🎯Today's Cybersecurity Pulse
Updated 55m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 15, 2026
How Are NHIs Ensuring Protected Data Exchanges in Financial Services?
The episode explores how Non‑Human Identities (NHIs), or machine identities, are essential for securing protected data exchanges in financial services. It explains the lifecycle of NHIs—from discovery and classification to secret rotation and decommissioning—and why holistic management platforms outperform point solutions like secret scanners. Key benefits highlighted include reduced breach risk, improved regulatory compliance, operational efficiency, and cost savings, especially for DevOps and SOC teams operating in cloud environments. The discussion also addresses challenges such as complex permissions, lifecycle oversight, and cross‑team coordination, and recommends automation, continuous training, and integration with existing security tools.
By Security Boulevard
Blog•Feb 15, 2026
Dutch Defence Secretary Boldly Claims F-35 Software Could Be ‘Jailbroken’
Dutch Defence Secretary Gijs Tuinman told Dutch radio that the F‑35’s software could potentially be “jailbroken,” hinting at a future where the Netherlands might operate the jet without U.S. approval. He stopped short of confirming any concrete plan, noting the...
By The Aviationist
Social•Feb 15, 2026
DIY BLE Test Achieves 800‑Foot Range with Omni Antenna
My hack job of testing distance and range of BLE devices. Light enough to get lift with the drone still with an amplifier, high gain antenna, gps - and a mini computer. It’s all I had sitting around the shelves...
By Dave Kennedy
News•Feb 15, 2026
The Year Ahead: 2026 Cybersecurity Predictions for the Hotel Industry
Hospitality cyber risk escalates in 2026 as AI-driven phishing, ransomware‑as‑a‑service, and deepfake fraud target increasingly connected hotel environments. Regulatory pressure intensifies with the EU’s NIS2 directive and Cyber Resilience Act, forcing global compliance and tighter insurance terms. Smart‑room IoT devices...
By Hotel Business
Social•Feb 15, 2026
Modern Bluetooth Pacemakers Continuously Broadcast When Disconnected
Regarding this, there was a couple questions on does the pacemaker continue to advertise - most BLE implantable devices go into a sleep type mode. In this case, we are lucky - it does not. We know based on law enforcement...
By Dave Kennedy
Social•Feb 15, 2026
Government Claim to Crack RSA 2048 Raises Skepticism
If someone tells me on The Post-Quantum World that the government cracked RSA 2048, I will certainly have a followup question.
By Konstantinos Karagiannis
News•Feb 15, 2026
CTM360: Lumma Stealer and Ninja Browser Malware Campaign Abusing Google Groups
CTM360 uncovered an active campaign that hijacks more than 4,000 Google Groups and 3,500 Google‑hosted URLs to distribute credential‑stealing malware. The threat actors deliver Lumma Info‑Stealer to Windows devices and a trojanized “Ninja Browser” to Linux systems, embedding organization‑specific keywords to boost...
By BleepingComputer
Social•Feb 15, 2026
Math's Impartial Power Powers ZK‑STARK Integrity
Math is the ultimate equalizer. It doesn’t bend based on who uses it. It doesn’t care who you are or how loud you shout. ZK-STARKs use math to verify integrity. They work the same whether operated by Darth Vader or Luke Skywalker.
By Eli Ben-Sasson
News•Feb 15, 2026
What Are the Impacts of GNSS Outages?
Global Navigation Satellite System (GNSS) outages are emerging as a systemic risk for modern infrastructure, affecting both positioning and, critically, precise timing. Interference such as jamming and spoofing can disrupt multiple constellations simultaneously, while system‑level faults can degrade services worldwide....
By New Space Economy
Blog•Feb 14, 2026
Clustrauth API by Smart Banner Hub Offers Quantum-Safe Document Authentication with Flexible Pricing
Smart Banner Hub introduced the Clustrauth API, a REST service that provides NIST FIPS 204‑compliant, quantum‑safe document signing using a hybrid Ed25519 and ML‑DSA signature scheme. The API allows developers to sign files up to 50 MB with three lines of code...
By Quantum Zeitgeist
News•Feb 14, 2026
Nevada Unveils New Statewide Data Classification Policy Months After Cyberattack
Nevada’s Governor’s Technology Office unveiled a statewide data classification policy, introducing four distinct categories—public, sensitive, confidential, and restricted. The initiative follows a costly ransomware attack that disrupted state systems and cost roughly $1.5 million in response. Agencies must now assign a...
By DataBreaches.net
Blog•Feb 14, 2026
EDPB and EDPS Weigh In on the Digital Omnibus: Personal Data, Breach Reporting, and AI Governance
The European Data Protection Board and the European Data Protection Supervisor issued a joint opinion on the EU’s Digital Omnibus, endorsing its goal to ease administrative burdens while flagging key concerns. They warn that a narrower, controller‑specific definition of personal...
By ComplexDiscovery
Social•Feb 14, 2026
Iran Deploys Phone Tracking, Threatens Starlink Users
Iran Turns to Digital Surveillance Tools to Track Down Protesters @nytimes https://t.co/7JUt5gcTW3 Iran's government most likely tracked the protesters through location data emitting from their phones, researchers later concluded. The move was part of a new phase by the authorities to...
By John Spencer
Social•Feb 14, 2026
Government KYC Push Threatens App Privacy, Users May Flee
Government push for AML/KYC on apps is alarming. Requiring biometrics and IDs for every request erodes privacy. While ZK solutions could help, mass data harvesting is a real concern. If KYC hits platforms like Discord, we will simply migrate. #Privacy...
By Ivan on Tech
News•Feb 14, 2026
Snail Mail Letters Target Trezor and Ledger Users in Crypto-Theft Attacks
Physical letters masquerading as official communications from Trezor and Ledger are being used to lure hardware‑wallet owners into scanning QR codes that lead to counterfeit setup sites. The sites prompt victims to enter their 12‑, 20‑, or 24‑word recovery phrases...
By BleepingComputer
Social•Feb 14, 2026
Privacy Is a Year‑round Leadership Responsibility, Not a Weekly Event
RT Data Privacy Week is over. Lawsuits, breaches, and AI experiments don't pause the other 51 weeks of the year. Privacy is now a leadership accountability issue, not a back office task. #CIO #CMO #CISO #DataPrivacy @Star_CIO https://t.co/Naq82FuMWZ
By Isaac Sacolick
News•Feb 14, 2026
Guernsey Medical Practice Sanctioned After Cyber Criminals Access Patient Data Through Email Account
Guernsey’s Data Protection Authority has sanctioned First Contact Health after a phishing attack compromised an employee’s email, exposing confidential patient data. The breach was discovered by the practice, which reported it to authorities, but regulators found the organization lacked adequate...
By DataBreaches.net
Social•Feb 14, 2026
QLDPC Cuts RSA‑2048 Attack to 100k Qubits
QLDPC for the win (and also a little bit scary) work by @IcebergQuantum reducing physical qubits to break RSA-2048 to only 100,000 which we probably aren’t that far away from. we aren’t ready for this. https://t.co/DUJQCeG72E
By Nick Farina
News•Feb 14, 2026
New “Kurd Hackers Forum” Focuses on Middle Eastern Data Breaches and Leaks
A new online community called the Kurd Hacker Forum has emerged, focusing on data breaches across Iran, Syria, and Turkey. The clear‑net site, registered on Jan 28 2026, mirrors the layout of BreachForums and hosts threads in English and Kurdish. It currently...
By DataBreaches.net
Social•Feb 14, 2026
15 Minutes, Terminal Power Reveal OS X Implant
Decided to try Claude by revisiting a malware analysis project that I originally presented at @objective_see in 2021: the CIA's OS X implant called Green Lambert. It's amazing what you can do with a terminal and ~15 min of free...
By Runa Sandvik
News•Feb 14, 2026
Indian Pharmacy Chain Giant Exposed Customer Data and Internal Systems
India’s largest pharmacy chain, DavaIndia, part of Zota Healthcare, suffered a critical security breach that gave unauthenticated attackers full administrative control of its platform. The flaw exposed roughly 17,000 online orders and allowed manipulation of product listings, pricing, and prescription...
By TechCrunch (Cybersecurity)
News•Feb 14, 2026
CISA Adds SolarWinds, Microsoft, Apple, Notepad++ Vulnerabilities to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, covering SolarWinds Web Help Desk, Microsoft Configuration Manager, Apple operating systems, and Notepad++. The SolarWinds flaw (CVE‑2025‑40536) and the Microsoft SQL‑injection...
By SC Media
News•Feb 13, 2026
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
Zscaler announced the acquisition of Singapore‑based startup SquareX, adding its Chromium‑based browser extension to the Zero Trust Exchange platform. SquareX’s browser detection and response (BDR) technology provides real‑time threat detection inside browsers on managed and personal devices. The deal, closed...
By Dark Reading
News•Feb 13, 2026
Attribution of Sprawling Cyberespionage Campaign Allegedly Held Back Amid China Retaliation Fears
Palo Alto Networks' Unit 42 researchers linked the sprawling TGR‑STA‑1030 cyberespionage campaign to an Asian state‑aligned group, but chose not to publicly attribute it to China. Sources say the decision was driven by fears of retaliation, as Palo Alto's security software...
By SC Media
News•Feb 13, 2026
Google Gemini Weaponized in State-Sponsored Attacks
Google’s Gemini large‑language model is being weaponized by multiple state‑sponsored threat actors, according to the Google Threat Intelligence Group. North Korean UNC2970 and several Chinese groups such as Mustang Panda, Judgment Panda, APT41 and UNC795 are using Gemini for rapid...
By SC Media
News•Feb 13, 2026
Fintech Lending Giant Figure Confirms Data Breach
Fintech lender Figure Technology confirmed a data breach after an employee fell for a social‑engineering attack, allowing the hacking group ShinyHunters to exfiltrate roughly 2.5 GB of customer files. The leaked data includes full names, home addresses, dates of birth and...
By TechCrunch Fintech
News•Feb 13, 2026
From Perimeter to Protocol: Reducing Telecom Attack Surface with Privacy-First Mobile Technology
Telecom operators are confronting nation‑state campaigns such as Salt Typhoon and Volt Typhoon that exploit signaling and subscriber identity systems, rendering traditional perimeter defenses inadequate. In a briefing hosted by the Institute for Critical Infrastructure Technology, experts advocated privacy‑first mobile‑carrier...
By SC Media
News•Feb 13, 2026
Sex Toys Maker Tenga Says Hacker Stole Customer Information
Japanese sex‑toy manufacturer Tenga disclosed a data breach after a hacker accessed a staff member’s professional email account, potentially exposing customer names, email addresses, and order details. The intrusion allowed the attacker to view historical correspondence and send spam to...
By TechCrunch (Cybersecurity)
Social•Feb 13, 2026
Boards Must Prioritize Cyber‑Risk Oversight, Says Expert
My comments on the role of corporate boards in overseeing the management of cyber-risk. In today's New York Post. Link on my website... Type JS.TC into any web browser.
By Joseph Steinberg
Social•Feb 13, 2026
Cross‑platform Tool Scans Bluetooth, Resolves Private Addresses
Just released a new tool that scans for Bluetooth devices including Bluetooth Low Energy (BLE) devices. It will scan for all, filtered by MAC, or if you have the Identity Resolving Keys (IRK), can be used to determine the Resolvable...
By Dave Kennedy
News•Feb 13, 2026
1,800+ Windows Servers Hit by BADIIS SEO Malware
Elastic researchers uncovered a large‑scale SEO poisoning campaign that has compromised more than 1,800 Windows servers running Microsoft IIS. The BADIIS malware installs as a native IIS module, intercepting crawler traffic and injecting malicious backlinks to promote illicit gambling and...
By eSecurity Planet
Social•Feb 13, 2026
Quantum Computing Threatens Private Encrypted Data, Experts Warn
I asked what else quantum could break @ChrisPeikert pointed out that we are overlooking the potential impact on our private encrypted data 👇 https://t.co/bFsCVAR5YD
By Laura Shin
Social•Feb 13, 2026
AI Threatens Cryptography, Potentially Faster Than Quantum
So apparently quantum isn't even the only thing we should be worried about?? 😅 AI could break cryptography too?? and possibly even faster than quantum @drakefjustin 👇 https://t.co/eeeNgYWKwx
By Laura Shin
News•Feb 13, 2026
What You Need to Know About GSA's New CUI Security Framework
In early 2026 the General Services Administration issued CIO‑IT Security‑21‑112 Revision 1, a procedural guide that shifts CUI contractor verification to a NIST Risk Management Framework (RMF) model rather than the DoD’s Cybersecurity Maturity Model Certification (CMMC). The guidance mandates case‑by‑case...
By Washington Technology
Social•Feb 13, 2026
China's Expedition Cloud Trains Hackers on Replica Critical Networks
Leaked files detail a training platform called "Expedition Cloud" that is designed to allow China's hackers to practice hacking critical infrastructure of China’s opponents in South China Sea and Indochina region using replicas of those networks https://t.co/jbJhbj9JRi
By Kim Zetter
Social•Feb 13, 2026
Top 50+ AI Governance Predictions Leaders Must Prioritize
Digital transformation is hitting a new phase. These 50+ expert predictions on agentic AI, governance, and security outline what leaders must prioritize now. #DigitalTransformation #AI #CISO https://t.co/zhlbEwiusI
By Isaac Sacolick
News•Feb 13, 2026
Network Jobs Watch: Hiring, Skills and Certification Trends
Network and infrastructure roles are rapidly evolving as AI‑driven automation, multicloud, and zero‑trust solutions gain traction. Recent Foote Partners data show a 1.9% decline in pay premiums for traditional network administration, while network architecture commands an 18% premium and AI‑related...
By Network World (sitewide)
News•Feb 13, 2026
IT Bonuses Reward Network, Security Skills that Can’t Be Automated
Foote Partners’ Q4 2023 IT Skills and Certifications Pay Index reveals that premium pay is shifting from routine, execution‑level tasks to high‑order engineering, architecture, and risk‑ownership roles. Security‑focused skills such as risk analytics, security architecture, and threat detection command cash...
By Network World (sitewide)
Social•Feb 13, 2026
Key Cybersecurity Essentials for Customer-Facing Platforms
Securing The Front Line: #Cybersecurity Essentials For Customer-Facing Platforms - B2B Marketing Blog | Webbiquity - https://t.co/zi7jypeOqC
By Tom Pick
News•Feb 13, 2026
NAVWAR Cyber Directorate’s Mission to Secure, Survive, Comply
The Naval Information Warfare Systems Command (NAVWAR) created a new cyber directorate last August to centralize its cybersecurity efforts. The directorate targets three pillars—zero‑trust adoption, secure software development, and cutting‑edge defensive technologies—while automating risk‑management framework (RMF) compliance. By feeding feedback...
By Federal News Network
News•Feb 13, 2026
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
Microsoft faces mounting pressure as ransomware groups increasingly leverage bring‑your‑own‑vulnerable‑driver (BYOVD) attacks to neutralize endpoint security tools. While Windows has introduced driver signing enforcement and a vulnerable driver blocklist, legacy compatibility rules allow drivers with expired or revoked certificates to...
By Dark Reading
News•Feb 13, 2026
Navy Installations Shift to Continuous Cybersecurity Model
The U.S. Navy is moving to a continuous cybersecurity model that relies on artificial intelligence to detect and mitigate threats in real time. Navy Installations Command (CNIC) is replacing its legacy risk‑management framework with the Cybersecurity Risk Management Construct, emphasizing...
By GovernmentCIO Media & Research
News•Feb 13, 2026
Cyberintelligence Institute Launches CYROS App to Warn Against Cyber Threats
The Cyberintelligence Institute (CII) has released CYROS, a free smartphone app that warns users of emerging cyber threats such as ransomware, phishing, and digital sabotage. The platform aggregates alerts from Germany's Federal Office for Information Security, consumer‑protection groups, and security...
By SC Media
News•Feb 13, 2026
What Interoperability in Healthcare Really Means for Security and Privacy
Healthcare interoperability is accelerating data exchange among hospitals, labs, insurers and pharmacies, but each connection expands the sector's attack surface. Misconfigured integrations, outdated protocols and weak identity controls can leak sensitive patient records, turning routine sharing into a security liability....
By HackRead
News•Feb 13, 2026
NATO Must Impose Costs on Russia, China over Cyber and Hybrid Attacks, Says Deputy Chief
At the Munich Cyber Security Conference, NATO Deputy Secretary General Radmila Shekerinska warned that the alliance must make cyber and hybrid attacks by Russia and China more costly. She cited a December cyber‑attack on Poland’s energy infrastructure as a recent...
By The Record by Recorded Future
Social•Feb 13, 2026
9 Unvarnished Cybersecurity Truths CIOs Must Confront
Beyond the Hype: 9 Cybersecurity Realities CIOs Must Face at RSAC 2026 #CIO #Cybersecurity #RSAC #RSAC2026 #AI https://t.co/l36K8t0RcX
By Tim Crawford
News•Feb 13, 2026
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Google Threat Intelligence Group disclosed a coordinated campaign by state‑sponsored actors from China, Iran, Russia and North Korea targeting the defense industrial base. The operations concentrate on battlefield technologies used in the Russia‑Ukraine war, recruitment‑process infiltration, edge‑device entry points, and...
By The Hacker News
Podcast•Feb 13, 2026•0 min
Episode 12 - Domain OSINT, Building Methods, and Turning Intelligence Into Products
In Episode 12, host Jake Creps breaks down Domain OSINT, demonstrating how a single URL can reveal ownership, infrastructure, intent, and related activity using free tools like WHOIS, DNS enumeration, and reverse IP searches. He illustrates the process with a...
By The OSINT Newsletter
News•Feb 13, 2026
China May Be Rehearsing a Digital Siege, Taiwan Warns
Taiwan’s senior security adviser warned that China is using a secret cyber‑training platform called "Expedition Cloud" to simulate attacks on critical infrastructure. The platform creates digital twins of power grids, transport and communications networks, allowing Beijing’s teams to rehearse disruptive...
By The Record by Recorded Future
News•Feb 13, 2026
SMART Toolkit Helps Map Healthcare Cyber Risk
Intermountain Health’s chief information security officer Erik Decker unveiled the SMART toolkit, a framework that maps an organization’s critical clinical and administrative functions to assess cyber‑risk exposure. The tool helps leaders identify which services must remain operational during a breach...
By MobiHealthNews (HIMSS Media)