Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
South Yorkshire ICB Launches Digital Transformation, Cyber, and Digital Workforce Strategies
South Yorkshire Integrated Care Board (ICB) unveiled three coordinated strategies—digital transformation to 2027, a cyber resilience plan, and a digital workforce and skills programme. The digital roadmap emphasizes AI governance, a system‑wide AI and automation forum, and mandatory participation in the Yorkshire and Humber Care Record (YHCR) for all partner organisations. The cyber strategy introduces a South Yorkshire Cyber Portal, a criticality register and joint response protocols to harden the system against threats. The workforce plan creates professional networks, aligns training with digital skill assessments, and launches a digital brand and ambassador programme to attract and retain talent.
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments
Security researchers discovered a malicious Go module, github.com/xinfeisoft/crypto, that masquerades as the legitimate golang.org/x/crypto library. The backdoored ReadPassword function captures plaintext credentials, writes them to /usr/share/nano/.lock, and exfiltrates them via a dynamically supplied GitHub Raw URL. After exfiltration, the module pulls and...
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently
Incident response traditionally relies on manual log correlation, alert validation, and report drafting, consuming 10‑20 minutes per case and often days for complex attacks. AI‑enabled platforms now ingest telemetry from SIEM, EDR, identity, and cloud sources the moment an alert...
12 Million Exposed .env Files Reveal Widespread Security Failures
Mysterium VPN’s research uncovered more than 12 million IP addresses serving publicly accessible .env‑style files, leaking credentials such as database passwords, API keys, and JWT signing secrets. The United States leads the exposure count with roughly 2.8 million IPs, while Japan, Germany,...
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
Defused Cyber uncovered a credential‑stuffing campaign that uses passwords harvested by Infostealers to brute‑force corporate SSO gateways, notably targeting F5 BIG‑IP devices. Analysis of 70 credential pairs showed 77 % originated from known Infostealer infections, confirming a direct supply chain from malware‑infected employee...
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
Security agency CISA disclosed that Gardyn smart indoor hydroponic gardens suffered two critical and two high‑severity vulnerabilities, affecting an estimated 138,000 devices. The critical flaws include a command‑injection bug (CVE‑2025‑29631) and hard‑coded admin credentials (CVE‑2025‑1242) that enable remote, unauthenticated control...
RefAssured, ID.me Partner to Fight Candidate Fraud
RefAssured and ID.me have launched an advanced fraud‑prevention solution that embeds identity verification into staffing agencies' existing applicant tracking systems. The joint offering combines RefAssured’s 1.5 million reference reports with ID.me’s digital identity wallet, which serves over 160 million users, to authenticate...
OpenClaw Vulnerability Exposes How an Open-Source AI Agent Can Be Hijacked
OpenClaw, an open‑source AI agent that quickly amassed over 100,000 GitHub stars, was found to contain a critical vulnerability that lets any website a developer visits hijack the local agent via an unauthenticated WebSocket connection. The flaw bypasses rate‑limiting and...
Oculeus 2FN Authenticates Calls in Real Time to Stop CLI Spoofing
Oculeus has launched its Two Factor Network (2FN) solution, giving telcos a real‑time framework to authenticate caller identity and stop CLI spoofing. The system creates a parallel verification path with digital signatures that peer‑to‑peer carriers exchange during call setup. Industry...
Hackers Tricked by Fake Satellite in Groundbreaking Cybersecurity Sting
Researchers unveiled HoneySat at NDSS 2026, the first high‑interaction satellite honeypot that mimics an entire CubeSat mission, including ground‑segment software and orbital dynamics. In three public deployments, attackers issued 22 authentic flight‑software commands, attempting to access ground systems, extract telemetry,...
One Email per Breach May Miss Second Dump
Updated breaches are a bit messy when it comes to sending domain notifications. We only send ONE email per breach to domain subscribers, so you may get an alert for dump 1 but not for dump 2. It's probably worth...
Proofpoint Celebrates A/NZ Partners
Proofpoint announced the 2025 ANZ Partner Awards at its Protect Tour in Sydney, honoring partners that advance human‑ and agent‑centric cybersecurity. Nextgen Distribution earned Distributor of the Year, while NTT Data was named Partner of the Year. Infotrust secured Growth...
Grammarly’s DLL Injection Caused Recurring Computer Crashes
Fun fact I had a senior Director of a facility complain about computer crashing. I would reimage their machine and it would be fine and then it broke again. They kept installing Grammarly which was doing DLL injection into every process.
DoD Replaces Paper-Based Access Requests with Automated ICAM Workflow
The Department of Defense is phasing out the decades‑old DD Form 2875, replacing it with an automated Identity, Credential and Access Management (ICAM) workflow. The new system will provision, authorize, and revoke user access within hours, generate immutable audit logs,...
Beyond the CLI: 5 Governance Questions Every CISO Must Ask Before Deploying Claude Code
Anthropic’s Claude Code introduces a CLI‑based AI agent that can navigate repositories, draft patches, and run tests, turning code remediation into a near‑instant process. While the speed gains are compelling, the tool also grants autonomous execution rights that blur traditional...
The Key Components of a Vendor Relationship Management Framework
The rise of distributed supply chains has turned vendors into ongoing operational dependencies, prompting the need for a structured Vendor Relationship Management (VRM) framework. By distinguishing day‑to‑day vendor management from strategic Supplier Relationship Management, companies can ensure reliability while fostering...
Cisco Says Hackers Have Been Exploiting a Critical Bug to Break Into Big Customer Networks Since 2023
Cisco disclosed that a critical vulnerability in its Catalyst SD‑WAN platform has been actively exploited since 2023. The flaw carries a CVSS rating of 10.0, granting attackers remote code execution and full administrative control. Hackers have used the bug to...
India: Cybersecurity Guidelines to Safeguard Space Systems
India has issued comprehensive cybersecurity guidelines for space systems, jointly crafted by the Indian Computer Emergency Response Team (CERT‑In) and the Space and IT Association‑India (SIA‑India). The advisory framework targets satellite operators, ground‑station managers, manufacturers and emerging private space firms,...
Malaysia Leads ASEAN in Cross-Border Cloud Governance
Malaysia, through the Malaysia Digital Economy Corporation, has secured ASEAN endorsement for a Regional Framework on Cross‑Border Cloud Computing. The framework, unveiled at the 6th ASEAN Digital Ministers’ Meeting, introduces shared governance principles and "Trusted Data Corridors" to ensure secure...
French Cybersecurity For Dummies Releases Third Edition
The third edition of the French version of Cybersecurity For Dummies is now available... #cybersecurity #french #cybersécurité #josephsteinberg #dummies
HackerOne Adds AI Agent to Validate Vulnerabilities
HackerOne introduced an AI agent that automatically validates reported vulnerabilities, distinguishing real threats from false positives. The agent, built on the Hai platform and trained with a Continuous Threat Exposure Management methodology, assesses risk, identifies duplicates, and recommends remediation priorities....
Fake Zoom and Google Meet Scams Install Teramind: A Technical Deep Dive
A fake Zoom update and a parallel Google Meet impersonation are delivering the same Teramind monitoring MSI to Windows PCs. The installer’s filename contains a unique 40‑character hex string that the MSI parses at install time to set attacker‑specific instance IDs,...
Stars Align for Passkeys but Will Adoption Follow?
Credential‑based fraud and login friction are eroding conversion for high‑value e‑commerce shoppers, prompting merchants to seek stronger, lower‑friction authentication. Passkeys, built on FIDO public‑key cryptography and unlocked via biometrics or PIN, promise to eliminate password reuse and phishing risk. PayPal...
Marquis V. SonicWall Lawsuit Ups the Breach Blame Game
Fintech firm Marquis, which serves over 700 banks, filed a lawsuit against firewall vendor SonicWall after a ransomware breach exposed client data for roughly 780,000 individuals. SonicWall later disclosed that a breach of its own firewall configuration backups affected all...
Can Agentic AI Effectively Handle Enterprise Security Needs
Enterprises are turning to Non‑Human Identity (NHI) management to close security gaps created by machine‑generated accounts and their secrets. By automating discovery, classification, monitoring and decommissioning, organizations can reduce breach exposure while cutting operational costs. Centralized NHI platforms deliver real‑time...
How Smart Are NHIs in Managing Complex Security Environments
Non‑Human Identities (NHIs) are machine credentials that protect data in cloud‑first environments. The article outlines a full NHI lifecycle—from discovery to remediation—and stresses that piecemeal tools fall short. It highlights industry‑specific challenges, such as patient data in healthcare and DevOps...
How Can Agentic AI Improve Digital Security Processes
Agentic AI is emerging as a transformative layer for digital security by automating the management of Non‑Human Identities (NHIs) and their secrets. The technology enables proactive threat detection, automated response, and continuous visibility, allowing security teams to shift focus toward...
Does Implementing Agentic AI Fit the Budget of SMBs
Non‑human identities (NHIs) such as machine‑generated secrets are becoming a critical attack surface, prompting organizations to adopt comprehensive NHI management across discovery, classification, detection and remediation stages. Effective NHI programs deliver reduced breach risk, regulatory compliance, and operational efficiencies through...
Infotrust to Reinvest $50M From Nexgen Sale Into Shoring up Sovereign Security
Infotrust has sold its cloud and communications arm Nexgen to Aussie Broadband for up to $50 million, freeing capital to accelerate its sovereign cyber‑security strategy. The proceeds will be redeployed into identity, data‑privacy and broader federal‑government capabilities, as well as potential...
ServiceNow AI Platform Vulnerability Enables Unauthenticated RCE
ServiceNow disclosed and patched a critical vulnerability, CVE-2026-0542, in its AI Platform that could allow unauthenticated remote code execution. The flaw bypasses the ServiceNow Sandbox, affecting web interfaces, API endpoints, and automation modules, and carries a CVSS rating of 9.8....
Idemia PS Deal Brings Growing Number of US mDLs to Trinsic’s Digital Identity Network
Trinsic has integrated Idemia Public Security’s mobile driver’s license (mDL) solution into its Digital Identity Acceptance Network, adding support for mDLs issued in New York, Arkansas, Iowa, West Virginia and Kentucky. Idemia, the leading U.S. provider of state‑backed mDLs, also serves three...
Project Compass Is Europol’s New Playbook for Taking on The Com
Project Compass, a Europol‑led operation backed by 28 nations including the Five Eyes, began in January 2025 to dismantle the transnational youth‑focused cybercrime network known as The Com. Since its launch the initiative has secured 30 arrests, fully or partially...
ProcessUnity Research Finds Third-Party Risk Management Confidence Outpaces Breach Reality
ProcessUnity’s State of Third‑Party Risk Assessments 2026, conducted with the Ponemon Institute, surveyed 1,465 risk leaders and found a stark disconnect between confidence in TPRM programs and actual breach outcomes. Respondents report an average of 12 third‑party breaches per year...
Senate Moves One Step Closer to Passing Health Care Cyber Reforms
The Senate Health, Education and Labor Committee approved the bipartisan Health Care Cybersecurity and Resiliency Act by a 22‑1 vote, with only Sen. Rand Paul dissenting. The legislation obliges the Department of Health and Human Services to craft a cybersecurity...
FedRamp 20x Opens the Door to Fast Access to Secure Services
FedRAMP 20x redesigns the federal cloud‑security authorization process by eliminating the agency sponsor requirement and introducing a cloud‑native path that can deliver approvals in weeks instead of years. Automation replaces narrative controls with machine‑readable evidence, targeting over 80% validation through continuous‑monitoring...
Control System Cyber Incidents and Network Breaches Are “Apples and Oranges”
Joe Weiss argues that network‑focused breach statistics, such as those in the 2025 Verizon Data Breach Report, do not capture the reality of control‑system cyber incidents. While IT and OT network teams track data loss, ransomware and malicious traffic, control‑system...
Building Day 2 Ops Guardrails with Terraform and Packer
The article outlines how Terraform and Packer can establish Day 2 operations guardrails that keep cloud environments secure, compliant, and cost‑effective after initial provisioning. It identifies common post‑deployment pitfalls such as manual ticketing, policy drift, orphaned resources, and misconfigurations that drive...
IonQ Deploys Romania’s National Quantum Communication Infrastructure (RoNaQCI)
IonQ has rolled out Romania’s National Quantum Communication Infrastructure (RoNaQCI), creating a 1,500‑kilometer quantum‑key‑distribution (QKD) network that links six major cities. The system comprises 36 quantum‑secured links, accounting for more than 20% of Europe’s terrestrial quantum communications capacity. Leveraging wavelength‑division...
Mike Pezzullo Reflects on Action Following Major ANU Data Breach
Former public servant Mike Pezzullo addressed the Universities Australia Solutions Summit, reflecting on the 2019 cyber‑attack that compromised nearly 20 years of Australian National University (ANU) student and staff records. The breach, attributed to Chinese state‑linked threat actors, exposed bank...
Low-Code by Design: A Practical Way to Modernize Identity Governance
Low‑Code by Design reframes identity governance automation by building reusable, metadata‑driven integration modules instead of bespoke scripts. The approach captures application attributes such as account models and correlation rules, allowing a single tested component to be configured for many systems....
Huawei Takes Part in EU Research Programs Despite Commission Crackdown
Huawei is participating in 16 Horizon Europe research projects despite being labeled a high‑risk supplier by the European Commission. Fifteen of the contracts were signed before the 2023 ban, while a sixth‑year project was deemed outside the restriction scope. The...
$3M FanDuel Fraud Case Shows Why Online Gambling Needs Biometric IDV, Liveness
Federal prosecutors charged two Connecticut men with a $3 million fraud scheme that exploited knowledge‑based authentication on FanDuel, DraftKings and BetMGM. The perpetrators harvested personal data from roughly 3,000 victims using services such as TruthFinder and BeenVerified to open fraudulent gambling...
AWS Security Hub Extended Brings Enterprise Security Under One Roof
AWS Security Hub Extended introduces a bundled plan that lets enterprises procure, deploy, and manage a full‑stack security suite covering endpoints, identity, email, network, data, browsers, cloud, AI, and security operations from a single console. The offering expands protection beyond...
India and Israel Sign Tech and Cyber Security Pacts During Modi's Trip
During Prime Minister Narendra Modi’s state visit, India and Israel signed multiple agreements to deepen cooperation in technology and cybersecurity. The pacts create a joint innovation fund, enable real‑time cyber‑threat intelligence sharing, and launch collaborative projects in artificial intelligence, quantum...
Prompt Injection Attacks Are Already Surfacing in the Wild
"Prompt injection attacks in the wild" https://t.co/wXEOcvcpdX <- if you have coffee in your hand, set it down now. Snort attack likely :-)
European DYI Chain ManoMano Data Breach Impacts 38 Million Customers
ManoMano, a leading European DIY e‑commerce platform, disclosed a data breach affecting roughly 38 million customers after hackers compromised a Tunis‑based third‑party customer support provider. The breach exposed personal details such as names, email addresses, phone numbers, and support ticket communications,...
The NIST OSCAL Framework for State and Local Governments
NIST’s Open Security Controls Assessment Language (OSCAL) gives state and local governments a machine‑readable alternative to spreadsheets, Word files, and PDFs for security‑control documentation. By encoding controls, implementations, and assessment results in JSON, XML or YAML, agencies can automate validation,...
Act Now to Battle Data Exfiltration
Accounting firms are facing a surge in data‑exfiltration attacks, where cybercriminals silently steal sensitive financial records to extort victims or sell the data. Traditional detection tools often miss covert channels, encrypted uploads, and traffic mimicry, leaving firms vulnerable. The average...
Protect Your Identity: Fraud Prevention in AI Era
Insights On Preventing Fraud and Identity Theft in The AI Era by @ChuckDBrooks https://t.co/Z1DoLfU6rP #CyberSecurity #identitytheft
Critical Juniper Networks PTX Flaw Allows Full Router Takeover
Juniper Networks disclosed a critical CVE‑2026‑21902 vulnerability in the On‑Box Anomaly Detection framework of its Junos OS Evolved running on PTX Series routers. The flaw lets an unauthenticated attacker reach a root‑level service over an external port, enabling full device...