Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Integrating FIDO Standards Into Secure OT Connectivity — A Practical Path to Resilience
The FIDO Alliance is mapping its phishing‑resistant passkeys, Device Onboard (FDO) and emerging Bare Metal Onboarding (BMO) to the UK NCSC’s Secure Connectivity Principles for Operational Technology. By replacing passwords with cryptographic credentials, FIDO eliminates the most common breach vector at OT network boundaries. FDO adds zero‑touch, attested device onboarding, while BMO extends trusted provisioning to the entire software stack, enabling secure updates and rebuilds. Together these standards give OT operators a practical, identity‑first path to resilience.
Native Account Abstraction Enables Safe Blockchain Agents
A question about AI and blockchain: What makes a blockchain Agent friendly? One possible answer I heard from @AbdelStark: Safety through Native Account Abstraction Suppose you give your agent some money to transact on your behalf. The agent could go rogue,...
The Download: AI-Enhanced Cybercrime, and Secure AI Assistants
Artificial intelligence is rapidly becoming a tool for cybercriminals, enabling faster, lower‑skill attacks and fueling a surge in deep‑fake‑driven scams. At the same time, AI‑powered personal assistants such as OpenClaw expose massive amounts of user data, raising urgent security concerns....
AI Is Already Simplifying Online Scams, Experts Warn
AI is already making online swindles easier. It could get much worse. Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening. #fintech #tech #finserv #AI @BetaMoroney @efipm @BrettKing @spirosmargaris @jasuja @enricomolinari @mikeflache https://t.co/xbcVW86X8z
Ex‑Trenchant Exec Sold Internal Hacks to Russian Broker
Former exec at exploit development firm Trenchant, owned by L3Harris, admitted to selling internal hacking tools to a Russian broker. Did the company notify the vendors whose products were exploited so that they could be patched? https://t.co/4wKJgZoIkl
Google Says Hacker Groups Are Using Gemini to Augment Attacks – and Companies Are Even ‘Stealing’ Its Models
Google Threat Intelligence Group, together with DeepMind, released an AI Threat Tracker revealing that state‑backed APT groups are weaponizing Google’s Gemini models to research targets, craft multilingual phishing, and generate code for attacks. Notable actors include China‑based Temp.HEX, UNC6148 targeting...
AI Skills Represent Dangerous New Attack Surface, Says TrendAI
TrendAI, the new business unit of Trend Micro, warns that AI skills—executable artifacts that blend human‑readable text with LLM instructions—represent a dangerous attack surface. These skills, used in products like Anthropic’s Agent Skills, OpenAI’s GPT Actions, and Microsoft’s Copilot Plugins, can...
1994 Lillehammer Winter Olympics Suffer First Major Cyber Attack
On this day in 1994, the winter Olympics in Lillehammer were hit with a cyber attack. https://t.co/AZfPpQUjAr https://t.co/xox3MFDt75
Love Was the Hook.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan explore the surge in romance and social‑engineering scams, highlighting high‑profile cases like a €3 million "Dubai Crown Prince" fraud and a handyman‑turned‑boyfriend con that inspired an Amazon Prime documentary. They...
On Misusing Transparent DNS Forwarders For Amplification Attacks
Researchers have identified transparent DNS forwarders as a potent, overlooked vector for reflective amplification attacks. Unlike traditional open resolvers, these forwarders relay queries without rewriting source IPs, allowing attackers to exploit shielded recursive resolvers and bypass rate‑limiting controls. Weekly Internet‑wide...
Does Your TV Track You Even Through the HDMI Port? Short Answer: Yes
Smart TVs can monitor content played on HDMI‑connected devices using two methods: HDMI‑CEC metadata and Automatic Content Recognition (ACR). ACR takes pixel‑level snapshots to fingerprint shows, movies, or games, while CEC logs device IDs and usage duration. The article outlines...
Companies Are Using ‘Summarize with AI’ to Manipulate Enterprise Chatbots
Microsoft's research reveals a new AI hijacking technique called AI recommendation poisoning, where "Summarize with AI" buttons embed hidden prompts that bias enterprise chatbots toward a vendor’s products. Over two months, researchers found 50 instances across 31 companies in sectors...
9 Ways to Ensure Regulatory Compliance in Cloud Storage
Cloud storage compliance has become a top priority for IT leaders in 2026 as organizations increasingly rely on remote data repositories. Rising regulatory scrutiny—spanning GDPR, HIPAA, PCI DSS, CCPA and others—means non‑compliance can trigger hefty fines, reputational harm, and operational...
0APT Ransomware Group Rises Swiftly with Bluster, Along with Genuine Threat of Attack
The 0APT ransomware group burst onto the scene last month, publicly claiming roughly 200 victims within its first week. While investigators have found no evidence that any of those organizations were actually breached, the group’s infrastructure includes a fully functional,...
Once-Hobbled Lumma Stealer Is Back with Lures that Are Hard to Resist
Lumma Stealer has reemerged at scale after a 2025 law‑enforcement takedown that crippled its command‑and‑control infrastructure. The malware‑as‑a‑service operation now relies on ClickFix lures—fake CAPTCHAs that trick users into running malicious commands—and the memory‑only CastleLoader to evade detection. Researchers report...
Recruiters Overlook Security While Demanding Identity Verification
I just saw a Recruiter say "people share their data with every app out there, I don't understand why adding extra security layers to the ATS asking people to verify their identity is a problem."
Interim CISA Chief: ‘When the Government Shuts Down, Cyber Threats Do Not’
Acting CISA Director Madhu Gottumukkala warned that a DHS shutdown would cripple the agency’s ability to issue timely cyber guidance, force over a third of frontline security staff to work without pay, and halt proactive threat‑hunting activities. The shutdown would...
CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk
CVE‑2026‑25646 reveals a heap‑buffer overflow in libpng’s png_set_quantize function, a flaw that has existed for nearly three decades across all historic releases. The bug triggers when a PNG image contains a palette chunk without a histogram and requests color quantization,...
Review: Box Facilitates Secure Collaboration for Healthcare Workers
Box Intelligent Content Management delivers a cloud‑based, zero‑trust platform tailored for healthcare’s strict security and compliance needs. The solution unifies over 1,500 integrations, enabling seamless collaboration between Office 365, Google Workspace and other systems while providing built‑in e‑signatures and workflow automation....
CISA’s Acting Chief Says 70 Staff Were Reassigned to Other DHS Offices in Last Year
Acting CISA director Madhu Gottumukkala told House appropriators that roughly 70 CISA employees were reassigned to other DHS components over the past year, while more than 30 staff were moved into the agency. A small number of those transfers went...
Vercel Sandbox Adds Simple Network Isolation Support
Vercel Sandbox isolation levels: ✅ Compute & memory resource isolation ✅ Filesystem and durability isolation 🆕 Network isolation Wild how easy this is: --𝚊𝚕𝚕𝚘𝚠𝚎𝚍-𝚍𝚘𝚖𝚊𝚒𝚗 (CLI) or 𝚗𝚎𝚝𝚠𝚘𝚛𝚔𝙿𝚘𝚕𝚒𝚌𝚢 in 𝚂𝚊𝚗𝚍𝚋𝚘𝚡.𝚌𝚛𝚎𝚊𝚝𝚎. Try it out: https://t.co/UoWXCW9Ien
DOJ Says Trenchant Boss Sold Exploits to Russian Broker Capable of Accessing ‘Millions of Computers and Devices’
The DOJ has charged Peter Williams, former general manager of Trenchant—a cyber‑offensive unit of L3Harris—with stealing eight zero‑day exploits and selling them to a Russian broker for about $1.3 million in cryptocurrency. Prosecutors say the tools could grant access to millions of...
CVE-2026-21514: Actively Exploited Word Flaw Evades OLE Security
Microsoft disclosed CVE‑2026‑21514, an actively exploited vulnerability in Word that bypasses Object Linking and Embedding (OLE) security controls. The flaw lets specially crafted documents execute code without triggering Protected View or enable‑content prompts, requiring only a user to open the...
Arcjet Release V1 of Its SDK for Enabling Security Capabilities in JavaScript Apps
Arcjet launched version 1.0 of its JavaScript SDK, delivering a stable, production‑ready API for security functions such as bot mitigation, email verification, rate limiting, and data redaction. The SDK can block malicious bots, enforce custom traffic rules, and protect against...
Digital Forensics Round-Up, February 11 2026
The February 11 digital forensics round‑up highlights a wave of open‑source tools—including triagectl for macOS, Hindsight v2026.01’s Chrome Sync parsing, a chunked BitLocker‑key recovery script, a Velociraptor Notepad++ artifact, and FOSSOR for malware hash lookup—aimed at streamlining evidence collection. It also...
Black Duck Signs MSSP Agreement with Accenture
Black Duck announced a managed security service provider (MSSP) agreement with Accenture, designating the Black Duck Polaris platform as the standard tool for Accenture’s Application Security Practice. Polaris combines static, dynamic, and software composition analysis into a single SaaS offering,...
EU Commission Breach – The Importance of Upholding Strong Device Management Infrastructure
Last week the European Commission disclosed a cyberattack that compromised its mobile device management (MDM) platform, exposing staff names and phone numbers. Security experts from Huntress, Keeper Security, and CyberSmart warned that MDM systems are now a primary attack vector,...
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
Pentera Labs identified nearly 2,000 publicly exposed training applications across cloud platforms, with about 60% hosted on AWS, Azure or GCP. Roughly one‑fifth of these instances contained crypto‑mining scripts, web‑shells or persistence tools, indicating active exploitation. The vulnerable apps were...
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact
Industrial control system vendors Siemens, Schneider Electric, Aveva, and Phoenix Contact released a flurry of Patch Tuesday advisories on February 11, 2026, addressing high‑severity flaws across dozens of OT products. Siemens issued eight advisories covering Desigo CC, Sentron Powermanager, Simcenter Femap, NX, and...
Identy.io Announces Strategic Expansion in Africa
Identy.io, a global biometric authentication firm, announced a strategic expansion into Africa, focusing initially on Kenya and Nigeria. The company will deploy its software‑first Automated Biometric Identification System (ABIS) that captures biometrics via standard smartphones, reducing hardware costs. To support...
CISOs Must Separate Signal From Noise as CVE Volume Soars
The FIRST forecast predicts 2026 will see roughly 59,000 CVEs, with extreme scenarios approaching 118,000, far exceeding the 48,000 reported in 2025. The surge stems from more CVE Numbering Authorities, expanded bug‑bounty programs, and AI‑driven discovery, not a sudden drop...
CrowdStrike Appoints Jonathon Dixon as JAPAC Lead
CrowdStrike announced Jonathon Dixon as vice‑president and managing director for Japan and Asia Pacific, tasking him with leading AI‑powered cyber‑security transformation across the region. Dixon arrives with more than 25 years of experience, most recently serving as JAPAC head at Verkada and...
Risky Business #824 -- Microsoft's Secure Future Is Looking a Bit Wobbly
In episode 824 of Risky Business, Patrick Gray and Adam Boileau dissect a wave of cybersecurity headlines, from Microsoft’s unsettling reshuffle of its security leadership and upcoming Secure Boot certificate refresh to aggressive state‑backed campaigns by Russia targeting the Winter...
The European Supervisory Authorities and UK Financial Regulators Sign Memorandum of Understanding on Oversight of Critical ICT Third-Party Service Providers...
The European Supervisory Authorities (EBA, EIOPA and ESMA) have signed a Memorandum of Understanding with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to coordinate oversight of critical ICT third‑party service providers under the Digital...
Asia Fumbles With Throttling Back Telnet Traffic in Region
Telnet remains a major security weakness in the Asia‑Pacific, accounting for roughly half of the world’s exposed Telnet endpoints. Global throttling on Jan. 14 cut Telnet sessions by 83 % but Asian providers applied inconsistent filters, leaving the region’s traffic relatively high....
Know Before You Share: Be Mindful of Data Aggregation Risks
Financial data aggregators consolidate accounts into a single dashboard, using either APIs or screen‑scraping to retrieve information. While APIs provide scoped, credential‑free access, many providers still rely on screen‑scraping, which requires users to share login details. The article highlights privacy,...
Advance-Fee Frauds Keep Dropping the FINRA Name—Don’t Fall for “Regulator” Imposter Ploys
Fraudsters are increasingly impersonating FINRA and its executives, using authentic‑looking logos, signatures, and fake email domains to lure victims into advance‑fee scams. The scams typically demand payment for alleged regulatory or tax charges tied to worthless securities or nonexistent inheritances,...
UK to Lead Multinational Cyber Defence Exercise From Singapore.
Britain will lead the Defence Cyber Marvel 2026 exercise, bringing together more than 2,500 personnel from 29 nations in Singapore. The week‑long drill simulates real‑world cyber attacks, pitting blue and red teams against each other while integrating military, government and...
Cyber Command, NSA Nominee Rudd Advances to Senate Floor
The Senate Intelligence Committee voted 14‑3 to advance Army Lt. Gen. Joshua Rudd’s nomination as head of U.S. Cyber Command and the National Security Agency. Rudd, currently deputy chief of U.S. Indo‑Pacific Command, has no prior cyber warfare or intelligence...
Aave V4 Security Audit Published, Thanks Trail of Bits
The first Aave V4 security audit is now public. Big thanks to the @trailofbits team for the effort.
Best Tools for Test Data Management to Accelerate QA Teams in 2026
Test Data Management (TDM) tools are becoming essential for QA and DevOps teams as CI/CD pipelines demand rapid, compliant data provisioning. In 2026, vendors such as K2view, Delphix, Datprof, IBM Optim, Informatica, and Broadcom lead the market, each emphasizing self‑service,...
February Patches for Azure DevOps Server
Microsoft released February 2026 patches for its self‑hosted Azure DevOps Server suite, covering the core product and the 2022.2, 2020.1.2, and 2019.1.2 releases. Each patch is available via direct download links and includes detailed release notes. The company urges all...
FortiOS Authentication Bypass Exposes VPN and SSO Deployments
Fortinet disclosed CVE‑2026‑22153, an authentication‑bypass flaw in FortiOS versions 7.6.0 through 7.6.4. The bug lets unauthenticated attackers skip LDAP checks for Agentless VPN or FSSO policies when the directory permits anonymous binds, potentially granting access to internal networks via SSL‑VPN....
Balancer DAO Caps Recovery Bounty at 10% After $128M Exploit
Balancer DAO approved a proposal (BIP‑908) to allocate up to 10% of any recovered assets as a bounty for the November exploit that siphoned roughly $128 million from its V2 pools. The vote achieved a 158% quorum, though only nine votes...
Regional Bank Execs Love Mobile Apps, Fear Wire Transfer Fraud
Regional midsize and community banks are prioritizing mobile banking apps, with 54% ranking them among the top five technology spend categories for 2026. At the same time, 42% of respondents view agentic artificial intelligence as the most significant catalyst for...
EU Unconditionally Approves Google’s $32B Acquisition of Wiz
The European Commission has given unconditional approval to Google’s $32 billion acquisition of cloud‑security firm Wiz, allowing the deal to close without any remedial conditions. The EU antitrust review concluded that the transaction poses no significant competition risk in the European...
Quantum Communication Secured by Choosing Measurement Basis Offers Ultimate Privacy
Researchers have unveiled a one‑way quantum secure direct communication (QSDC) protocol that hides the secret in the choice of measurement basis—computational or Hadamard—rather than a pre‑shared key. Using finite ensembles of entangled EPR pairs and a public authenticated channel, the...
Volvo Group North America Customer Data Exposed in Conduent Hack
Volvo Group North America announced that an indirect data breach exposed personal information of about 17,000 customers and staff. The breach stemmed from Conduent, a U.S. business‑process‑outsourcing firm, whose systems were compromised between October 21, 2024 and January 13, 2025. Threat actors accessed names,...
Microsoft Rolls Out New Secure Boot Certificates Before June Expiration
Microsoft has begun distributing updated Secure Boot certificates through the regular monthly Windows updates, replacing the original 2011 certificates that will expire in late June 2026. The refresh targets Windows 11 24H2 and 25H2 devices, with many newer PCs already shipping the...
OQC Demonstrates Quantum Algorithm on Toshiko System, Boosting Defence Network Resilience
OQC and QinetiQ have demonstrated a quantum‑based solution that identifies critical vulnerabilities in Mobile Ad‑Hoc Networks used for military and emergency communications. By running QinetiQ’s Quantum Approximation Optimisation Algorithm on OQC’s Toshiko processor, the collaboration pinpointed nodes whose failure would...