Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
NAVWAR Cyber Directorate’s Mission to Secure, Survive, Comply
The Naval Information Warfare Systems Command (NAVWAR) created a new cyber directorate last August to centralize its cybersecurity efforts. The directorate targets three pillars—zero‑trust adoption, secure software development, and cutting‑edge defensive technologies—while automating risk‑management framework (RMF) compliance. By feeding feedback into the DoD’s upcoming RMFNext, NAVWAR aims to shift from manual "check‑the‑box" audits to continuous monitoring, freeing resources to protect the enterprise and sustain war‑fighting capabilities. The initiative also emphasizes software‑defined networks and tighter integration with Fleet Cyber Command and external partners.
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
Microsoft faces mounting pressure as ransomware groups increasingly leverage bring‑your‑own‑vulnerable‑driver (BYOVD) attacks to neutralize endpoint security tools. While Windows has introduced driver signing enforcement and a vulnerable driver blocklist, legacy compatibility rules allow drivers with expired or revoked certificates to...
Navy Installations Shift to Continuous Cybersecurity Model
The U.S. Navy is moving to a continuous cybersecurity model that relies on artificial intelligence to detect and mitigate threats in real time. Navy Installations Command (CNIC) is replacing its legacy risk‑management framework with the Cybersecurity Risk Management Construct, emphasizing...
Cyberintelligence Institute Launches CYROS App to Warn Against Cyber Threats
The Cyberintelligence Institute (CII) has released CYROS, a free smartphone app that warns users of emerging cyber threats such as ransomware, phishing, and digital sabotage. The platform aggregates alerts from Germany's Federal Office for Information Security, consumer‑protection groups, and security...
What Interoperability in Healthcare Really Means for Security and Privacy
Healthcare interoperability is accelerating data exchange among hospitals, labs, insurers and pharmacies, but each connection expands the sector's attack surface. Misconfigured integrations, outdated protocols and weak identity controls can leak sensitive patient records, turning routine sharing into a security liability....
NATO Must Impose Costs on Russia, China over Cyber and Hybrid Attacks, Says Deputy Chief
At the Munich Cyber Security Conference, NATO Deputy Secretary General Radmila Shekerinska warned that the alliance must make cyber and hybrid attacks by Russia and China more costly. She cited a December cyber‑attack on Poland’s energy infrastructure as a recent...
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Google Threat Intelligence Group disclosed a coordinated campaign by state‑sponsored actors from China, Iran, Russia and North Korea targeting the defense industrial base. The operations concentrate on battlefield technologies used in the Russia‑Ukraine war, recruitment‑process infiltration, edge‑device entry points, and...
Episode 12 - Domain OSINT, Building Methods, and Turning Intelligence Into Products
In Episode 12, host Jake Creps breaks down Domain OSINT, demonstrating how a single URL can reveal ownership, infrastructure, intent, and related activity using free tools like WHOIS, DNS enumeration, and reverse IP searches. He illustrates the process with a...
China May Be Rehearsing a Digital Siege, Taiwan Warns
Taiwan’s senior security adviser warned that China is using a secret cyber‑training platform called "Expedition Cloud" to simulate attacks on critical infrastructure. The platform creates digital twins of power grids, transport and communications networks, allowing Beijing’s teams to rehearse disruptive...
SMART Toolkit Helps Map Healthcare Cyber Risk
Intermountain Health’s chief information security officer Erik Decker unveiled the SMART toolkit, a framework that maps an organization’s critical clinical and administrative functions to assess cyber‑risk exposure. The tool helps leaders identify which services must remain operational during a breach...
Deepfake Business Risks Are Growing – Here's What Leaders Need to Know
Deepfake attacks have moved from a niche concern to a mainstream cybersecurity priority, with 62% of organizations reporting at least one incident in the past year. Hackers are leveraging publicly available AI models, such as Google Gemini, to create convincing...
Fake North Korean IT Workers Are Rampant on LinkedIn – Security Experts Warn Operatives Are Stealing Profiles to Apply for...
Security Alliance (SEAL) reports that North Korean actors are hijacking authentic LinkedIn profiles to pose as remote IT workers and infiltrate companies worldwide. By leveraging stolen personal data, verified workplace emails and AI‑generated imagery, they pass background checks and secure...
Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third
The Munich Security Index 2026 released at the MSC shows G7 nations rank cyber‑attacks as their top security risk for the second consecutive year. Disinformation campaigns sit in third place, while economic crises occupy the second slot. In contrast, the...
Dutch Carrier Odido Discloses Data Breach Impacting 6 Million
Dutch mobile carrier Odido announced a data breach that exposed personal information of more than 6 million customers, including names, addresses, phone numbers, email, dates of birth, bank account and passport or driver‑license details. The intrusion occurred on February 7‑8 and targeted...
OpenClaw in the Clinic: A Business Plan for HIPAA-Compliant Deployment of Agentic AI at Scale in Payer and Provider Organizations
The episode dissects OpenClaw, an open‑source, agentic AI platform that can autonomously interact with files, commands, and dozens of applications, and evaluates its viability for payer and provider health organizations. It explains why the default, unsecured version violates HIPAA, outlines...
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Researchers uncovered a wave of malicious Chrome extensions that siphon data from corporate tools, social platforms, AI assistants, and general browsing activity. The CL Suite add‑on steals Meta Business Suite credentials and analytics, while VK‑styled extensions hijacked roughly 500,000 VKontakte...
The $17 Billion Wake-Up Call: Securing Crypto in the Age of AI Scams
The 2026 Chainalysis report estimates crypto‑related scams cost $17 billion, driven by a 1,400% surge in impersonation attacks and a 456% jump in AI‑enabled fraud. Machine‑learning tools have turned scams into factory‑scale operations, making them 4.5 times more profitable than traditional...
The Cyber Express Weekly Roundup: Escalating Breaches, Regulatory Crackdowns, and Global Cybercrime Developments
The Cyber Express weekly roundup highlights a series of high‑profile cyber incidents across continents. The European Commission’s mobile device management system was breached but contained within nine hours, while Senegal’s national identity services were crippled by ransomware. In Australia, FIIG...
Npm’s Update to Harden Their Supply Chain, and Points to Consider
npm completed a major authentication overhaul in December 2025, revoking classic long‑lived tokens and moving to short‑lived session tokens with MFA default for publishing. The changes also promote OIDC Trusted Publishing, giving CI systems per‑run credentials. However, MFA phishing attacks...
Fake AI Chrome Extensions Steal Credentials From 300K Users
🚨 Fake AI Chrome extensions with 300K users steal credentials, emails | Cybersecurity Here are the Extensions: 1️⃣ AI Sidebar (gghdfkafnhfpaooiolhncejnlgglhkhe) – 70,000 users 2️⃣ AI Assistant (nlhpidbjmmffhoogcennoiopekbiglbp) – 60,000 users 3️⃣ ChatGPT Translate (acaeafediijmccnjlokgcdiojiljfpbe) – 30,000 users 4️⃣ AI GPT (kblengdlefjpjkekanpoidgoghdngdgl) – 20,000...
60,000 Records Exposed in Cyberattack on Uzbekistan Government
Uzbekistan’s Digital Technologies Ministry confirmed that a cyberattack on three government information systems in late January exposed roughly 60,000 individual data records, not the personal data of 15 million citizens as earlier rumors suggested. The breach, which lasted from January 27‑30, was...
Japanese Broker Rakuten Securities to Change MT4 Login Method to Enhance Security
Rakuten Securities will overhaul the MetaTrader 4 login process. Beginning Saturday, February 28 2025, the broker will issue random passwords for its MT4, MT4 Securities CFD and MT4 Commodity CFD accounts. After Saturday, February 28 2026, direct MT4 logins will be permanently disabled, requiring traders...
Kaspersky Warns Against ‘Valentine’s Gift’ Card Scams
Kaspersky warns that scammers are targeting the surge in Valentine's Day gift‑card purchases with sophisticated phishing campaigns. The security firm’s latest global survey shows 80% of consumers plan to buy digital gifts, prompting fraudsters to create fake verification sites and...
8,000+ ChatGPT API Keys Left Publicly Accessible
Cyble Research and Intelligence Labs uncovered more than 8,000 publicly accessible ChatGPT API keys, including over 5,000 GitHub repositories and roughly 3,000 live production websites. The keys were hard‑coded in source code, configuration files, and client‑side JavaScript, making them instantly...
Supply Chain Cyber Attacks Continue to Evolve in 2026: Group-IB
Group-IB’s High‑Tech Crime Trends Report 2026 warns that supply‑chain cyber attacks have matured into self‑contained ecosystems, with threat actors focusing on upstream vendors rather than direct targets. By exploiting trusted relationships, attackers can infiltrate downstream networks, as illustrated by 263...
Should Healthcare Organizations Transition to Biometric Security?
Biometric authentication is now mainstream in U.S. healthcare, with roughly 78% of organizations deploying fingerprint or facial‑recognition systems. The technology promises stronger identity assurance, faster workflow access, and reduced patient misidentification, directly addressing HIPAA compliance and safety concerns. However, high...
SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring
The episode dives into a newly discovered SSH worm that can turn a compromised host into a botnet in just four seconds, highlighting its self‑propagation and cryptographically signed command‑and‑control mechanism. It then reviews the latest OpenSSH changes for macOS, emphasizing...
Bluetooth Pacemakers Could Be Tracked via War‑Driving
For the Nancy Guthrie case, an idea and maybe a crazy one but she had a pacemaker which often implantable devices use bluetooth such as Medtronic's. Couldn't you war-drive (drones even better) with a high gain antenna with amplifiers -...
Key Cybersecurity Essentials for Customer-Facing Platforms
Securing The Front Line: #Cybersecurity Essentials For Customer-Facing Platforms - B2B Marketing Blog | Webbiquity - https://t.co/zi7jypeOqC
Passwordless PostgreSQL: IAM Authentication with Pulumi
Pulumi now offers reusable components to enable AWS IAM authentication for Aurora PostgreSQL, allowing applications to connect using short‑lived tokens instead of static passwords. The setup provisions an RDS cluster with IAM authentication, creates IAM‑enabled database users, and configures IRSA...
9 Unvarnished Cybersecurity Truths CIOs Must Confront
Beyond the Hype: 9 Cybersecurity Realities CIOs Must Face at RSAC 2026 #CIO #Cybersecurity #RSAC #RSAC2026 #AI https://t.co/l36K8t0RcX
Email: From Simple File Sharing to Chaos
Email probably started off as a guy just trying to send himself a file, and then it got completely out of control
The Cyber Siege of Private Practices: Are You at Risk?
The Identity Theft Resource Center’s 2025 Data Breach Report reveals a 79 % surge in U.S. data compromises, with 534 incidents targeting health‑care providers. Private‑practice physicians face precise, AI‑driven attacks that exploit patient records and vendor relationships. Transparency in breach notifications...
Identity Protection Is Key to Combating Fraud
Why Identity Protection and Cybersecurity Are Central to Fighting Fraud by @ChuckDBrooks https://t.co/hftYQY0W6B #cybersecurity #fraud
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
Booz Allen Hamilton has launched the general availability of Vellox Reverser™, an AI‑driven malware reverse‑engineering platform that automates deep analysis at machine speed. The solution leverages a resilient agentic AI architecture, AWS Lambda, Bedrock and Step Functions to ingest samples,...
California Fines Disney For Alleged Privacy Violations
Disney agreed to pay $2.75 million to settle California Attorney General claims it breached the state’s privacy law by not honoring user opt‑out requests. The settlement requires Disney to create a consumer‑friendly, easy‑to‑execute opt‑out process and to cease cross‑context behavioral advertising...
It’s 2026, but Hospitals Still Haven’t Prevented Snooping in Celebrities’ Records
A Michigan hospital, likely McLaren Northern Michigan, is accused by internet personality Josh Clarke of allowing staff to view his medical records, take selfies in his treatment area, and conceal his presence on a notice board. Clarke’s video alleges that...
Hacker Linked to Epstein Removed From Black Hat Cyber Conference Website
Black Hat quietly removed veteran hacker Vincenzo Iozzo from its review board after DOJ documents linked him to Jeffrey Epstein. Iozzo, founder of SlashID and former CrowdStrike senior director, had served on the board since 2011. He denies any illegal...
Hash‑based Crypto: Blockchain’s Timeless Security Foundation
“One of the goals of blockchains is that they’re going to be securing hundreds of trillions of dollars over centuries. hash based cryptography is believed to stand the test of time and is the most minimal assumption that you could...
Ethereum Targets Post‑quantum Cryptography Upgrade by 2029
“The plan right now is to upgrade every single piece of Ethereum cryptography to be post quantum secure by 2029.” — Justin Drake (@drakefjustin), Researcher at the Ethereum Foundation https://t.co/bbNeyUmOCj
Identity Security Looks Different by Industry. Here’s How MSPs Can Keep Up
Identity attacks remain the top breach vector, yet only 33 % of leaders trust their identity providers to stop them. With 82 % increasing spend and 85 % shifting to security‑first identity strategies, execution gaps are widening. Modern identity now includes machines, APIs...
Unified Standards Prevent Cryptographic Disasters and Incompatibility
“It’s very good if the industry can all agree on one standard so that things are interoperable, you get many fewer cryptographic disasters or unexpected incompatibilities or security issues.” — @ChrisPeikert, Professor, CSE, University of Michigan https://t.co/bbNeyUmOCj
Ethereum’s Three Core Cryptos Found Vulnerable
“For Ethereum specifically, there’s three pieces of cryptography that are vulnerable: ECDSA, BLS signatures, and KCG.” — Justin Drake (@drakefjustin), Researcher at the Ethereum Foundation https://t.co/bbNeyUmOCj
Anna’s Archive Ignores Court Order and Starts Making Stolen Spotify Files Available to Torrent
Anna’s Archive, a piracy activist group, has begun seeding roughly 2.8 million Spotify tracks—about 6 TB of audio—via its torrent index, despite a New York court injunction and a $13 trillion lawsuit filed by Spotify and major labels. The leak follows a massive...
UK Customers Aren't as Worried About Sovereignty as EU, Cisco Exec Says
Cisco’s EMEA president Gordon Thomson told The Stack that British companies are less preoccupied with data‑sovereignty than their European counterparts. He noted that infrastructure autonomy has become a board‑level fear across the region, while AI localisation requirements are muddying the...
Apple Patches Actively Exploited Zero-Day Flaw
Apple has issued patches for CVE-2026-20700, a zero‑day vulnerability in the dyld dynamic linker affecting iOS, iPadOS, macOS, tvOS, watchOS and visionOS. The flaw enables arbitrary code execution with memory‑write capability and was actively exploited in highly sophisticated, targeted attacks,...
Keeper Commander Introduces SuperShell™
Keeper Security launched SuperShell™, a full‑screen terminal user interface for Keeper Commander, available from version 17.2.7 onward. The TUI provides a split‑view vault browser with vi‑style keyboard shortcuts, searchable panes, raw JSON inspection, and live TOTP display. Designed for developers,...
Why Every MSP Needs a Battle-Tested Incident Response Framework
Managed Service Providers face escalating ransomware threats, making ad‑hoc responses untenable. A battle‑tested Incident Response Plan (IRP) provides a structured lifecycle—from preparation to lessons learned—that safeguards client systems and the MSP’s reputation. The guide outlines core pillars such as preparation,...
A Guide to the Best Disaster Recovery Solutions for Health Care Organizations
Healthcare providers face heightened risk from cyber attacks and natural disasters, making robust disaster recovery essential. Vendors such as Dataprise, Veeam, Acronis, Zerto, and Carbonite offer cloud, hybrid, and on‑premises solutions that promise rapid recovery, HIPAA compliance, and proactive monitoring....
Viral AI Caricatures Highlight Shadow AI Dangers
A viral Instagram and LinkedIn trend sees millions prompting ChatGPT to generate caricatures that describe their jobs, then posting the images publicly. The practice unintentionally reveals how employees use large language models (LLMs) at work and what data they may...