Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Amazon Fends Off Blowback for Ring’s Search Party Tool
Amazon’s Ring introduced the “Search Party” feature, allowing users to share video clips from their doorbell cameras with friends, family, or law‑enforcement agencies to help locate missing persons. The rollout triggered immediate privacy backlash from civil‑rights groups who argue the tool could enable mass surveillance and misuse of personal footage. In response, Amazon emphasized that participation is strictly opt‑in, that all shared clips are encrypted, and that the company will limit data retention to 30 days. Amazon also pledged a third‑party audit and a new transparency report to address concerns.
Safeguarding IoT & Edge Data Pipelines: QA Best Practices
The migration of data processing from centralized servers to edge devices is reshaping QA strategies for IoT pipelines. Unstable networks, fragmented device fleets, and expanded attack surfaces demand testing that goes beyond functional checks. Specialized IoT testing services now employ...
Pathologists, Vendors Talk LIS-IMS Integration
Pathology labs are accelerating digital transformation, but integrating laboratory information systems (LIS) with imaging management systems (IMS) remains a hurdle. Cybersecurity and image management top the agenda as AI-driven diagnostics expand. Cloud‑based LIS‑IMS solutions promise stronger security controls and scalable...
3 Ways to Start Your Intelligent Workflow Program
Security, IT and engineering teams face pressure to accelerate outcomes while extracting AI value, yet 88% of AI proofs‑of‑concept never reach production despite 70% of workers seeking time‑saving automation. The Hacker News article outlines three pre‑built intelligent‑workflow use cases—automated phishing response,...
ClickFix Exploits Homebrew Workflow to Deploy Cuckoo Stealer for macOS Credential Theft
ClickFix is weaponizing a fake Homebrew installation workflow to deliver Cuckoo Stealer, a macOS credential‑stealing RAT. The campaign uses typosquatted domains such as homabrews.org that mimic brew.sh and inject a malicious curl | bash command into the clipboard, prompting developers to run it....
Security Metrics That Actually Predict a Breach
The article argues that traditional security dashboards hide the true predictors of a breach, emphasizing metrics that expose process debt, access sprawl, and human behavior. It highlights four high‑impact signals: credential reuse and identity drift, stale access paths, alert‑fatigue ratios,...
AI Likely to Put a Major Strain on Global Networks—Are Enterprises Ready?
Enterprise networks face unprecedented strain as AI workloads surge, generating unpredictable, high‑volume traffic across regions. A recent Broadcom study shows only 49% of organizations believe their networks can meet AI’s bandwidth and latency demands, despite 99% adopting cloud strategies. Retrieval‑augmented...
A New Approach for GenAI Risk Protection
Generative AI’s rapid consumer adoption has exposed enterprises to data leakage risks, prompting security teams to reassess protection strategies. Traditional DLP solutions are expensive and cumbersome, limiting their use to large organizations. Two viable paths emerge: purchasing enterprise‑grade GenAI licenses...
CYBERSPAN Brings AI-Driven, Agentless Network Detection to MSSP Environments
IntelliGenesis launched CYBERSPAN, an AI‑driven network detection and response solution tailored for managed security service providers. The platform offers a multi‑tenant, agentless architecture that can be deployed on‑premises or in the cloud, integrating with existing SIEM, SOAR and ticketing tools...
Actionstep Completes SOC 2® Type 2 Examination, Reinforcing Commitment to Law Firm Security
Actionstep, a cloud‑based practice‑management platform used by nearly 5,000 law firms, announced completion of its SOC 2 Type 2 examination conducted by Prescient Assurance. The audit evaluated both the design and operating effectiveness of the company’s security controls over a defined period, providing...
Risk Assessments Are Performative; Focus on Impact, Not Count
🔥🔥🔥 This hits on something that has bothered me for most of my career... Much of what orgs do to "assess risk" is largely performative, and has very little do with actual risk. Impact is what matters. Your AI Pentester Found...
SANS and siberX Introduce NOW // AI to Help Leaders Manage AI Risk, Strengthen Security Controls, and Defend Enterprise Value
SANS Institute and cybersecurity firm siberX have launched NOW // AI, an immersive simulation program built on the SANS AI Blueprint. The curriculum targets executives and security teams, focusing on three pillars—Protect AI, Utilize AI, and Govern AI—to tighten risk...
New SysUpdate Variant Malware Discovered, Decryption Tool for Linux C2 Traffic Released
Researchers at LevelBlue identified a new SysUpdate variant targeting Linux systems, packaged as a packed ELF64 binary that mimics a system service. The malware employs a custom, multi‑layered symmetric cipher to encrypt its command‑and‑control traffic across several protocols. By emulating...
Lasso’s Intent Deputy Secures AI Agents Through Real-Time Behavioral Intent Analysis
Lasso Security unveiled Intent Deputy, a runtime behavioral‑intent framework that secures autonomous AI agents by interpreting their decision flow and operational context. The solution claims 99.83% threat detection at sub‑50 ms latency and a 570‑fold cost advantage over cloud‑native guardrails. By...
Suped Review – Features, User Experience, Pros & Cons (2026)
Suped is a cloud‑based DMARC monitoring platform aimed at small to mid‑size businesses, offering a visual dashboard, guided DNS setup, and an AI Copilot that translates technical errors into plain‑language tasks. Users can onboard in minutes and see initial data...
Siemens' OT Security Needs Centralized Certificate Management
With the TIA Portal and platforms like WinCC Unified, Siemens Industry is clearly strengthening its security capabilities. ✔️ Encrypted communication ✔️ Certificate-based authentication ✔️ Hardened PLCs, HMIs and drives Technically strong. No doubt. But let’s be honest: Where is the...
AI and Quantum Forces Redefine Cybersecurity Strategies
Why Cybersecurity Strategies and Frameworks Must Be Recalibrated in the Age of AI and Quantum Threats by @ChuckDBrooks https://t.co/KGZ9x9TO0T #CyberSecurity #ai #Quantum
KnowBe4 Report Reveals U.S. Public Sector Faces Unrelenting Cyber Threats
KnowBe4 released a white paper highlighting the U.S. public sector’s exposure to escalating cyber threats, with ransomware affecting an estimated 43 % of local governments by 2025. The report identifies four core challenges: relentless attacks, chronic staffing shortages, mounting compliance pressures,...
AI-Integrated Security Boosts PANW Demand and Value
PANW strong q/good initial guide with CyberArk. The need for AI-native, integrated security platforms rather than fragmented point solutions is further increasing demand for PANW platform. AI increasing PANW’s value proposition-not displacing it. $225 PT..very well positioned🏆
Microsoft Defender Update Lets SOC Teams Manage, Vet Response Tools
Microsoft Defender now includes a Library Management feature that lets security operations centers (SOCs) organize, preview, and control the scripts and tools used in live response. Analysts can upload PowerShell, batch, and other response files ahead of investigations, making them...
AWS Coding Agents Gain New Plugin Support Across Development Tools
AWS introduced Agent Plugins, a framework that equips AI coding assistants with native AWS capabilities. The initial "deploy‑to‑AWS" plugin lets developers issue natural‑language prompts to generate architecture recommendations, cost estimates, and infrastructure‑as‑code templates. It currently integrates with Claude Code and...
The New Paradigm for Raising up Secure Software Engineers
AI‑assisted coding is set to dominate enterprise development, with Gartner projecting 90% of engineers using AI assistants by 2028. As AI automates line‑level vulnerability detection, security teams face a surge in code volume and reduced review windows. This forces a...
The Defense Industrial Base Is a Prime Target for Cyber Disruption
Cyber adversaries are moving beyond classic espionage to disrupt the defense industrial base (DIB), aiming to cripple production capacity and supply chains. Attackers now target everything from large primes to niche startups, especially firms with dual‑use technologies, using ransomware and...
New Phishing Campaign Exploits Booking.com Partners, Targets Customers in Multi-Stage Fraud Scheme
A coordinated phishing campaign is exploiting Booking.com’s partner platform to steal hotel staff credentials and then target guests with payment‑stealing lures. The operation uses a three‑stage chain: email phishing to hotel inboxes, a bespoke partner login kit to harvest credentials,...
Everyone Uses Open Source, but Patching Still Moves Too Slowly
Enterprise security teams now rely on open source for core infrastructure, development pipelines, and production applications, yet patching cycles remain sluggish. TuxCare’s 2026 Open Source Landscape Report shows that 60% of recent incidents involved known vulnerabilities that were not patched...
Risky Business #825 -- Palo Alto Networks Blames It on the Boogie
In this episode, Patrick Gray, Adam Boileau, and James Wilson dissect a week of cybersecurity headlines, from Palo Alto Networks’ decision to avoid publicly attributing a Chinese‑linked hacking campaign to geopolitical concerns, to the rise of data‑only extortion as ransomware...
Regtech SlowMist Exposes Supply Chain Threats in ClawHub’s AI Plugin Ecosystem
SlowMist has uncovered a wave of supply‑chain attacks targeting ClawHub, the official plugin repository for the OpenClaw AI agent framework. Over 340 malicious plugins were identified among roughly 3,000 listings, many embedding Base64‑encoded commands in the SKILL.md documentation that download...
Understanding the U.S. Coast Guard’s Maritime Cybersecurity Framework
The U.S. Coast Guard’s Cybersecurity in the Marine Transportation System rule took effect in July 2025, imposing mandatory cybersecurity and incident‑response plans for U.S.-flagged vessels, OCS facilities and MTSA‑covered sites. Owners must appoint a Cybersecurity Officer, enforce account lockouts, maintain...
Government Explores Unified ID and Verification System for Businesses
The UK Department for Business and Trade has signed a 10‑week, £300,000 contract with Deloitte to explore a unified digital business ID that would provide a single login and a cross‑government business entity directory. The discovery phase will assess existing...
GDS Public Sector Monitoring ‘Finding and Fixing over 100 Critical Vulnerabilities a Month’
The Government Digital Service’s Vulnerability Monitoring Service (VMS), launched in summer 2024, now has over 700 public‑sector organisations signed up and is detecting more than 100 critical vulnerabilities each month. Offered free through the National Cyber Security Centre, the service...
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
Singapore’s Cyber Security Agency and the nation’s four major telcos (M1, Simba Telecom, Singtel, StarHub) launched the "Cyber Guardian" operation, expelling the China‑linked threat actor UNC3886 after an 11‑month campaign. The attackers breached critical network segments but did not steal...
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
The Electronic Frontier Foundation (EFF) has sent a letter to Wisconsin’s entire legislature urging a vote against S.B. 130 and A.B. 105, bills that would ban VPN use and impose invasive age‑verification on certain websites. The measures have cleared the...
Fortanix and NTT DATA Partner to Solve Challenges Around Data Sovereignty and Security for AI Factories With NVIDIA
Fortanix, NTT DATA and NVIDIA have launched a joint service that lets Indian enterprises run AI Factories within hardware‑based secure enclaves. The offering combines Fortanix’s Confidential Computing platform, NVIDIA’s secure GPUs and NTT DATA’s full‑lifecycle managed services to protect data and models...
Smart Contracts Auditing Process
Smart contract auditing is a critical pre‑deployment step that safeguards blockchain applications by uncovering coding errors and security vulnerabilities. The process follows a structured workflow—from specification gathering and automated scanning to manual line‑by‑line analysis, functional testing, and iterative remediation—culminating in...
Intellexa’s Predator Spyware Used to Hack iPhone of Journalist in Angola, Research Says
Amnesty International reported that a government client of sanctioned spyware firm Intellexa used its Predator tool to compromise the iPhone of Angolan journalist Teixeira Cândido in 2024. The intrusion was delivered through a malicious WhatsApp link, exploiting an outdated iOS...
Simplify Red Hat Enterprise Linux Provisioning in Image Builder with New Red Hat Lightspeed Security and Management Integrations
Red Hat has rebranded its Insights service as Red Hat Lightspeed, keeping core advisor, vulnerability and compliance capabilities while emphasizing AI‑driven speed. New Image Builder integrations now auto‑register RHEL images to Red Hat Satellite and Ansible Automation Platform, and allow compliance profiles...
Hong Kong Fortifies Cybersecurity Training in the AI Era
Hong Kong released its Cybersecurity Outlook 2026, revealing that nearly 30% of local firms lack dedicated security staff and only 26% of SMEs have such roles compared with 59% of large enterprises. To address the talent gap, the government, HKPC...
Waymo Overseas Human Assist Wasn't Secret, But Is It Secure?
Waymo disclosed that a single remote‑assist operator supports roughly 40 autonomous vehicles, a ratio that underscores its reliance on human fallback. The company confirmed that many of these operators are based overseas, a fact previously hinted at but not widely...
Texas AG Sues Wi-Fi Company over Links to China
Texas Attorney General Ken Paxton sued TP‑Link Systems Inc., alleging the Wi‑Fi maker deceived consumers by marketing its routers as "Made in Vietnam" while sourcing most components in China. The complaint cites longstanding firmware vulnerabilities that Chinese state‑backed hackers have...
CompTIA Launches SecAI+ Certification
CompTIA unveiled SecAI+, its first Expansion Series certification, aimed at securing AI systems and leveraging AI tools within cybersecurity operations. The credential builds on foundational certifications such as Security+, CySA+ and PenTest+, requiring three to four years of IT experience...
How to Transform Your SOC Through XDR and MDR
In a recent Palo Alto Networks webcast, experts highlighted that modern attackers compress breach timelines to under an hour, overwhelming traditional SOC processes. They argued that XDR platforms like Cortex XDR solve the data‑silo problem by unifying telemetry across endpoints,...
Flaws in Popular VSCode Extensions Expose Developers to Attacks
Security researchers at Ox Security uncovered critical and high‑severity vulnerabilities in four widely used Visual Studio Code extensions, collectively downloaded over 128 million times. The flaws—affecting Code Runner, Markdown Preview Enhanced, Live Server, and Microsoft Live Preview—allow attackers to execute remote...
OpenClaw Flaw Enables AI Log Poisoning Risk
A log‑poisoning flaw was discovered in OpenClaw’s gateway server, affecting versions up to 2026.2.12. The vulnerability arises from unsanitized WebSocket headers—such as Origin and User‑Agent—being written directly to structured logs when a handshake is aborted. An unauthenticated attacker could inject...
Cyber Attacks Enabled by Basic Failings, Palo Alto Analysis Finds
Palo Alto Networks’ 2026 Global Incident Response Report shows cyber‑attack timelines have collapsed, with the fastest breaches moving from initial access to data exfiltration in just 72 minutes, down from nearly five hours in 2024. The acceleration is largely driven...
CVE-2026-25903 Impacts Apache NiFi Users
A new vulnerability, CVE‑2026‑25903, affects Apache NiFi versions 1.1.0 through 2.7.2 and was patched in 2.8.0. The flaw allows users with limited privileges to modify the configuration of already‑deployed restricted components, bypassing the platform’s authorization checks. While it does not...
HCP Packer Adds SBOM Vulnerability Scanning
HashiCorp announced that HCP Packer now offers SBOM vulnerability scanning in public beta, while its package‑visibility feature has moved to general availability. The new scanning capability cross‑references each artifact’s software bill of materials against the MITRE CVE database and flags...
Quesma Releases BinaryAudit
Quesma unveiled BinaryAudit, an independent benchmark that measures how well artificial‑intelligence models can spot hidden threats in software binaries. The tool aims to shift binary analysis from a reactive, post‑breach activity to a proactive safeguard applied before deployment, during updates,...
Boards Pivot to Recovery as Breach Assumption Grows
As more companies “assume breach,” I am seeing a shift from prevention to recovery. Boards are starting to ask different questions.
All Breaches Affect Limited Files; “Limited” Is Meaningless
Apparently, the hackers stole “a limited number of files”. Humour me here, but when does a breach ever *not* affect a limited number of files? I mean, when was the last breach you can remember that impacted an *unlimited* number...
Continuous Security Audit Across 62,000+ Open Skills
We partnered with @socketsecurity, @snyksec, and @gendigitalinc to continuously audit https://t.co/NfXI7skfWe for security vulnerabilities. There are now 62,000+ skills in the open ecosystem https://t.co/rtwkKCBeBz