Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Texas Declares War on Chinese Tech — And It’s Getting Weird
Governor Greg Abbott announced an expanded ban on Chinese‑linked technology for Texas state employees, prohibiting hardware, software, and AI tools from firms such as Alibaba, Shein, Temu, TP‑Link and CATL. The measure, framed as a privacy safeguard against foreign surveillance, is one of the broadest state‑level tech restrictions in the United States. It applies only to state‑issued devices and networks, leaving private users untouched, but sends a clear signal about the political risk of Chinese supply chains. If other states emulate Texas, the policy could reshape public‑sector procurement nationwide.
Customer Identity Management for Cruise Customer Experience
Cruise operators are shifting focus from flashy onboard attractions to the invisible infrastructure that links every guest interaction. By deploying consumer identity and access management (CIAM), brands can maintain a single, secure passenger profile from discovery through post‑cruise loyalty. This...
Citizen Engagement Strategies Powered by CIAM
Citizen engagement is now driven by digital experiences, and fragmented login processes are the primary barrier. The article argues that Customer Identity and Access Management (CIAM) is essential for municipalities to centralize services, provide a single digital identity, and build...
Blockchain Investigator Identifies Crypto Theft Network Linked to US Government Seizure Funds
TRM Labs disclosed a sophisticated crypto‑theft operation that has siphoned over $90 million, including $24.9 million tied to the U.S. Strategic Bitcoin Reserve, after a Telegram “band‑for‑band” challenge inadvertently revealed wallet addresses. The network employed advanced laundering tactics—cross‑chain bridges, mixers, and both...
F5 Shares Jump After Revenue and Earnings Beat in Fiscal First Quarter
F5 Inc. posted fiscal Q1 2026 revenue of $822 million, up 7% YoY, and adjusted earnings per share of $4.45, surpassing analyst expectations of $756 million and $3.65 EPS. Systems revenue surged 37% while software revenue fell 8%, and global services grew...
Chinese Mustang Panda Hackers Deploy Infostealers via CoolClient Backdoor
Chinese espionage group Mustang Panda has upgraded its CoolClient backdoor with new infostealer capabilities, including browser credential theft, clipboard monitoring, and active window tracking. The variant has been observed targeting government entities in Myanmar, Mongolia, Malaysia, Russia and Pakistan, delivered via...
Capture-the-Flag in Space: D-Orbit Shares Lessons From Cyber Competition
D‑Orbit hosted the first in‑orbit capture‑the‑flag (CTF) cybersecurity competition on its ION Satellite Carrier, partnering with ESA and Mhackeroni. Five finalist teams tackled live telemetry, command sequencing and onboard software exploits in a controlled environment. The event exposed the distinct...
SuperQ Quantum Appoints Cybersecurity Veteran to Lead Post-Quantum Commercialization in 2026
SuperQ Quantum Computing Inc. announced the appointment of Brian Beveridge, a 30‑year cybersecurity veteran, as Director of Post‑Quantum Cybersecurity and Partnerships, effective Jan 22 2026. Beveridge will lead the commercialization of the company’s SuperPQC™ suite, which protects against “Harvest Now, Decrypt Later”...
When Hospitals Go Dark and Browsers Turn Rogue
Recent incidents across healthcare, finance, and infrastructure reveal attackers exploiting lateral movement to maintain long‑term footholds. In Belgium a hospital shut down its servers after an undetected breach, while U.S. health providers endured weeks‑long unauthorized access. Phishing and malicious browser...
NDSS 2025 – On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
The NDSS 2025 paper investigates how local differential privacy (LDP) protocols for numerical attributes can be subverted by data‑poisoning attacks, where a small set of malicious clients manipulates server estimates. Researchers evaluate state‑of‑the‑art categorical frequency oracles, binning, consistency, and distribution‑reconstruction...
Memcyco Receives $37M Series A Financing
Memcyco announced a $37 million Series A round, bringing its total funding to $47 million. The oversubscribed round was led by NAventures, E. León Jimenes, and PagsGroup, with existing backers Capri Ventures and Venture Guides participating. Memcyco’s real‑time, agentless platform protects enterprises from phishing,...
WinRAR Path Traversal Flaw Still Exploited by Numerous Hackers
Multiple threat actors, including state‑sponsored groups and cybercriminals, are exploiting the high‑severity WinRAR path‑traversal vulnerability CVE‑2025‑8088. The flaw uses Alternate Data Streams to write malicious LNK, HTA, BAT or script files to arbitrary locations such as the Windows Startup folder,...
WhatsApp Adds Anti‑spyware Blocks for Unknown Media
Powerful new features announced by @WhatsApp today to defend against sophisticated spyware. Includes the ability to block attachments and media from people not in your contact list. https://t.co/nvd2F83n4Z
OpenAI CEO Altman Admits He Broke His Own AI Security Rule After Just Two Hours, Says We're All About to...
OpenAI CEO Sam Altman admitted he violated his own rule by granting the Codex model full access to his computer within two hours, citing the agent's reasonable behavior. He warned that the convenience of AI agents can lead users to...
Amid Trump Attacks and Weaponized Sanctions, Europeans Look to Rely Less on US Tech
European leaders are accelerating efforts to curb dependence on U.S. technology after a series of Trump‑era sanctions, including the placement of ICC judge Kimberly Prost on a sanctions list that crippled her daily life. The European Parliament’s recent report highlighted...
How Anti-Detect Browsers Change the Way We Work on the Web
Anti-detect browsers, originally privacy tools, now enable online professionals to compartmentalize digital identities across multiple client accounts and projects. By creating isolated browser instances, they prevent data cross‑contamination, reduce login overhead, and streamline workflow management. The technology enhances security by...
How Data Masking & Synthesis Support Zero Trust
Zero Trust demands continuous verification of every access request, extending the principle of least‑privilege to the data layer. Data masking swaps sensitive values with realistic stand‑ins, while synthetic data creates entirely fictitious records that retain statistical fidelity. Together they shrink...
Responding to Exposed Secrets – An SRE’s Incident Response Playbook
The article outlines an SRE‑focused incident‑response playbook for handling exposed secrets, starting with thorough preparation—defining goals, roles, and communication protocols. It details detection techniques such as API usage anomalies, IAM activity monitoring, and automated code‑scanning integrated into CI/CD pipelines. Once...
SoundCloud Data Breach Now on HaveIBeenPwned
In December 2025 SoundCloud disclosed unauthorized activity that exposed profile data for roughly 30 million users, about 20 % of its base. The breach revealed email addresses, usernames, avatars, follower counts and limited geographic information, which were later mapped to individual accounts. Attackers...
Calian to Kick-Start $100M Sovereign C5ISRT Strategic Initiative
Calian has launched a $100 million sovereign C5ISRT strategic initiative to accelerate Canada’s command, control, computing, communications, cyber, intelligence, surveillance, reconnaissance and targeting capabilities. The funding will flow through Calian VENTURES, a platform that partners with Canadian SMEs and draws on...
Critical Sandbox Escape Flaw Found in Popular Vm2 NodeJS Library
A critical‑severity vulnerability (CVE‑2026‑22709) has been discovered in the popular vm2 Node.js sandbox library, allowing attackers to bypass Promise sanitization and escape the sandbox. The flaw enables arbitrary code execution on the host system and affects versions prior to 3.10.3,...
FinovateEurope 2026 Sneak Peek Series: Part 4
FinovateEurope 2026 will showcase three innovative fintech solutions. Elephant, from Pipl, offers GDPR‑compliant identity intelligence and fraud signals to streamline onboarding and compliance. Opentech’s OpenPay for Merchants embeds Buy‑Now‑Pay‑Later into merchant checkout, creating a new credit distribution channel for banks....
1Kosmos Partners Hopae to Scale Portable Digital Identity
1Kosmos and Hopae have announced a global partnership to integrate Hopae Connect into the 1Kosmos platform, extending support to more than 60 government‑issued digital identity schemes. The joint solution enables organizations to verify eIDs securely without centralized databases, aiming to...
Top AI Technology & Cybersecurity Podcasts to Follow in 2026
The article curates a list of essential AI and cybersecurity podcasts for 2026, highlighting shows that deliver deep technical insight, business strategy, and security expertise. It emphasizes the rise of AI agents, the Model Context Protocol (MCP), and AI security...
How Kidas Adapts Fraud Protection In An AI World
Kidas, founded by gaming‑fraud veterans, now offers AI‑driven protection against multi‑channel scams that leverage deep‑fake audio, video and large‑language models. CEO Ron Kerbs says traditional filters miss sophisticated GenAI‑generated attacks, prompting the company to expand from Discord and gaming chat to...
Overcoming 26 Rigorous Tests: Why Is Bullbit’s App Rollup Architecture Highly Rated by Security Experts?
Bullbit’s App Rollup architecture passed a rigorous Hacken audit, clearing 26 security findings. The team resolved 19 issues, accepted five with mitigations, and mitigated two external risks, achieving 93.23% code coverage. A redesigned verifier contract with unique nonce tracking prevents...
Living Off the Web: How Fake Captcha Turned Trust Into a Malware Delivery Channel
Researchers at Censys have uncovered a growing ecosystem that weaponizes fake CAPTCHA pages to deliver malware. While the pages visually resemble legitimate verification challenges, they conceal more than 30 distinct payload types, including clipboard‑driven scripts, MSI installers, and server‑controlled, fileless...
From Cipher to Fear: The Psychology Behind Modern Ransomware Extortion
Modern ransomware has moved beyond file encryption to a pressure‑centric extortion model that weaponizes stolen data, regulatory threats, and reputation damage. 2025 saw ransomware groups fragment into affiliate networks, making attribution harder while scaling double‑extortion campaigns. Research shows SMBs in...
Meta Cleans up as ‘High Risk’ Dodgy Finance Ads Spread
Meta’s ad platform is exposing users to an estimated 15 billion high‑risk finance advertisements each day, generating roughly $7 billion in annual revenue. A study by BrokerChooser of over 1,200 active finance ads found that 43.36% of UK‑targeted ads are classified as...
Tenable One AI Exposure Delivers Unified Visibility and Governance Across AI, Cloud and SaaS
Tenable has made its Tenable One AI Exposure product generally available, extending the Tenable One Exposure Management Platform to provide unified visibility, discovery, and governance of AI assets across SaaS, cloud, APIs and on‑premises agents. The solution continuously identifies both...
Syncro and IRONSCALES Partner to Strengthen Email Security Offerings for MSPs
Syncro and IRONSCALES announced a partnership that places the AI‑driven email security platform in the Syncro Marketplace. MSPs can now provision IRONSCALES protection instantly and have all licensing fees consolidated through Syncro’s Universal Billing. The integration removes the need for...
Screening vs Monitoring: Stopping Fraud in Payments
Fraud losses surged to $12.5 billion in 2024, a 25% rise, as criminals embed illicit activity within everyday payments. The article distinguishes transaction screening—pre‑approval checks against sanctions, PEPs and watchlists—from transaction monitoring, which analyzes post‑payment behavior for anomalous patterns. Relying on...
NICE Actimize Insights Network Combats Fraudulent Transfers
NICE Actimize introduced the Actimize Insights Network, a real‑time intelligence platform that aggregates counterparty risk data across financial institutions. The network leverages the company’s fraud and financial‑crime expertise to deliver cross‑channel, millisecond‑level risk signals for authorized push‑payment scams, BEC and...
Swimlane Unleashes Agentic AI Fleet and Agent Builder for Cybersecurity
Swimlane unveiled its AI Agent workforce, branding the new Hero AI agents as native extensions of the Turbine platform. The agents claim to perform work equivalent to over 60,000 SOC analysts each day and can be dragged into low‑code playbooks via...
Over 80% of Ethical Hackers Now Use AI
Bugcrowd’s latest report shows that 82% of ethical hackers now rely on AI, up from 64% a year earlier. The adoption enables faster, broader assessments and higher‑quality vulnerability reports, with automation and deep code analysis cited as primary use cases....
You See an Email Ending in .eu.org. Must Be Legit, Right?
The article warns that email addresses ending in .eu.org, while appearing institutional, are increasingly used by disposable‑email services to evade reputation checks. .eu.org is a free sub‑domain service, not a conventional top‑level domain, and its open registration lets fraudsters host...
Attackers Hijack GitHub Desktop Repo to Spread Malware via Official Installer
Threat actors exploited a design flaw in GitHub’s fork architecture to distribute malware masquerading as the official GitHub Desktop installer. By forking the repository and altering the README download link, they created malicious commits that appear under the official namespace,...
Crypto Crime Soars: $16.1B Laundered in One Year
$16.1 billion laundered in a single year. 1,799 wallets. $44M per day. A new Chainalysis report shows how crypto crime has quietly scaled. Full story here: https://t.co/oXjntBhduW
HackerOne Brings Agentic PTaaS to Continuous, Expert-Validated Pentesting
HackerOne has launched Agentic Pentest as a Service (Agentic PTaaS), a hybrid AI‑human offering that delivers continuous, real‑world exploit validation at enterprise scale. The solution pairs proprietary AI agents with a vetted community of elite pentesters to automate reconnaissance, exploitation and...
G_Wagon NPM Package Exploits Users to Steal Browser Credentials with Obfuscated Payload
Security researchers identified a malicious npm package, ansi-universal-ui, that houses the G_Wagon infostealer. The package pretends to be a UI component library but delivers a Python‑based payload that extracts browser passwords, cryptocurrency wallets, cloud credentials, and messaging tokens. Over ten...
Microsoft Brings AI-Powered Investigations to Security Teams
Microsoft has made its Purview Data Security Investigations tool generally available, embedding generative AI to streamline breach, fraud, and content investigations across Microsoft 365. The solution pulls data from emails, Teams, documents, and Copilot, allowing natural‑language searches that group related artifacts...
AWS Adds IPv6 Support to IAM Identity Center Through Dual-Stack Endpoints
Amazon Web Services announced IPv6 support for its IAM Identity Center by introducing dual‑stack endpoints that accept both IPv4 and IPv6 traffic. The new URLs apply to user access portals, administrative APIs, and managed applications, while existing IPv4‑only endpoints continue...
Teleport Launches Framework to Secure Identities of AI Agents
Teleport unveiled its Agentic Identity Framework, a zero‑trust solution that secures AI agents without relying on static passwords or secrets. The platform builds on Teleport’s existing IAM technology, using a hardware root of trust to create cryptographic identities that are...
Savannah Best Buy Employee Says ‘Hacker Group’ Blackmailed Him Into Theft Ring Scheme
Best Buy employee Dorian Allen, 20, was sentenced to jail after police say he helped a group of suspected shoplifters leave a Savannah store with over $40,000 in merchandise. Allen alleges an online hacker group blackmailed him, threatening to expose personal...
Booz Allen Tech Contractor Took IRS Job Specifically to Leak Trump's Tax Records
The U.S. Treasury Department announced it is terminating all 31 contracts with consulting firm Booz Allen Hamilton, representing $4.8 million in annual spend and $21 million in obligations, after a Booz Allen contractor, Charles Littlejohn, stole and leaked more than 400,000 taxpayer records,...
Fiddler AI Raises $30M in Series C Funding
Fiddler AI announced a $30 million Series C round led by RPS Ventures, bringing its total funding to $100 million. The Palo Alto‑based AI observability and security platform plans to use the capital to scale across regulated sectors such as healthcare, financial services,...
Chrome, Edge Extensions Caught Stealing ChatGPT Sessions
A threat actor published sixteen browser extensions on Chrome Web Store and Microsoft Edge Add‑ons, posing as ChatGPT productivity tools. The extensions inject main‑world JavaScript into chatgpt.com to harvest authentication tokens, chat history, telemetry, and other metadata. Over 900 combined...
From Legacy to Leading Edge: Modernizing Workforce Identity in BFSI
BFSI firms are rapidly acknowledging the need to modernize workforce Identity and Access Management, with 93% planning upgrades and budgets rising over 11% this year. Legacy IAM systems are seen as a major barrier to innovation, cited by 75% of...
DoControl Launches Adaptive AI Alerts to Continuously Pinpoint SaaS Risk
DoControl unveiled an AI‑powered, agentic alerting system that continuously learns a company’s SaaS usage to spot genuine risk. Unlike static rule‑based alerts, the new solution analyzes patterns, intent, and business context from HRIS and identity sources, dramatically cutting noise. It...
CTEM in Practice: Prioritization, Validation, and Outcomes That Matter
Continuous Threat Exposure Management (CTEM) is a Gartner‑defined, continuous cycle that links threats, vulnerabilities, and attack‑surface data to prioritize exploitable exposures. It moves security from isolated scans to an operational model of scoping, discovery, prioritization, validation, and mobilization. By integrating...