Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026
Enterprises face escalating operational downtime risk, prompting CISOs to prioritize three strategic decisions. First, adopt STIX/TAXII‑compatible threat intelligence feeds that deliver fresh, high‑quality indicators, boosting detection rates by up to 58 %. Second, eliminate noisy false positives to protect analysts from burnout and cut Tier‑1‑to‑Tier‑2 escalations by 30 %. Third, enrich alerts with real‑world attacker behavior, shortening mean time to respond by 21 minutes and preserving business continuity.
Google Agrees to Pay $135 Million over Android Data Harvesting Claims
Google has agreed to a $135 million settlement to resolve a class action alleging Android devices transmitted system‑service data over cellular networks without user consent. The lawsuit, spanning over five years, claimed background data transfers drained users’ plans starting in November...
Stablecoin Bank Kontigo Suffers Cyber Attack
US neobank Kontigo, a stablecoin bank serving Latin America, suffered a cyber attack that impacted 1,005 users and resulted in the loss of 340,905.28 USDT. The breach exploited a flaw in the Auth provider’s Apple OIDC authentication flow, allowing attackers...
Number of Cybersecurity Pros Surges 194% in Four Years
The UK cybersecurity workforce has exploded, rising 194% between December 2021 and June 2025 to reach 83,700 professionals. This makes cyber the fifth‑fastest‑growing occupation and the most rapidly expanding IT role, outpacing the sector’s average 9.6% growth. Despite the surge, a talent...
EU’s Answer to CVE Solves Dependency Issue, Adds Fragmentation Risks
The European Union has launched the Global Cybersecurity Vulnerability Enumeration (GCVE.eu) database, aggregating advisories from over 25 public sources into a single, searchable platform hosted by Luxembourg’s CIRCL and co‑funded by the EU’s FETTA project. The initiative aims to mitigate...
Why Protecting Your Phone Number Matters for Online Security
Phone numbers are increasingly used as digital identifiers for account recovery, two‑factor authentication, and user verification, making them a prime target for attackers. The article outlines how numbers become publicly accessible through social profiles, directories, data breaches, and app permissions....
Real-Time Blackhole List – How to Remove an IP From It?
Email senders increasingly encounter DNS‑based Real‑Time Blackhole Lists that block IPs suspected of spam, phishing, or compromised servers. When an IP lands on a blacklist, major ESPs reject or filter messages, causing bounce errors, silent drops, and plummeting engagement metrics....
Cyber InsurTech Hits Turning Point with Massive Funding
Cyber InsurTech at a crossroads ? → https://t.co/lkwru1czZC This reflects the largest round announced recently, which happened to come from a cyber InsurTech startup. https://t.co/NIanaOZPp2
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks
A coordinated cyber‑attack wave hit Bumble, Panera Bread, Match Group and CrunchBase, with the hacker group ShinyHunters claiming responsibility. The intrusions stemmed from phishing and vishing tactics that compromised contractor or employee credentials, granting brief, limited access to internal networks....
Python-Based PyRAT Emerges as Cross-Platform Threat With Advanced Remote Access Capabilities
A new Python‑based Remote Access Trojan, dubbed PyRAT, has been identified as a cross‑platform threat capable of compromising both Windows and Linux systems. The malware leverages Python’s portability, compiling into ELF and PE binaries, and employs lightweight persistence mechanisms—XDG autostart...
NIST’s AI Guidance Pushes Cybersecurity Boundaries
NIST’s Center for AI Standards and Innovation released a formal Request for Information targeting secure practices for autonomous AI agents, signaling a shift from broad, principle‑based AI risk guidance to concrete, operational controls. The agency highlighted the limits of treating...
Matanbuchus Malware Evolves to Bypass AV Defenses by Swapping Core Components
Matanbuchus, a C++‑based downloader sold as Malware‑as‑a‑Service since 2020, has evolved into a modular backdoor platform with its latest 3.0 release featuring heavy obfuscation, ChaCha20‑encrypted strings, and Protobuf‑encoded C2 traffic. The malware leverages DLL sideloading through a malicious HRUpdate.exe MSI...
Cold Weather, Hot Scams.
In this episode, the hosts dissect recent social‑engineering attacks, covering a Verizon outage‑related credit scam, a rare case where a victim recovered nearly $1 million after a cyber fraud, and a surge of Ozembic/GLP‑1 weight‑loss drug scams targeting Wisconsin consumers with...
A Practical Take on Cyber Resilience for CISOs
Standard Chartered CISO Shebani Baweja explains cyber resilience as an extension of information security focused on recovery, trust, and continuity during severe incidents. She highlights three priority areas: managing third‑party risk, preparing for emerging threats like AI‑driven attacks, and embedding...
Enterprise API Security: Protecting Your Digital Ecosystem From Modern Threats
APIs have become the backbone of digital business, but they also represent the most frequent attack vector for enterprise web applications, according to Gartner. The guide outlines common vulnerabilities such as broken authentication, excessive data exposure, and rate‑limiting gaps, and...
ImmuniWeb Reports Double-Digit Growth and Platform Advances
ImmuniWeb reported an all‑time sales record for 2025, maintaining double‑digit year‑over‑year growth while staying profitable. The company rolled out four major AI Platform updates, adding AI‑specific testing for web, mobile, API, LLM vulnerabilities and post‑quantum encryption readiness. Independent ISO 9001 and...
NSFOCUS Unveils Enhanced AI LLM Risk Threat Matrix for Holistic AI Security Governance
NSFOCUS announced an upgraded AI LLM Risk Threat Matrix, adding 14 new threat categories that focus on AI agent, multimodal, and Multi‑Agent Communication Protocol (MCP) vulnerabilities. The matrix expands coverage across identity, application, model, data, and infrastructure security throughout the...
AI-Enabled Scams Rose 500% in 2025 as Crypto Theft Goes ‘Industrial’
TRM Labs reports a five‑fold surge in large language model‑powered scams in 2025, propelling AI‑generated deepfakes, voice clones and synthetic images into mainstream fraud. Crypto theft amounted to $35 billion, a slight dip from 2024, while illicit crypto wallet inflows jumped...
Regtech Prove Highlights Transformation of Identity Verification and Digital Onboarding Processes
Regtech firm Prove says identity verification is evolving from a single, static check to a continuous, adaptive process. The shift is driven by deepfake threats, AI‑powered fraud, real‑time payment demands, and multi‑device interactions. Prove argues that dynamic verification can maintain...
UK Plans Sweeping Overhaul of Policing Amid Surge in Online Crimes
The UK government announced a sweeping reform of policing that will create a new National Police Service, modeled after the FBI, to lead the fight against cybercrime, fraud and other internet‑enabled offenses. The proposal consolidates responsibilities currently spread across dozens...
OPNsense 26.1 Brings Updates to Open-Source Firewall Management
OPNsense released version 26.1, code‑named Witty Woodpecker, enhancing firewall management, traffic visibility, and automation interfaces. The update revamps the live firewall log, redesigns the firewall rules UI, and expands API coverage to include Source NAT tagging and Destination NAT port...
Bridging Compliance and Cybersecurity in Financial Reporting in 2026
The SEC is drafting rules that will require public companies to disclose their cybersecurity controls as part of regular financial reporting. This links cyber risk directly to compliance, forcing firms to treat security as a core reporting element. The article...
Silicon Valley Wades Into a Trade Spat with South Korea
Coupang, South Korea’s e‑commerce powerhouse with $35 bn in sales, suffered a massive data breach that has escalated into a diplomatic dispute. U.S. officials, backed by allies in the Trump administration, are pressing for tighter security controls on the firm’s handling...
Universal Privacy Framework Achieves Untrusted Data Security in Distributed Quantum Sensing
Researchers from Korea Institute of Science and Technology and Yonsei University introduced a universal operational privacy framework for distributed quantum sensing. The framework defines privacy through the experimentally accessible classical Fisher information matrix, making it protocol‑independent and applicable to singular...
Open Banking Continues to Outperform on Fraud
Open Banking’s latest financial‑crime report shows fraud rates of just 0.013 % of transactions, far below the 0.045 % industry average, and an improved performance versus 2024. While overall fraud remains low, Authorised Push Payment (APP) scams now represent 74 % of Open...
NDSS 2025 – Recurrent Private Set Intersection For Unbalanced Databases With Cuckoo Hashing
Researchers from NYU Abu Dhabi introduced a recurrent Private Set Intersection (PSI) protocol tailored for unbalanced databases. The solution combines leveled Fully Homomorphic Encryption with cuckoo hashing, delivering real‑time performance for repeated small‑set queries against a large set. Benchmarks using...
Survey Surfaces Lots of Room for DevSecOps Improvement
A new UserEvidence survey of 506 security leaders reveals that while 80% of organizations have security and DevOps teams sharing observability tools, only 45% feel the teams are very aligned on tooling and workflows. Most respondents (93%) use three or...
SSO Vs. Federated Identity Management: A Guide
Modern enterprises face escalating identity challenges as employees and automated workloads proliferate across SaaS, micro‑services, and multi‑cloud environments. Single Sign‑On (SSO) centralizes human authentication, reducing password fatigue and providing a unified audit trail, while federated identity extends access across organizational...
.jpg?height=635&t=1769625646&width=1200)
2026 Enterprise Security Trends: What Leaders Must Prepare For In An Interconnected Risk Landscape
Enterprise security in 2026 is defined by the merging of cyber and physical domains, the rise of AI as both an attack accelerator and defense multiplier, and the recognition that cloud outages are now security incidents. Recent incidents like the...
Student Data at Risk: What the Victoria Education Breach Exposes About Public Sector Security
The Victoria Department of Education suffered a data breach that exposed personal information of current and former students, prompting a privacy investigation. The breach highlighted longstanding issues in public‑sector access governance, such as dormant accounts and overly broad permissions. Attackers...
Fortinet Confirms CVE-2026-24858 SSO Flaw Under Active Attack
Fortinet has confirmed that the FortiCloud Single Sign‑On (SSO) authentication bypass vulnerability (CVE‑2026‑24858) is being actively exploited in the wild. The flaw, rated 9.4 on the CVSS scale, affects FortiOS, FortiManager, FortiAnalyzer and FortiProxy, allowing attackers with a valid FortiCloud...
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Moltbot, an open‑source AI coding assistant with over 85,000 GitHub stars, has no official Visual Studio Code extension, yet a counterfeit "ClawdBot Agent – AI Coding Assistant" appeared on the Marketplace. Published on January 27 2026, the malicious extension automatically runs on IDE launch...
Open‑Source AI Gains Power, Raises Massive Security Risks
On one hand we should expect many open source models to get great at computer use because of clawdbot proving demand On the other hand random free oss models controlling millions of computers sounds like a nightmare
What Are Service Accounts and Why Are They a Security Risk?
Service accounts are non‑human identities that power cloud, container and CI/CD workloads, but they often rely on static, long‑lived credentials. Over‑privileged and poorly managed accounts generate a majority of cloud security alerts and have been leveraged in high‑profile breaches such...
Outtake Raises $40M Series B
Outtake, a digital‑trust platform that safeguards organizations from AI‑driven impersonation, closed a $40 million Series B round. The financing was led by ICONIQ with participation from CRV, S32, and a roster of high‑profile tech and security executives, including Microsoft CEO Satya Nadella and...
Why Your Security Team Needs to Hire Non-Traditional Professionals
Security leaders are urged to consider candidates with non‑traditional backgrounds, as highlighted in a recent Security Magazine podcast with threat analyst Aaron Walton. Examples like CISO Holly Drake, who transitioned from Russian literature and social work, illustrate how diverse education...
Russian Cybercrime Platform RAMP Forum Seized by FBI
U.S. FBI seized the clearnet and dark‑web domains of the Russian‑language cybercrime forum RAMP, known for ransomware and access‑broker services. The operation, coordinated with the DOJ’s Computer Crime and Intellectual Property Section and the Southern District of Florida, redirected both...
CVE-2025-56005: Python PLY Flaw Enables Remote Code Execution
A critical vulnerability (CVE‑2025‑56005) has been disclosed in the Python PLY library version 3.11, allowing attackers to execute arbitrary code by loading a crafted pickle file via the undocumented *picklefile* parameter. The flaw triggers during parser initialization, meaning code runs before...
Great Refractor Initiative Looks to AI to Harden Critical Code
The Great Refactor initiative proposes using AI to automatically translate vulnerable C and C++ open‑source code into Rust, targeting 100 million lines by 2030 with a $100 million investment. Rust’s memory‑safety design could eliminate roughly 70 % of software vulnerabilities that stem from...
Critical and High Severity N8n Sandbox Flaws Allow RCE
Two critical sandbox bypasses were discovered in the n8n workflow automation platform, affecting its JavaScript expression engine (CVE‑2026‑1470, CVSS 9.9) and Python Code node (CVE‑2026‑0863, CVSS 8.5). Both flaws let authenticated users escape the sandbox and execute arbitrary commands on the host...
NDSS 2025 – Iris: Dynamic Privacy Preserving Search In Authenticated Chord Peer-To-Peer Networks
The NDSS 2025 paper introduces Iris, a scheme that enables privacy‑preserving searches in authenticated Chord peer‑to‑peer networks while remaining compatible with the existing protocol. Iris defines a new alpha‑delta privacy notion, extending k‑anonymity to protect query information across iterative hops....
SEALSQ to Showcase Post-Quantum Cybersecurity Solutions at Tech&Fest 2026 in Grenoble
SEALSQ Corp (NASDAQ: LAES) will display its post‑quantum cybersecurity portfolio at Tech&Fest 2026 in Grenoble on February 4‑5, highlighting hardware‑based roots of trust. The French subsidiary, SEALSQ France, builds on three decades of secure‑semiconductor expertise inherited from Gemplus and employs nearly 200 staff...
Satellite Quantum-Internet to Reach $1.82B in 2026 with 32.9% CAGR
A new ResearchAndMarkets.com report projects the satellite quantum‑internet market to reach $1.82 billion in 2026, up from $1.37 billion in 2025, representing a 32.9% compound annual growth rate. The market is expected to expand to $5.63 billion by 2030 with a sustained 32.6%...
Veracode’s Platform Enhancements Help Prevent Software Supply Chain Attacks
Veracode unveiled a suite of platform enhancements for the second half of 2025, highlighted by the launch of Package Firewall, a preventive control that blocks malicious third‑party packages before they enter development environments. The feature integrates with major package managers...
SolarWinds Warns of Critical Web Help Desk RCE, Auth Bypass Flaws
SolarWinds issued emergency patches for its Web Help Desk platform, fixing four critical vulnerabilities—two authentication bypass flaws (CVE‑2025‑40552, CVE‑2025‑40554), two remote code execution bugs (CVE‑2025‑40553, CVE‑2025‑40551), and a hard‑coded credentials issue (CVE‑2025‑40537). The flaws can be exploited remotely without authentication,...
Bedrock Data Extends DSPM to Atlassian Confluence, Mapping SaaS Data to AI Inference Risk
Bedrock Data announced native Data Security Posture Management (DSPM) support for Atlassian Confluence, enabling automatic discovery of spaces, pages and blogs. The platform classifies unstructured content for PII, secrets and intellectual property, resolves inherited permissions, and maps that data to...
EPC Issues RFI for Fraud Information Sharing Platform
The European Payments Council (EPC) has issued a Request for Information (RFI) to find operators for a central fraud‑information sharing platform under its Frida scheme. The initiative anticipates the EU Payment Services Regulation (PSR) that will take effect in early...
Show HN: Sandbox Agent SDK – Unified API for Automating Coding Agents
The Sandbox Agent SDK introduces a Rust‑based server and TypeScript client that let developers run AI coding agents—Claude Code, Codex, OpenCode, and Amp—inside isolated sandboxes while controlling them over a unified HTTP/SSE API. By normalizing disparate agent interfaces into a single...
Abstract Security Partners with Netskope to Bring Real-Time Detection Into Security Data Streams
Abstract Security announced a partnership with cloud‑security leader Netskope to embed real‑time detection directly into Netskope One telemetry streams. The integration streams high‑fidelity Secure Service Edge data into Abstract’s adaptive pipeline, allowing on‑the‑fly enrichment, filtering and routing to SIEMs, data...
Apiiro Introduces Guardian Agent to Secure AI-Driven Software Development
Apiiro Ltd. launched Guardian Agent, an AI‑driven application security agent that prevents vulnerable and non‑compliant code generation. The solution continuously monitors software architecture, attack surface, runtime exposure, and policy compliance, rewriting prompts to secure AI coding assistants in real time....