Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Oracle WebLogic Proxy Bug Enables Unauthenticated Remote Compromise
Oracle has disclosed CVE‑2026‑21962, a critical flaw in its Fusion Middleware WebLogic proxy plug‑ins that permits unauthenticated attackers to compromise Oracle HTTP Server over HTTP. The vulnerability affects Oracle HTTP Server versions 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0, as well as the IIS proxy plug‑in for version 12.2.1.4.0. With a CVSS score of 10.0, the bug is remotely exploitable, low‑complexity and can lead to full system takeover.
CyberNut Closes $5M Growth Capital for K-12 Security Awareness Training
CyberNut, a Miami‑based startup, closed a $5 million minority growth equity round led by Growth Street Partners to scale its K‑12 cybersecurity awareness platform. The company, which emerged from stealth in May 2024 after raising $800,000 in pre‑seed capital, already serves over...
NDSS 2025 – Dissecting Payload-Based Transaction Phishing On Ethereum
The paper presented at NDSS 2025 reveals a new, sophisticated phishing vector on Ethereum called payload‑based transaction phishing (PTXPHISH). Researchers built the first ground‑truth dataset of 5,000 phishing transactions and identified four main tactics across eleven sub‑categories. Their rule‑based detection...
What SaaS Security ROI Looks Like in Practice
AppOmni released an ROI report showing SaaS security delivers tangible operational benefits quickly. Customers reported saving roughly 146 manual hours each month and a 24% reduction in audit findings after gaining visibility. The study found measurable value within two weeks...
WISeKey Unveils Space-Based Quantum-Resistant Crypto Transactions at Davos 2026
WISeKey International unveiled SEALCOIN, a space‑based, quantum‑resistant crypto platform, at Davos 2026. The system uses the WISeSat low‑Earth‑orbit constellation to generate cryptographic signatures directly onboard satellites, extending blockchain transactions beyond terrestrial networks. Its native QAIT token will fuel machine‑to‑machine value exchange,...
Attackers Are Getting Stealthier – How Can Defenders Stay Ahead?
Attackers are abandoning noisy, brute‑force attacks for stealth‑first, multi‑stage malware that can linger for weeks. OPSWAT telemetry shows a 127% rise in malware complexity and an increase from eight to 18 behavioral nodes per sample in six months. Traditional signature‑based...
Peruvian Loan Scam Harvests Cards and PINs via Fake Applications
A sophisticated loan‑phishing campaign in Peru, uncovered by Group‑IB, uses fake loan applications to harvest valid bank card numbers and six‑digit PINs. The operation impersonates a leading Peruvian bank across 16 dedicated domains and more than 370 related sites, employing...
AI Fuels Buggy Bounty Incentives; cURL Exits to Reset
AI was the accelerant on a perverse incentive fire sparked by bug bounty platforms that reward spray & pray. Both open source & orgs without dedicated vuln response teams get overloaded when they offer cash there. cURL is right to...
Using Data Upsert to Optimize Test Data Management
Tonic.ai has added upsert capabilities to its test‑data platform, allowing teams to insert new records while updating existing ones without overwriting valuable test data. The feature supports preserving legacy fixtures, merging multiple data subsets, and retaining mock data for unreleased...
Check Point Exposure Management Unifies Threat Intelligence, Context, and Remediation
Check Point unveiled Exposure Management, a platform that fuses threat intelligence, vulnerability prioritization, and automated remediation into a single workflow. The solution offers real‑time situational awareness by correlating dark‑web insights, exploitability context, and attack‑surface visibility. It integrates with more than...
How Realm Data Haven Solves Long-Term Log Storage and Fast Resupply for SOC Teams
Realm introduced Data Haven, a dedicated long‑term log archive that separates storage from real‑time SIEM detection. The platform automatically routes all telemetry to secure, low‑cost storage without manual configuration and normalizes logs on ingest. Analysts retrieve archived data by simple...
Cohesity Enhances Identity Resilience with ITDR Capabilities
Cohesity has introduced Identity Threat Detection and Response (ITDR) capabilities, extending its Identity Resilience suite to protect Active Directory and Microsoft Entra ID. The solution continuously monitors identity posture, flags risky changes, and detects attack patterns before an incident. During...
BTQ Partners ITRI for Low-Power
NEW: BTQ is partnering with ITRI to build a new chip architecture for post-quantum security. $BTQ ’s QCIM targets lower-power cryptography, and is now moving into silicon validation with ITRI, the incubator behind $TSMC.
Executive Brief: Questions AI Is Creating that Security Can’t Answer Today
AI‑assisted development now dominates software creation, with 92% of developers using tools like GitHub Copilot and AI‑generated code comprising roughly 40% of new code. Traditional application security controls, designed for post‑commit review, fail to see code at the moment it...
Stellar Cyber Appoints Eric Van Sommeren as Vice President of EMEA to Accelerate Regional Expansion
Stellar Cyber announced the appointment of Eric van Sommeren as Vice President of EMEA, accelerating the firm’s push into Europe, the Middle East and Africa. Van Sommeren brings senior leadership experience from SentinelOne, Palo Alto Networks and Corelight, positioning the company...
XBOW Appoints WonLae Lee as General Manager, South Korea
XBOW has named former Samsung SDS penetration‑testing leader WonLae Lee as General Manager for South Korea, tasking him with spearheading the company’s Asia‑Pacific expansion. Lee brings three decades of Red Team, vulnerability research and incident‑response experience to the autonomous offensive...
Furl Lands $10M for AI-Powered Security Remediation
Furl, a security remediation platform, closed a $10 million seed round led by Ten Eleven Ventures, with participation from Rapid7 CEO Corey Thomas and Open Opportunity Fund. The company targets the chronic execution gap in cybersecurity, where only one in ten...
I Scanned 2,500 Hugging Face Models for Malware/Issues. Here Is the Data
Veritensor launches as a zero‑trust security solution for the AI model supply chain, offering deep static analysis and cryptographic verification of popular model formats such as Pickle, PyTorch, Keras, GGUF, and Python wheels. The tool can detect malicious code—including RCE,...
Vectra AI Helps Organizations Prevent AI-Powered Cyberattacks
Vectra AI unveiled a next‑generation platform designed to safeguard the emerging AI enterprise, where machine‑speed workloads span on‑premises, multi‑cloud, SaaS, IoT and edge environments. The solution delivers unified observability, automatically discovers AI agents as first‑class identities, and uses behavior‑driven AI...
AiFWall Emerges From Stealth With an AI Firewall
aiFWall Inc emerged from stealth, releasing a free AI firewall that protects both inbound prompts and outbound responses of agentic AI deployments. The product leverages contextual analysis and a central AI engine to create just‑in‑time threat markers from malicious prompts....
Sumo Logic Targets Data Pipeline Blind Spots with New Snowflake and Databricks Tools
Sumo Logic announced two new applications for Snowflake and Databricks that enhance real‑time visibility into data pipelines. The Snowflake Logs App provides login analytics, query performance insights, and centralized log correlation, while the Databricks Audit App offers unified monitoring of...
Nightfall Expands Data Protection with AI Browser Security for Browsers, Endpoints and SaaS
Nightfall unveiled an AI Browser Security solution that protects browsers, endpoints, and SaaS applications from real‑time data theft driven by AI tools. The offering intercepts uploads, clipboard pastes, screenshots and other browser‑based actions that traditional DLP cannot see. Powered by...
'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed
Security researchers discovered that dozens of publicly exposed, intentionally vulnerable training applications—such as Hackazon, OWASP Juice Shop, DVWA and bWAPP—are being run on real cloud infrastructure. These apps often carry over‑permissioned IAM roles, allowing attackers to harvest temporary credentials and...
Hackers Exploit Security Testing Apps to Breach Fortune 500 Firms
Pentera uncovered nearly 2,000 publicly exposed security‑testing web apps—such as DVWA, Juice Shop and bWAPP—hosted on AWS, GCP and Azure. These intentionally vulnerable tools were linked to over‑privileged IAM roles, allowing attackers to steal cloud credentials and gain admin access....
Accelerating Digital Transformation Is the Keystone to Deterring Space War
The article argues that the United States must accelerate digital transformation in its national‑security space architecture to maintain deterrence against a rapidly modernizing China. It highlights current shortcomings such as legacy single‑prime contracts, stovepiped systems, and slow acquisition cycles that...
GitLab Warns of High-Severity 2FA Bypass, Denial-of-Service Flaws
GitLab announced patches for a high‑severity two‑factor authentication bypass (CVE‑2026‑0723) and multiple denial‑of‑service flaws affecting both Community and Enterprise editions. The 2FA bypass lets attackers with a known account ID circumvent the second factor, while CVE‑2025‑13927 and CVE‑2025‑13928 enable unauthenticated...
New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization
Reflectiz’s 2026 State of Web Exposure Research reveals that 64 % of third‑party applications on 4,700 leading websites access sensitive data without a legitimate business justification, up from 51 % a year earlier. The study also shows a sharp rise in malicious...
Azure DNS Behavior Can Turn Private Endpoints Into DoS Risks
Microsoft Azure’s Private Endpoint design has a DNS flaw that can turn secure Private Link connections into denial‑of‑service conditions. When a Private DNS zone is linked across multiple virtual networks, Azure prefers that zone for name resolution; if the target...
North Korean Hackers Target macOS Developers via Malicious VS Code Projects
North Korean threat actors have launched a new campaign that abuses Visual Studio Code task configuration files to deliver macOS malware. The attackers masquerade as recruiters, enticing developers to clone malicious GitHub or GitLab repositories under the guise of job...
Rust Package Registry Adds Security Tools and Metrics to crates.io
The Rust package registry crates.io has introduced a Security tab that surfaces RustSec advisories and flags vulnerable versions on each crate page. Publishing workflows were enhanced with Trusted Publishing support for GitLab CI/CD, enabling OIDC‑based authentication without long‑lived tokens. New...
Banks Overlook Billion-Dollar Fraud Crisis
[New Episode] The Billion Dollar Fraud Crisis Most Banks Are Missing. With @shanthi_peace, CEO of Casap. Watch the latest episode now: https://t.co/aCTj9YH63K https://t.co/dJky1nDo6a
Why AI Keeps Falling for Prompt Injection Attacks
Prompt injection exploits the textual nature of large language models, allowing users to bypass safety guardrails with cleverly phrased commands. The article compares this vulnerability to a fast‑food worker refusing to hand over a cash drawer, highlighting how humans rely...
DigitalOcean Appoints Vinay Kumar as Chief Product and Technology Officer
DigitalOcean announced Vinay Kumar as its new Chief Product and Technology Officer, tasked with steering product strategy, cloud infrastructure, and security as the firm expands its AI inference cloud. Kumar, a founding member of Oracle Cloud Infrastructure and former AWS...
Cyber Fallout Continues as M&S CTO Exits Months After Ransomware Attack
Marks & Spencer’s chief technology officer Josie Smith is leaving the firm, a move that comes nine months after a ransomware attack by the Scattered Spiders group wiped out roughly £229 million and halved the retailer’s 2025 profit. The breach forced...
Alerted to a Breach in November, Advanced Family Surgery Center Remains Publicly Silent
Advanced Family Surgery Center, part of Covenant Health, was notified by the Genesis hacking group on November 26 2025 that its systems had been compromised and 100 GB of sensitive data—including protected health information—had been exfiltrated. Genesis later posted a file‑tree on a...
Why Identity Security Must Move Beyond MFA
Enterprise MFA usage has reached roughly 70% in early 2025, cementing it as a core defense against automated attacks. Yet cybercriminals exploit AI‑driven phishing, SIM swapping, and credential theft to bypass even strong multi‑factor controls. Recent data shows a 63%...
Tesla Hacked, 37 Zero-Days Demoed at Pwn2Own Automotive 2026
Security researchers at Pwn2Own Automotive 2026 demonstrated 37 zero‑day vulnerabilities in Tesla's infotainment system, earning $516,500 on day one. Synacktiv secured $35,000 by chaining an information leak and out‑of‑bounds write to gain root, while other teams exploited EV chargers and navigation...
Internet Voting Is Too Insecure for Use in Elections
A recent open letter warns that internet voting remains fundamentally insecure, with no existing or foreseeable technology able to guarantee its safety. Despite decades of academic consensus, vendors continue to market online voting solutions as secure. The letter specifically calls...
Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore
SecurityWeek’s Cyber Insights 2026 warns that APIs, already handling roughly 83 % of internet traffic, will become even more critical as agentic AI proliferates. The rise of autonomous AI agents is set to double the number of API endpoints by 2026, expanding...
Last Rites for Perpetual Enterprise Software Licenses?
Enterprise software vendors are accelerating the retirement of perpetual‑license products, declaring many versions End of Availability and pushing customers toward cloud‑based SaaS suites. While the shift may raise short‑term costs, research shows that modern subscription models deliver better cybersecurity, functionality,...
Adversa AI Wins 2026 BIG Innovation Award for Agentic AI Security Platform
Adversa AI’s Agentic AI Security Platform has been named a winner in the 2026 BIG Innovation Awards for Innovative Products – Software, as announced by the Business Intelligence Group. The platform tackles the emerging attack surface of autonomous AI agents,...
Enterprise-Grade Identity Verification for AI-Enhanced Workflows
Enterprises accelerating AI adoption face a critical gap in identity verification. A GBG report shows 31% of businesses struggle to detect fraud during onboarding, exposing AI workflows to manipulation. Enterprise‑grade verification combines biometrics, document validation, API checks, MFA and continuous...
Qers Achieves Universal Post-Quantum Cryptography Resilience Scoring for IoT and IIoT Systems
Researchers at Luleå University of Technology introduced QERS, a Quantum Encryption Resilience Score that evaluates post‑quantum cryptography (PQC) suitability for IoT and IIoT devices. The framework aggregates six normalized metrics—latency, packet reliability, CPU load, energy use, RSSI, and key size—into...
ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”
ErrTraffic is a traffic‑distribution system that powers ClickFix social‑engineering attacks by deliberately corrupting website visuals—a technique dubbed “GlitchFix.” When a victim visits a compromised page, the script distorts text, CSS and cursor movement before presenting a fake update prompt that...
Crooks Impersonate LastPass in Campaign to Harvest Master Passwords
LastPass disclosed an active phishing campaign that began around January 19, 2026, in which attackers impersonated the service with urgent‑maintenance emails to harvest master passwords. The messages contain links to an Amazon S3‑hosted page that redirects to a counterfeit LastPass...
Oracle’s First 2026 CPU Delivers 337 New Security Patches
Oracle has issued its first Critical Patch Update for 2026, delivering 337 security patches that address roughly 230 unique CVEs across more than 30 products. More than two dozen of the fixes target critical‑severity bugs, and over 235 patches remediate...
Meet Confer: Signal Founder’s Privacy-Focused, End-to-End Encrypted ChatGPT Alternative
Signal founder Moxie Marlinspike has launched Confer, a privacy‑first AI chatbot that encrypts every conversation end‑to‑end. The service uses passkey authentication, server‑side encryption, and runs in a Trusted Execution Environment to prevent data leakage. A free tier allows 20 messages...
Vulnerability Prioritization Beyond the CVSS Number
The article argues that relying solely on CVSS scores misguides vulnerability prioritization. Real‑world incidents like Equifax, SolarWinds, and Log4Shell show that medium‑scoring flaws can cause outsized damage when they propagate through interconnected systems. It introduces the Unified Linkage Model (ULM)...
Exposure Assessment Platforms Signal a Shift in Focus
Gartner’s inaugural Magic Quadrant introduces Exposure Assessment Platforms (EAP) as a formal replacement for traditional vulnerability management, emphasizing Continuous Threat Exposure Management. The report evaluated 20 vendors on continuous discovery, risk‑informed prioritization, and cross‑environment visibility. Data shows 74 % of identified...
Linux Users Targeted by Crypto Thieves via Hijacked Apps on Snap Store
Security researcher Alan Pope revealed that crypto thieves are hijacking expired domains linked to Snap Store publishers to gain Snapcraft account access and push malicious updates. The attackers replace benign snaps with crypto‑wallet malware that steals recovery phrases via automatic...