on both iOS and Android, achieving zero errors for APCER and BPCER. The evaluation, based on ISO/IEC 30107‑3, involved 900 sophisticated attacks, including advanced masks and AI‑generated faces. Incode previously...
Hacktivists Claim to Have Hacked Homeland Security to Release ICE Contract Data
Hacktivist collective “Department of Peace” announced a breach of the U.S. Department of Homeland Security, releasing a trove of Immigration and Customs Enforcement (ICE) contract records via DDoSecrets. The dump contains details on more than 6,000 vendors, including major defense...
NFC-Based IDV with Liveness Delivers Zero Fraud, Fewer Support Calls for BankID Norway
BankID Norway, serving 4.7 million users, processed nearly 901 million transactions in 2025. Since mid‑2024 it has layered NFC‑based biometric ID verification with iProov’s liveness check, completing one million activations that now represent about half of all new enrollments. The combined approach has...
Alabama Man Pleads Guilty to Hacking, Extorting Hundreds of Women
A 22‑year‑old Alabama man, Jamarcus Mosley, pleaded guilty to extortion, cyberstalking, and computer fraud after hijacking the social‑media accounts of hundreds of young women between 2022 and 2025. He used social‑engineering tactics to obtain recovery codes, seized control of Snapchat,...