🎯Today's Cybersecurity Pulse
Updated 55m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 13, 2026
Deepfake Business Risks Are Growing – Here's What Leaders Need to Know
Deepfake attacks have moved from a niche concern to a mainstream cybersecurity priority, with 62% of organizations reporting at least one incident in the past year. Hackers are leveraging publicly available AI models, such as Google Gemini, to create convincing voice and video impersonations that have already resulted in multimillion‑dollar fraud, exemplified by the $25 million Arup case. The proliferation of open‑source tools lowers the barrier for low‑skill actors, expanding the threat to small and medium‑sized enterprises that lack dedicated defenses. Experts urge immediate adoption of detection, training, and multi‑factor verification to curb the surge.
By ITPro (UK)
News•Feb 13, 2026
Fake North Korean IT Workers Are Rampant on LinkedIn – Security Experts Warn Operatives Are Stealing Profiles to Apply for...
Security Alliance (SEAL) reports that North Korean actors are hijacking authentic LinkedIn profiles to pose as remote IT workers and infiltrate companies worldwide. By leveraging stolen personal data, verified workplace emails and AI‑generated imagery, they pass background checks and secure...
By ITPro (UK)
News•Feb 13, 2026
Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third
The Munich Security Index 2026 released at the MSC shows G7 nations rank cyber‑attacks as their top security risk for the second consecutive year. Disinformation campaigns sit in third place, while economic crises occupy the second slot. In contrast, the...
By Infosecurity Magazine
News•Feb 13, 2026
Dutch Carrier Odido Discloses Data Breach Impacting 6 Million
Dutch mobile carrier Odido announced a data breach that exposed personal information of more than 6 million customers, including names, addresses, phone numbers, email, dates of birth, bank account and passport or driver‑license details. The intrusion occurred on February 7‑8 and targeted...
By SecurityWeek
Blog•Feb 13, 2026
OpenClaw in the Clinic: A Business Plan for HIPAA-Compliant Deployment of Agentic AI at Scale in Payer and Provider Organizations
The episode dissects OpenClaw, an open‑source, agentic AI platform that can autonomously interact with files, commands, and dozens of applications, and evaluates its viability for payer and provider health organizations. It explains why the default, unsecured version violates HIPAA, outlines...
By Thoughts on Healthcare Markets & Tech
News•Feb 13, 2026
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Researchers uncovered a wave of malicious Chrome extensions that siphon data from corporate tools, social platforms, AI assistants, and general browsing activity. The CL Suite add‑on steals Meta Business Suite credentials and analytics, while VK‑styled extensions hijacked roughly 500,000 VKontakte...
By The Hacker News
News•Feb 13, 2026
The $17 Billion Wake-Up Call: Securing Crypto in the Age of AI Scams
The 2026 Chainalysis report estimates crypto‑related scams cost $17 billion, driven by a 1,400% surge in impersonation attacks and a 456% jump in AI‑enabled fraud. Machine‑learning tools have turned scams into factory‑scale operations, making them 4.5 times more profitable than traditional...
By HackRead
News•Feb 13, 2026
The Cyber Express Weekly Roundup: Escalating Breaches, Regulatory Crackdowns, and Global Cybercrime Developments
The Cyber Express weekly roundup highlights a series of high‑profile cyber incidents across continents. The European Commission’s mobile device management system was breached but contained within nine hours, while Senegal’s national identity services were crippled by ransomware. In Australia, FIIG...
By The Cyber Express
News•Feb 13, 2026
Npm’s Update to Harden Their Supply Chain, and Points to Consider
npm completed a major authentication overhaul in December 2025, revoking classic long‑lived tokens and moving to short‑lived session tokens with MFA default for publishing. The changes also promote OIDC Trusted Publishing, giving CI systems per‑run credentials. However, MFA phishing attacks...
By The Hacker News
Social•Feb 13, 2026
Fake AI Chrome Extensions Steal Credentials From 300K Users
🚨 Fake AI Chrome extensions with 300K users steal credentials, emails | Cybersecurity Here are the Extensions: 1️⃣ AI Sidebar (gghdfkafnhfpaooiolhncejnlgglhkhe) – 70,000 users 2️⃣ AI Assistant (nlhpidbjmmffhoogcennoiopekbiglbp) – 60,000 users 3️⃣ ChatGPT Translate (acaeafediijmccnjlokgcdiojiljfpbe) – 30,000 users 4️⃣ AI GPT (kblengdlefjpjkekanpoidgoghdngdgl) – 20,000...
By Efi Pylarinou
News•Feb 13, 2026
60,000 Records Exposed in Cyberattack on Uzbekistan Government
Uzbekistan’s Digital Technologies Ministry confirmed that a cyberattack on three government information systems in late January exposed roughly 60,000 individual data records, not the personal data of 15 million citizens as earlier rumors suggested. The breach, which lasted from January 27‑30, was...
By The Cyber Express
News•Feb 13, 2026
Japanese Broker Rakuten Securities to Change MT4 Login Method to Enhance Security
Rakuten Securities will overhaul the MetaTrader 4 login process. Beginning Saturday, February 28 2025, the broker will issue random passwords for its MT4, MT4 Securities CFD and MT4 Commodity CFD accounts. After Saturday, February 28 2026, direct MT4 logins will be permanently disabled, requiring traders...
By FX News Group — Feed
News•Feb 13, 2026
Kaspersky Warns Against ‘Valentine’s Gift’ Card Scams
Kaspersky warns that scammers are targeting the surge in Valentine's Day gift‑card purchases with sophisticated phishing campaigns. The security firm’s latest global survey shows 80% of consumers plan to buy digital gifts, prompting fraudsters to create fake verification sites and...
By IT News Africa
News•Feb 13, 2026
8,000+ ChatGPT API Keys Left Publicly Accessible
Cyble Research and Intelligence Labs uncovered more than 8,000 publicly accessible ChatGPT API keys, including over 5,000 GitHub repositories and roughly 3,000 live production websites. The keys were hard‑coded in source code, configuration files, and client‑side JavaScript, making them instantly...
By The Cyber Express
News•Feb 13, 2026
Supply Chain Cyber Attacks Continue to Evolve in 2026: Group-IB
Group-IB’s High‑Tech Crime Trends Report 2026 warns that supply‑chain cyber attacks have matured into self‑contained ecosystems, with threat actors focusing on upstream vendors rather than direct targets. By exploiting trusted relationships, attackers can infiltrate downstream networks, as illustrated by 263...
By ARN (Australia)
News•Feb 13, 2026
Should Healthcare Organizations Transition to Biometric Security?
Biometric authentication is now mainstream in U.S. healthcare, with roughly 78% of organizations deploying fingerprint or facial‑recognition systems. The technology promises stronger identity assurance, faster workflow access, and reduced patient misidentification, directly addressing HIPAA compliance and safety concerns. However, high...
By HIT Consultant
Podcast•Feb 13, 2026•5 min
SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring
The episode dives into a newly discovered SSH worm that can turn a compromised host into a botnet in just four seconds, highlighting its self‑propagation and cryptographically signed command‑and‑control mechanism. It then reviews the latest OpenSSH changes for macOS, emphasizing...
By SANS Internet StormCast
Social•Feb 13, 2026
Bluetooth Pacemakers Could Be Tracked via War‑Driving
For the Nancy Guthrie case, an idea and maybe a crazy one but she had a pacemaker which often implantable devices use bluetooth such as Medtronic's. Couldn't you war-drive (drones even better) with a high gain antenna with amplifiers -...
By Dave Kennedy
Social•Feb 13, 2026
Email: From Simple File Sharing to Chaos
Email probably started off as a guy just trying to send himself a file, and then it got completely out of control
By SwiftOnSecurity
News•Feb 13, 2026
Passwordless PostgreSQL: IAM Authentication with Pulumi
Pulumi now offers reusable components to enable AWS IAM authentication for Aurora PostgreSQL, allowing applications to connect using short‑lived tokens instead of static passwords. The setup provisions an RDS cluster with IAM authentication, creates IAM‑enabled database users, and configures IRSA...
By Pulumi Blog
Social•Feb 13, 2026
Identity Protection Is Key to Combating Fraud
Why Identity Protection and Cybersecurity Are Central to Fighting Fraud by @ChuckDBrooks https://t.co/hftYQY0W6B #cybersecurity #fraud
By Chuck Brooks
News•Feb 12, 2026
The Cyber Siege of Private Practices: Are You at Risk?
The Identity Theft Resource Center’s 2025 Data Breach Report reveals a 79 % surge in U.S. data compromises, with 534 incidents targeting health‑care providers. Private‑practice physicians face precise, AI‑driven attacks that exploit patient records and vendor relationships. Transparency in breach notifications...
By Medical Economics
News•Feb 12, 2026
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
Booz Allen Hamilton has launched the general availability of Vellox Reverser™, an AI‑driven malware reverse‑engineering platform that automates deep analysis at machine speed. The solution leverages a resilient agentic AI architecture, AWS Lambda, Bedrock and Step Functions to ingest samples,...
By Dark Reading
News•Feb 12, 2026
California Fines Disney For Alleged Privacy Violations
Disney agreed to pay $2.75 million to settle California Attorney General claims it breached the state’s privacy law by not honoring user opt‑out requests. The settlement requires Disney to create a consumer‑friendly, easy‑to‑execute opt‑out process and to cease cross‑context behavioral advertising...
By MediaPost
News•Feb 12, 2026
It’s 2026, but Hospitals Still Haven’t Prevented Snooping in Celebrities’ Records
A Michigan hospital, likely McLaren Northern Michigan, is accused by internet personality Josh Clarke of allowing staff to view his medical records, take selfies in his treatment area, and conceal his presence on a notice board. Clarke’s video alleges that...
By DataBreaches.net
News•Feb 12, 2026
Hacker Linked to Epstein Removed From Black Hat Cyber Conference Website
Black Hat quietly removed veteran hacker Vincenzo Iozzo from its review board after DOJ documents linked him to Jeffrey Epstein. Iozzo, founder of SlashID and former CrowdStrike senior director, had served on the board since 2011. He denies any illegal...
By TechCrunch (Cybersecurity)
News•Feb 12, 2026
Identity Security Looks Different by Industry. Here’s How MSPs Can Keep Up
Identity attacks remain the top breach vector, yet only 33 % of leaders trust their identity providers to stop them. With 82 % increasing spend and 85 % shifting to security‑first identity strategies, execution gaps are widening. Modern identity now includes machines, APIs...
By ChannelE2E
News•Feb 12, 2026
Anna’s Archive Ignores Court Order and Starts Making Stolen Spotify Files Available to Torrent
Anna’s Archive, a piracy activist group, has begun seeding roughly 2.8 million Spotify tracks—about 6 TB of audio—via its torrent index, despite a New York court injunction and a $13 trillion lawsuit filed by Spotify and major labels. The leak follows a massive...
By Complete Music Update (CMU)
News•Feb 12, 2026
UK Customers Aren't as Worried About Sovereignty as EU, Cisco Exec Says
Cisco’s EMEA president Gordon Thomson told The Stack that British companies are less preoccupied with data‑sovereignty than their European counterparts. He noted that infrastructure autonomy has become a board‑level fear across the region, while AI localisation requirements are muddying the...
By The Stack (TheStack.technology)
News•Feb 12, 2026
Apple Patches Actively Exploited Zero-Day Flaw
Apple has issued patches for CVE-2026-20700, a zero‑day vulnerability in the dyld dynamic linker affecting iOS, iPadOS, macOS, tvOS, watchOS and visionOS. The flaw enables arbitrary code execution with memory‑write capability and was actively exploited in highly sophisticated, targeted attacks,...
By eSecurity Planet
Blog•Feb 12, 2026
Keeper Commander Introduces SuperShell™
Keeper Security launched SuperShell™, a full‑screen terminal user interface for Keeper Commander, available from version 17.2.7 onward. The TUI provides a split‑view vault browser with vi‑style keyboard shortcuts, searchable panes, raw JSON inspection, and live TOTP display. Designed for developers,...
By IT Security Guru
News•Feb 12, 2026
Why Every MSP Needs a Battle-Tested Incident Response Framework
Managed Service Providers face escalating ransomware threats, making ad‑hoc responses untenable. A battle‑tested Incident Response Plan (IRP) provides a structured lifecycle—from preparation to lessons learned—that safeguards client systems and the MSP’s reputation. The guide outlines core pillars such as preparation,...
By ChannelE2E
News•Feb 12, 2026
A Guide to the Best Disaster Recovery Solutions for Health Care Organizations
Healthcare providers face heightened risk from cyber attacks and natural disasters, making robust disaster recovery essential. Vendors such as Dataprise, Veeam, Acronis, Zerto, and Carbonite offer cloud, hybrid, and on‑premises solutions that promise rapid recovery, HIPAA compliance, and proactive monitoring....
By MedCity News
News•Feb 12, 2026
Viral AI Caricatures Highlight Shadow AI Dangers
A viral Instagram and LinkedIn trend sees millions prompting ChatGPT to generate caricatures that describe their jobs, then posting the images publicly. The practice unintentionally reveals how employees use large language models (LLMs) at work and what data they may...
By eSecurity Planet
News•Feb 12, 2026
World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks
World Leaks, a high‑profile extortion group, has introduced a new Rust‑written malware called RustyRocket, according to Accenture research. The tool provides stealthy persistence on both Windows and Linux systems, using heavily obfuscated, multi‑layered encrypted tunnels to exfiltrate data and proxy...
By Infosecurity Magazine
News•Feb 12, 2026
EXCLUSIVE | Trump Pauses China Tech Curbs Ahead of Xi Summit
The Trump administration has temporarily shelved a suite of technology security measures targeting Chinese firms ahead of the April Trump‑Xi summit. The paused actions include a ban on China Telecom’s U.S. operations, restrictions on Chinese equipment in data centres, and...
By BusinessLIVE
News•Feb 12, 2026
Integrating FIDO Standards Into Secure OT Connectivity — A Practical Path to Resilience
The FIDO Alliance is mapping its phishing‑resistant passkeys, Device Onboard (FDO) and emerging Bare Metal Onboarding (BMO) to the UK NCSC’s Secure Connectivity Principles for Operational Technology. By replacing passwords with cryptographic credentials, FIDO eliminates the most common breach vector...
By FIDO Alliance – News/Blog
Social•Feb 12, 2026
Native Account Abstraction Enables Safe Blockchain Agents
A question about AI and blockchain: What makes a blockchain Agent friendly? One possible answer I heard from @AbdelStark: Safety through Native Account Abstraction Suppose you give your agent some money to transact on your behalf. The agent could go rogue,...
By Eli Ben-Sasson
Social•Feb 12, 2026
Hash‑based Crypto: Blockchain’s Timeless Security Foundation
“One of the goals of blockchains is that they’re going to be securing hundreds of trillions of dollars over centuries. hash based cryptography is believed to stand the test of time and is the most minimal assumption that you could...
By Laura Shin
News•Feb 12, 2026
The Download: AI-Enhanced Cybercrime, and Secure AI Assistants
Artificial intelligence is rapidly becoming a tool for cybercriminals, enabling faster, lower‑skill attacks and fueling a surge in deep‑fake‑driven scams. At the same time, AI‑powered personal assistants such as OpenClaw expose massive amounts of user data, raising urgent security concerns....
By MIT Technology Review
Social•Feb 12, 2026
Ethereum Targets Post‑quantum Cryptography Upgrade by 2029
“The plan right now is to upgrade every single piece of Ethereum cryptography to be post quantum secure by 2029.” — Justin Drake (@drakefjustin), Researcher at the Ethereum Foundation https://t.co/bbNeyUmOCj
By Laura Shin
Social•Feb 12, 2026
Unified Standards Prevent Cryptographic Disasters and Incompatibility
“It’s very good if the industry can all agree on one standard so that things are interoperable, you get many fewer cryptographic disasters or unexpected incompatibilities or security issues.” — @ChrisPeikert, Professor, CSE, University of Michigan https://t.co/bbNeyUmOCj
By Laura Shin
News•Feb 12, 2026
Google Says Hacker Groups Are Using Gemini to Augment Attacks – and Companies Are Even ‘Stealing’ Its Models
Google Threat Intelligence Group, together with DeepMind, released an AI Threat Tracker revealing that state‑backed APT groups are weaponizing Google’s Gemini models to research targets, craft multilingual phishing, and generate code for attacks. Notable actors include China‑based Temp.HEX, UNC6148 targeting...
By ITPro (UK)
Social•Feb 12, 2026
Ethereum’s Three Core Cryptos Found Vulnerable
“For Ethereum specifically, there’s three pieces of cryptography that are vulnerable: ECDSA, BLS signatures, and KCG.” — Justin Drake (@drakefjustin), Researcher at the Ethereum Foundation https://t.co/bbNeyUmOCj
By Laura Shin
Social•Feb 12, 2026
AI Is Already Simplifying Online Scams, Experts Warn
AI is already making online swindles easier. It could get much worse. Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening. #fintech #tech #finserv #AI @BetaMoroney @efipm @BrettKing @spirosmargaris @jasuja @enricomolinari @mikeflache https://t.co/xbcVW86X8z
By Richard Turrin
News•Feb 12, 2026
AI Skills Represent Dangerous New Attack Surface, Says TrendAI
TrendAI, the new business unit of Trend Micro, warns that AI skills—executable artifacts that blend human‑readable text with LLM instructions—represent a dangerous attack surface. These skills, used in products like Anthropic’s Agent Skills, OpenAI’s GPT Actions, and Microsoft’s Copilot Plugins, can...
By Infosecurity Magazine
Social•Feb 12, 2026
Ex‑Trenchant Exec Sold Internal Hacks to Russian Broker
Former exec at exploit development firm Trenchant, owned by L3Harris, admitted to selling internal hacking tools to a Russian broker. Did the company notify the vendors whose products were exploited so that they could be patched? https://t.co/4wKJgZoIkl
By Runa Sandvik
Social•Feb 12, 2026
1994 Lillehammer Winter Olympics Suffer First Major Cyber Attack
On this day in 1994, the winter Olympics in Lillehammer were hit with a cyber attack. https://t.co/AZfPpQUjAr https://t.co/xox3MFDt75
By Mikko Hypponen
Podcast•Feb 12, 2026•1h 6m
Love Was the Hook.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan explore the surge in romance and social‑engineering scams, highlighting high‑profile cases like a €3 million "Dubai Crown Prince" fraud and a handyman‑turned‑boyfriend con that inspired an Amazon Prime documentary. They...
By Hacking Humans
Blog•Feb 12, 2026
On Misusing Transparent DNS Forwarders For Amplification Attacks
Researchers have identified transparent DNS forwarders as a potent, overlooked vector for reflective amplification attacks. Unlike traditional open resolvers, these forwarders relay queries without rewriting source IPs, allowing attackers to exploit shielded recursive resolvers and bypass rate‑limiting controls. Weekly Internet‑wide...
By APNIC Blog