Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Using AI to Generate Passwords Is a Terrible Idea, Experts Warn
Cybersecurity firm Irregular found that popular AI chatbots such as ChatGPT, Claude, and Google Gemini generate highly predictable passwords with low entropy. Tests showed repeated strings and narrow character selection, yielding only about 27 bits of entropy for a typical 16‑character password. Experts warn that relying on AI for password creation is a risky practice that can be cracked in seconds. The firm recommends using approved password managers and multi‑factor authentication instead.
PromptSpy Ushers in the Era of Android Threats Using GenAI
ESET researchers have identified PromptSpy, the first Android malware that leverages Google’s Gemini generative AI to maintain persistence on infected devices. The AI receives a real‑time XML snapshot of the screen and returns JSON‑formatted tap instructions, allowing the app to...
USB Drives and the Hidden Front Door Into Secure Systems for Startup Security
Removable media remains a critical attack vector despite the rise of cloud‑based file sharing. Recent Honeywell research shows USB drives are increasingly used to deliver malware in industrial environments, and historic incidents like Stuxnet illustrate how air‑gapped networks can be...
Why Traditional Upskilling Strategies Fall Short in Cybersecurity
Traditional cybersecurity upskilling programs are losing relevance as threats and technologies evolve rapidly. Ha Hoang, CIO of Commvault, argues that organizations now need hybrid talent that blends security fundamentals with automation, cloud, and data‑governance expertise. Conventional certification‑centric paths are too...
How the Cybersecurity and Resilience Bill Could Impact MSPs
The UK Cybersecurity and Resilience Bill (CSRB) cleared its first two parliamentary readings, extending the 2018 NIS Directive to cover Managed Service Providers (MSPs) with at least 50 employees and €10 million turnover—roughly 1,100 firms. The legislation forces these MSPs to...
Why Stack Overflow and Cloudflare Launched a Pay-per-Crawl Model
In this episode, Stack Overflow’s Janice Manningham and Josh Zhang chat with Cloudflare VP Will Allen about the newly launched pay‑per‑crawl model that lets publishers charge crawlers for access. They explain how AI‑driven content scraping has upended the traditional open‑versus‑block...
Paytently Strengthens Regulatory Compliance and Fraud Defence with SEON Partnership
Paytently, a Malta‑licensed payment institution, announced a partnership with fraud‑prevention specialist SEON to embed the latter’s command‑centre technology into its orchestration platform. The integration brings real‑time AML screening, risk scoring, device intelligence and centralized case management to the core of...
Is Poshmark Safe? How to Buy and Sell without Getting Scammed
Poshmark, a leading social‑commerce app for fashion and home goods, is attracting a surge of fraud as the broader $1.1 trillion industry expands. Its 20 % commission on items over $15 pushes users to negotiate off‑platform, exposing them to phishing, counterfeit, and...
Cyber Risk Management In Remote-First Environments
Executive-led cyber risk management has shifted from traditional IT‑centric frameworks to a leadership‑first model that aligns digital hygiene with corporate governance. In remote‑first environments, the loss of a centralized perimeter expands the attack surface, making every executive login a potential...
More Than 40% of South Africans Were Scammed in 2025
South Africa experienced a staggering 77% scam victimization rate in the 12 months to early 2025, with 42% of adults losing money, averaging $130 per incident. GASA estimates scammers extracted roughly $2.3 billion from over 17.5 million South Africans, equating to about...
Advantest Cyberattack Triggers Ransomware Investigation Across Internal Network
Advantest Corp., a Tokyo‑listed semiconductor test equipment maker, disclosed a cyberattack that surfaced on February 15, when unusual activity triggered its incident‑response protocols. Preliminary analysis suggests an unauthorized third party infiltrated parts of the internal network and deployed ransomware, prompting...
Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox V147
Mozilla released an out‑of‑band update, Firefox v147.0.4, to fix a high‑severity heap buffer overflow in the libvpx video codec (CVE‑2026‑2447). The flaw, discovered by researcher jayjayjazz, could allow attackers to execute arbitrary code by delivering crafted VP8/VP9 video streams. Parallel patches...
The Voice on the Other End.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan examine a wave of social engineering attacks, including a sophisticated phishing campaign that dupes Apple Pay users via fake emails and voice calls, Australia’s ClickFit initiative exposing romance scams,...
Singapore Warns That Vulnerabilities Span the Entire Space Value Chain
Singapore has launched its National Space Agency and warned that cyber‑vulnerabilities permeate every stage of the space value chain, from satellites to ground networks. The February 2022 KA‑SAT attack, which knocked out communications and energy services across Europe, underscored the systemic...
South Africa’s Cybersecurity Challenge Is Not a Tool Problem
South African enterprises are pouring significant budgets into cybersecurity tools, yet breach rates keep rising. The core issue is execution: security teams are overwhelmed by data and lack the capacity to turn visibility into action. Unified platforms like Rapid7’s Command...
Agentic AI Era: Cloud Security Shifts From Asset Protection to Identity-First Zero Trust
At the ETCIO Cloud Summit, leaders from Starbucks India and Jio argued that cloud security must shift from protecting static assets to continuously validating identities, especially as AI agents and autonomous workloads proliferate in hybrid environments. They emphasized that bots,...
Agent Identities Demand New Sandboxing and Access Controls
Agent identities is going to be a super fun and hard problem for software in the coming years. Most agentic systems today assume that the agent can do everything the user can do, and just operate as an extension of...
Automated GuardDuty Feature Audit and Enablement in Hours
Vibe coded 🤖 a script to list which AWS GuardDuty features are enabled in minutes. Took 15-30 minutes to correct it. The script to enable disabled features, sub features, and create an s3 malware scan plan took about two hours. See blog...
Remote Access Abuse Drives Majority of Breaches
Arctic Wolf’s 2026 Threat Report reveals a dramatic shift toward data‑only extortion, which surged from 2% to 22% of incidents in 2025. Remote‑access tool abuse initiated 65% of non‑BEC breaches, while AI‑enhanced phishing powered 85% of BEC attacks. Ransomware remains common,...
From Acceleration to Exposure: Why AI Demands Mature AppSec
AI‑driven development is dramatically speeding code creation, reviews and releases, but application security (AppSec) has not kept pace. Autonomous AI actions now make decisions on dependencies, configurations and remediation, turning isolated flaws into system‑wide risks. When AppSec foundations are immature,...
UL Solutions Sets New Solar Inverter Cybersecurity Standard
UL Solutions develops new standard for solar inverter cybersecurity #energysky -- via Solar Power World: https://t.co/TvHlobdGEg
Smashing Security Podcast #455: Face Off: Meta’s Glasses and America’s Internet Kill Switch
In episode 455 of the Smashing Security podcast, host Graham Cluley and journalist James Ball examine the growing threat of tech sovereignty, questioning whether the United States could effectively shut down Europe’s internet by leveraging Gmail, cloud services, and critical infrastructure. They also...
Track Vulnerability Remediation with the Updated GitLab Security Dashboard
GitLab’s updated Security Dashboard, now in the 18.9 release, adds advanced filters and visualizations that let teams track vulnerability trends, remediation velocity, and risk scores across projects and groups. The dashboard calculates risk using vulnerability age, EPSS, and KEV data,...
Control, Alt, Influence: The Potential for US Cyber Operations in Iran
U.S. policymakers are weighing offensive cyber operations against Iran if diplomatic talks on the nuclear program collapse, positioning cyber as a central element of joint military action rather than a peripheral tool. Recent Senate testimony and statements from US Cyber...
N-Able Inc (NABL) Q4 2025 Earnings Call Transcript
N‑Able reported Q4 2025 revenue of $130 million, a 12% year‑over‑year increase, and ended the year with $540 million in annual recurring revenue, up 12% on a reported basis. Non‑GAAP adjusted EBITDA held steady at a 30% margin, while dollar‑based net revenue retention...
Josh Aaron: The Hidden Technology Risk Law Firms Can No Longer Treat as Background Noise
Law firms are increasingly confronted with demanding security questionnaires from Fortune 500 clients, requiring verifiable endpoint protection within tight deadlines. Many firms still rely on manual or semi‑automated processes, leaving gaps in device visibility and patch compliance. This lack of...
Tech Firms Must Remove ‘Revenge Porn’ in 48 Hours or Risk Being Blocked, Says Starmer
The UK government will amend the Crime and Policing Bill to require tech platforms to delete non‑consensual intimate images, including AI‑generated deepfakes, within 48 hours of notification. Enforcement will be handed to Ofcom, which can levy fines up to 10%...
Nigerian Man Sentenced to Eight Years in Prison for Computer Intrusion and Theft
A Nigerian national living in Mexico was sentenced to eight years in federal prison and ordered to pay $1.39 million in restitution for a five‑year scheme that compromised Massachusetts tax‑preparation firms. Using phishing emails and Warzone RAT malware, he harvested taxpayer...
French Ministry Confirms Data Access to 1.2 Million Bank Accounts
The French Economy Ministry disclosed that a hacker used stolen government credentials to view data from 1.2 million bank accounts across the country. The breach, detected in late January, exposed personal details such as names, addresses, account numbers and, in some...
Sumo Logic Moves Into Sovereign Cloud Regions in Europe
Sumo Logic announced the extension of its cloud‑native analytics platform into the AWS European Sovereign Cloud and an AWS data center in Switzerland. The move lets customers keep logs, telemetry, and security data within national borders, satisfying GDPR and other...
AI Agents and How to Govern Them: Tailscale, Sayvint Offer Solutions
AI agents are moving from occasional chat tools to always‑on assistants, prompting enterprises to confront identity‑governance gaps. Tailscale introduced Aperture, an open‑alpha governance layer that ties AI usage to user or workload identities, offering policy controls, audit‑ready session logs, and...
Oklahoma Cheyenne and Arapaho Tribes Say Ransomware Disrupted Tribal Systems
The Cheyenne and Arapaho Tribes of Oklahoma were hit by a ransomware attack that forced the shutdown of their computer networks, halting email, phone services and some tribal operations. Tribal Governor Reggie Wassana confirmed the disruption while recovery efforts began....
EMudhra Self-Certified as MOSIP System Integrator for Digital ID Projects at Scale
Indian digital‑ID specialist eMudhra has completed self‑certification as a Modular Open Source Identity Platform (MOSIP) system integrator, joining the MOSIP Marketplace. The certification confirms its software and hardware meet MOSIP’s rigorous technical, operational and security standards, enabling it to deliver...
Seeing Bugs in IDE Boosts Fixes From 0% to 70%
“At Facebook, they found that when security vulnerabilities were reported as issues, nearly 0% got fixed. But when these same problems appeared directly in the developer’s IDE, where the red squiggles were difficult to ignore, fix rates jumped to around...
Dataminr Report: Cyber Risk Shifted in 2025 with Increased Threat Actor Activity and Mega-Loss Events
Dataminr’s 2026 Cyber Threat Landscape Report shows a dramatic shift in cyber risk during 2025, with threat‑actor alerts soaring 225% year‑over‑year. Identity‑based intrusions now account for nearly 30% of attacks, driven by an 84% rise in infostealer malware and AI‑enhanced...
OMB Rescinds the “Common Form” Secure Software Attestation Requirement
On Jan. 23, 2026 the Office of Management and Budget issued Memorandum M‑26‑05, rescinding the Biden‑era mandate that all federal agencies obtain a CISA “Common Form” software attestation. The new memo replaces the one‑size‑fits‑all requirement with a risk‑based, agency‑specific approach while...
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Security firm Trellix uncovered a new cryptojacking operation that spreads through pirated software installers and installs a customized XMRig miner. The malware uses a controller named Explorer.exe for persistence and a signed driver (WinRing0x64.sys, CVE‑2020‑14979) to gain kernel access, boosting...
Dell Warns of RecoverPoint for VMs Zero-Day (Exploited Since Mid-2024)
Dell has issued an urgent advisory for RecoverPoint for Virtual Machines after discovering CVE‑2026‑22769, a critical 10.0 CVSS flaw that embeds admin credentials in its Tomcat‑based web layer. The vulnerability allows unauthenticated attackers to log in as administrators, upload malicious...
Why Insider Threats May Make Satellite Hacking Significantly Easier
The article argues that insider threats could dramatically lower the barriers to satellite hacking, as insiders can bypass air‑gap protections and exploit the growing use of off‑the‑shelf Linux hardware. It highlights how complex supply chains, contractor relationships, and recent geopolitical...
The 20 Coolest Security Operations, Risk And Threat Intelligence Companies Of 2026: The Security 100
CRN’s Security 100 list spotlights 20 security‑operations, risk and threat‑intelligence vendors that distinguished themselves in 2026. The roundup underscores a rapid shift toward AI‑driven, agentic SOC solutions that automate triage, investigation and response. Companies such as 7AI, Arctic Wolf, Google Cloud and...
Microsoft Says Office Bug Exposed Customers’ Confidential Emails to Copilot AI
Microsoft confirmed a bug in its 365 Copilot Chat that allowed the AI to read and summarize customers' confidential emails for weeks, even when data‑loss‑prevention policies were in place. The issue, tracked as CW1226324, affected both draft and sent messages...
Poland Bans Chinese-Made Cars From Entering Military Sites
Poland’s senior army commanders have issued a directive barring Chinese‑manufactured cars from entering protected military facilities. The move targets vehicles whose sensors, software or connectivity modules could transmit location and other sensitive data. It aligns Poland with recent U.S. and...
Public S3 Buckets: A Cloud Security Wake‑Up
The most exposed lady in the cloud? Lady S3 Bucket. ☂️ If you use AWS, you know the shame. Public access is NOT a vibe. https://youtube.com/shorts/q_T0RC87aRg #DevOps #CloudComputing #Security
EVMbench Tests AI Agents on Real Smart Contract Vulnerabilities
OpenAI and Paradigm launched EVMbench, a benchmark testing AI agents’ ability to detect, patch, and exploit real smart contract vulnerabilities. What's the meaning of it? Come join us! https://t.co/2YgOdrosIO
Global Leaders, Executives Exposed in Data Leak
At the Abu Dhabi Finance Week summit, an unsecured cloud server exposed the passports and national ID cards of more than 700 attendees, including former British Prime Minister David Cameron, hedge‑fund billionaire Alan Howard, and former White House communications director...
Identity and Supply Chain Demand Heightened Cybersecurity Focus
Identity and supply chain need more attention, risk intelligence firm says | Cybersecurity Dive https://t.co/917wKw3CC3
Angolan Journalist Targeted with Predator Spyware, Study Shows
A new investigation from @AmnestyTech found that a journalist in Angola was targeted with Predator spyware in 2024. We also know that @citizenlab found links to Predator infrastructure in Angola in 2023, and links to FinFisher infrastructure in 2015. https://t.co/N2TIUdGKkn
From 2016 Hack to $150M Endowment: The DAO’s Second Act Focuses on Ethereum Security
A decade after the 2016 DAO hack, the DAO Security Fund will stake roughly 75,000 dormant ETH—now worth about $150 million—to generate yield for Ethereum security initiatives. The fund will keep claims open indefinitely for original token holders and shift from...
EU Parliament Bans AI Chatbots over US Data Security Concerns
The European Parliament banned AI chatbots like Claude and Copilot from lawmakers' devices, citing cybersecurity risks from cloud data uploads to US firms https://t.co/KCPJ57Qqs1 #ArtificialIntelligence #Innovation #Technology #Tech #TechNews https://t.co/uigKl4zdY7
Researcher Traces Death Threats to Snowflake Hack Suspect
When hacker named "Waifu" and "Judische" made death threats against security researcher Allison Nixon, she had no idea why he targeted her. So she set out to unmask him. The quest led her to Connor Moucka, a 25-yr-old behind infamous...