Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
What Is Claude Code Security? The New Anthropic AI Tool that Wiped Billions Off Cybersecurity Stocks
Anthropic unveiled Claude Code Security, an AI‑driven tool that scans codebases for vulnerabilities and proposes patches. The system leverages the Claude Opus 4.6 model to reason about data flows and business‑logic errors, reducing false positives through multi‑stage verification. Its launch triggered a sharp sell‑off in cybersecurity stocks, with companies such as CrowdStrike, Okta, Cloudflare, SailPoint and Zscaler losing billions in market value. The product is currently offered as a limited research preview to enterprise and team customers.
CrowdStrike Hires Joe McPhillips
CrowdStrike appoints veteran Joe McPhillips as JAPAC SMB senior director after a year‑long sabbatical. McPhillips brings more than 30 years of cybersecurity experience, previously serving at SentinelOne, Cylance, Symantec, Intel Security, Riverbed and Commvault. He will build and scale the...
Cybersecurity Jobs Available Right Now: February 24, 2026
The February 24 2026 roundup highlights a surge of cybersecurity openings across North America, Europe, the Middle East, and Asia‑Pacific. Roles span application security, cloud security, product security, and OT/ICS specialties, with many positions emphasizing AI‑driven threat detection and zero‑trust architectures. Companies...
How Smarsh Built an AI Front Door for Regulated Industries — and Drove 59% Self-Service Adoption
Smarsh deployed an AI‑powered support agent, Archie, on Salesforce Agentforce 360 to create a unified front‑door for regulated‑industry customers. The system lets users describe needs in plain language, routing them to the right solution and reducing navigation friction. Early results...
Russia's Kaspersky Fights Western Sanctions
Kaspersky Lab faces a cascade of Western sanctions that have crippled its European and U.S. operations. Germany’s BSI warning has slashed German sales by roughly 80%, while the U.S. Treasury and Commerce departments have barred Kaspersky products and placed senior...
Nvidia Lines up Partners to Boost Security for Industrial Operations
Nvidia announced expanded partnerships with Akamai, Forescout, Palo Alto Networks, Siemens and Xage to embed AI‑driven security into operational technology (OT) and industrial control systems (ICS). Using Nvidia BlueField DPUs, the collaborations offload security workloads from host CPUs, enabling hardware‑isolated,...
All-in-One Open-Source DevSecOps Library for Production Stacks
𝗨𝗹𝘁𝗶𝗺𝗮𝘁𝗲 𝗗𝗲𝘃𝗦𝗲𝗰𝗢𝗽𝘀 𝗢𝗽𝗲𝗻-𝗦𝗼𝘂𝗿𝗰𝗲 𝗟𝗶𝗯𝗿𝗮𝗿𝘆✅ One repo covering: • SAST • DAST • Supply Chain • Kubernetes Security • Cloud Guardrails • Policy as Code • DevSecOps Tooling. If you want to understand real production DevSecOps stacks, this is worth saving. Comment “𝗗𝗲𝘃𝗦𝗲𝗰𝗢𝗽𝘀” & I’ll send...
Openclaw's Clever Design Masks Potential Negligence and Hidden ToS Breaches
Yikes. If this is true, then it’s both pretty ingenious and supremely negligent. I wonder what percentage of users have done a code audit of Openclaw. And what other fun ToS-voiding surprises lurk in there.
Government Looks to Clamp Down on Email Attachments Through ‘Cultural Change, Guidance and Technological Solutions’
The UK government’s Digital Service and Innovation Team (DSIT) is moving to curb the use of email attachments by civil servants, urging a shift to cloud‑based file sharing. Ministers highlighted that attachments increase human error and data‑loss risk, and new...
GyroidOS Virtualization Solution Aims to Secure Embedded Devices, Ease Cybersecurity Certification
GyroidOS, an open‑source multi‑architecture OS‑level virtualization platform maintained by Fraunhofer AISEC, isolates guest operating‑system stacks on a single Linux kernel using namespaces, cgroups and capabilities. The solution targets embedded devices and integrates hardware‑root‑of‑trust features such as secure boot, TPM‑linked disk...
Enhancing Security and Transparency: Introducing Private Notifications for Fastly Maintenance and Incidents
Fastly is rolling out private notifications for security‑related maintenance and incidents, delivered through an SSO‑protected status page and direct Slack alerts. The new system provides service‑specific, detailed updates that remain hidden from the public internet, mitigating information‑leak risks. Integration with...
Spammers Spoof UPS Number to Threaten Customers
Hey @UPS I think spammers are spoofing your number. Got a call from 800-742-5877, which is UPS but came up "SPAM" on iPhone. "Ronathan" claiming to be from UPS support wanted me to apologize for tweeting my package arrived late,...
Android Mental Health Apps with 14.7M Installs Filled with Security Flaws
Security firm Oversecured scanned ten Android mental‑health apps with more than 14.7 million combined installs and uncovered 1,575 vulnerabilities. The flaws include 54 high‑severity and 538 medium‑severity issues such as insecure intent handling, plaintext API keys, and weak random number generation....
More Than Dashboards: AI Decisions Must Be Provable
Enterprise leaders are demanding proof of what AI systems actually did, not just what they were designed to do or what dashboards report. As AI moves into regulated, high‑risk environments, boards and auditors expect decision‑level evidence for each action. The...
Sharon AI, Cisco and NVIDIA Bring AI Factory to Australia
Sharon AI, Cisco and NVIDIA are launching Australia’s first Cisco Secure AI Factory, a sovereign AI infrastructure that keeps data and processing within the country. The facility will run on Cisco UCS servers, Nexus Hyperfabric, and 1,024 NVIDIA Blackwell Ultra...
Microsoft Quietly Changed How BitLocker Works — and It Could Lock You Out of Your Own PC
Microsoft’s Windows 11 24H2 update now activates BitLocker automatically during the out‑of‑box experience when a Microsoft account, TPM 2.0, and Secure Boot are present. The encryption starts silently, using the same engine as the Pro‑only BitLocker but without visible controls on Home devices. Because...
Spain Arrests Suspected Hacktivists for DDoSing Govt Sites
Spanish Civil Guard arrested four alleged members of the hacktivist group Anonymous Fénix, accused of orchestrating DDoS attacks on government ministries, political parties, and public institutions in Spain and South America. The campaign intensified after the October 2024 Valencia floods, with...
_roibu_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
Iran‑linked APT MuddyWater has escalated its campaign, dubbed Operation Olalampo, against organizations in the Middle East and Africa. The group continues to rely on spear‑phishing but also began exploiting public‑facing servers, delivering several previously unseen malware strains such as the...
Your Home Assistant Notifications Aren't as Private as You Think
Home Assistant’s mobile app sends push notifications through Google’s Firebase Cloud Messaging (FCM), meaning the message payload is unencrypted while on Google’s servers. This applies to both Android and iOS devices, as Home Assistant cannot directly access Apple’s push service....
Enigma Cipher Device Still Holds Secrets for Cyber Pros
The Enigma cipher machine, originally built in 1918 and later adapted by the Nazis, saw only a few hundred surviving units out of an estimated 35,000‑40,000 produced. Historian‑turned‑cybersecurity expert Marc Sachs will discuss the device’s historic failures at RSAC 2026, highlighting...
Conduent Breach Surges to Over 25M, Could Be Largest in US History
The cyberattack on government services firm Conduent, first disclosed in January 2025, has swelled to affect more than 25 million Americans, making it potentially the largest U.S. data breach on record. Texas alone accounts for 15.4 million impacted residents, while other states...
APT28 Targeted European Entities Using Webhook-Based Macro Malware
Russia‑linked APT28 launched Operation MacroMaze, a campaign against Western and Central European entities from September 2025 through January 2026. The attackers delivered spear‑phishing documents containing a macro that calls a webhook.site URL, acting as a tracking‑pixel to verify document opening. The macro drops...
600+ FortiGate Devices Hacked by AI-Armed Amateur
A financially motivated, Russian‑speaking threat actor used generative AI services to compromise more than 600 Fortinet FortiGate firewalls worldwide between January and February. The campaign avoided exploiting software vulnerabilities, instead leveraging exposed management ports and reused credentials with single‑factor authentication,...
AI Governance and Cybersecurity Frameworks at Virtual Summit
I'm excited to be speaking today at the Virtual AI Summit on the cybersecurity implications of AI! I'll be talking about practical frameworks for AI deployment and oversight. If AI is on your roadmap, governance join me there today: https://buff.ly/6C9RTgu
Forescout Partners with E-ISAC to Bring Threat Intelligence and Research to North American Utilities
Forescout Technologies has become a vendor affiliate of the North American Electricity Information Sharing and Analysis Center (E‑ISAC), extending its threat‑intelligence sharing to U.S. utilities and grid operators. Through its Vedere Labs research unit, the company will feed cyber and...
Anthropic Accuses Deepseek, Moonshot, and MiniMax of Stealing Claude's AI Data Through 16 Million Queries
Anthropic has uncovered a coordinated distillation attack by three Chinese AI labs—Deepseek, Moonshot AI, and MiniMax—targeting its Claude model. Over 24,000 fabricated accounts generated more than 16 million queries to extract reasoning, programming, and tool‑usage capabilities. The labs employed proxy services...
You Need a Separate Network to Protect Yourself From Your Smart Devices
Smart devices and IoT gadgets are rarely patched, leaving them vulnerable to malware such as Mirai. These products, from smart TVs to internet‑connected cameras, routinely harvest user data and can be hijacked to spy or launch attacks. Security experts recommend...
FFXI and FFXIV Square Enix Account Security Question and Answer Removed
Square Enix announced that the security question and answer tied to Square Enix Accounts for Final Fantasy XI and Final Fantasy XIV will be retired on February 24, 2026. Players will not need to remember or re‑enter this credential, and...
Seena Labs Defends Against LLM Prompt Injection Attack
Very proud moment of our architecture so far at Seena Labs. We got someone asking the Seena interviewer agent to reveal some code and attack us and this was Seena's response. If anyone has good advice/ resources on how to...
Why Red Teaming Is Vital for Health Systems, and Not Just for Cybersecurity
Red‑team exercises simulate real cyber‑attacks to test how healthcare organizations respond under pressure. Pieter Ceelen of Fortra explains that these engagements uncover hidden vulnerabilities such as credential sharing, unpatched legacy medical IoT, and unclear emergency procedures like shutting down internet...
AI Boosts Cybersecurity, Yet Humans Remain Essential
Simple analogy on AI and cybersecurity. Security has never been solely a technology problem - it's largely a people problem. Complexity of business integration, misconfigurations, legacy systems, business transformations, M&As, etc. are all part of this industry we call cybersecurity. I can't remember...
Google, Apple Start Testing Encrypted RCS on Android and iOS 26.4
Google and Apple announced that encrypted Rich Communication Services (RCS) messaging is now in beta testing between Android and iPhone devices. The feature leverages the GSMA RCS Universal Profile and provides end‑to‑end encryption, visible as a lock icon in both...
Ad Tech Firm Optimizely Confirms Data Breach After Vishing Attack
Optimizely, a New York‑based ad‑tech firm, disclosed a data breach after a sophisticated voice‑phishing (vishing) attack on February 11. Threat actors accessed the company’s CRM and other internal business systems, extracting only basic contact information and not sensitive customer data. The...
Multiple Zero-Day Flaws in PDF Platforms Enable XSS and One-Click Attacks
Researchers at Novee Security uncovered 13 vulnerability categories and 16 zero‑day flaws across Foxit and Apryse PDF platforms, including critical XSS and OS command injection bugs. Using a human‑agent AI swarm, they rapidly identified high‑impact issues such as one‑click attacks...
Mobile Networks Face New Cellular UAV Exploitation Risks
Operation Spiderweb in June 2025 demonstrated how Ukrainian forces hijacked Russian mobile networks to control and stream data from drones, disabling about 20 aircraft. The incident exposed a growing vulnerability as 4G/5G standards now embed native drone support, allowing off‑the‑shelf...
EP264 Measuring Your (Agentic) SOC: Two Security Leaders Walk Into a Podcast
In this episode, Tim Peacock and Anton Chuvakian host Alex Pabst, Deputy CISO at Allianz, and Mike Sinnoh, Director of Detection & Response at Google, to discuss evolving SOC metrics in the age of AI and automation. They critique traditional...
Energy Department Patched Flaws Enabling Email Impersonation in Critical Minerals System
The U.S. Energy Department patched an identity‑verification flaw in its critical minerals portal that let outsiders register with email addresses mimicking official energy.gov accounts. Security researcher Ronald Lovelace uncovered the issue using subdomain enumeration and reported it through the department’s...
Know What Security Tools Access Before They Exploit You
Until it hacks everyone’s GitHub accounts and wipes out all their IP. Be careful with tools like this. Make sure you understand what it can access and what it can do. Understand where it is sharing your code and storing...
Granting OpenClaw Admin Email Access Invites Disaster
If you give OpenClaw access to your everyday machine, w/ admin privileges on your email, I would expect frustrating outcomes in the best case scenario, embarrassing email blunders in the average case, & catastrophic/mortifying situations in the worst case scenario...
Belgian Centre for Cybersecurity Reports Significant Phishing Scams
Belgium’s Centre for Cybersecurity recorded a sharp rise in phishing complaints, logging 226 reports in Q4 2025 and 106 in January 2026. Scammers frequently masquerade as police or representatives of telecom and banking firms such as Proximus, Argenta, and Card...
From Blocking Bots to Trusting Agents: Visa‑Akamai Solution
AI agent traffic nearly tripled in a year. 25Billion bot requests in 2 months. The question is no longer how to block bots — it's how to trust them. Visa + Akamai are building the answer. "What it takes to secure...
Demand UK Digital Sovereignty
The Open Rights Group is urging the UK government to adopt a digital sovereignty strategy that reduces reliance on foreign tech giants such as Amazon, Microsoft, Google and Palantir. It argues that over‑dependence creates strategic fragility, citing the Trump‑ordered shutdown...
Shai-Hulud-Like Worm Targets Developers via Npm and AI Tools
Security researchers have uncovered a supply‑chain worm, dubbed SANDWORM_MODE, spreading through at least 19 malicious npm packages that employ typosquatting. The malware not only steals developer and CI credentials but also injects rogue servers into AI coding assistants such as...
US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach
Healthcare diagnostics firm Vikor Scientific, now operating as Vanta Diagnostics, disclosed a data breach affecting nearly 140,000 individuals. The breach was traced to Catalyst RCM, a revenue-cycle‑management vendor, whose compromised credentials allowed the Everest ransomware group to exfiltrate roughly 12 GB...
UIB to Strengthen Cyber Insurance Capabilities with CyberCube Partnership
United Insurance Brokers Limited (UIB) has partnered with cyber‑risk analytics firm CyberCube to bolster its cyber insurance offering. UIB will deploy CyberCube’s Broking Manager and Prep Module, giving its global practice data‑driven exposure insights. The collaboration targets accelerated growth in...
OpenAI Aims for Stablecoin Market With New EVMbench
OpenAI unveiled EVMbench, an open‑source benchmark that tests AI agents' ability to spot and exploit smart‑contract flaws. The tool draws on 120 vulnerabilities from 40 audits, including scenarios from Stripe‑backed Tempo blockchain, and was released in partnership with crypto investor...
Defense in Depth: Evaluate Auth with Password + Yubikey
Questions to ask when evaluating an authentication mechanism 🔒 Why I still use a password with a Yubikey, not a passkey or a pin Why I dislike the device code flow with a browser How lack of segregation facilitated a Microsoft breach. Defense...
Security Flaw Lets Hacker Commandeer 6,700 Robot Vacuums
User accidentally gains control of over 6,700 robot vacuums while tinkering with their own device to enable control with a PlayStation controller — security flaw reveals floor plans and live video feeds https://t.co/G8sfl730OU
Liminal Expands To MSPs With Secure, Multi-Model AI Platform
Liminal, previously focused on enterprise customers, is extending its secure, multi‑model AI platform to managed service providers (MSPs) targeting small‑ and medium‑size businesses (SMBs). The platform consolidates access to leading large language models—including OpenAI, Anthropic, Google and Perplexity—while sanitizing sensitive...
Supply Chain Cyber Risk Strategies Shift Toward Resilience
Supply chain cyber risk is moving from a pure prevention mindset to a resilience‑first strategy. Third‑party exposure dominates, with 61% of firms reporting a supplier breach in the past year, prompting tighter transparency and governance. AI accelerates both attacks—often under...