Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
HackerOne Launches Good Faith AI Research Safe Harbor to Protect Responsible AI Testing
HackerOne introduced the Good Faith AI Research Safe Harbor, a framework that grants legal protection to researchers testing AI systems in good faith. Building on its 2022 Gold Standard Safe Harbor for traditional software, the new program clarifies authorization, limits liability, and offers limited terms‑of‑service exemptions for AI‑related work. Organizations that adopt the safe harbor commit to recognizing and supporting responsible AI testing, signaling openness to the security community. The offering is currently available to HackerOne’s customer base and aims to accelerate discovery of AI vulnerabilities.
Privacy, Security, and Scale: Non‑Negotiable Blockchain Essentials
3 things that will become non-negotiable for any chain that plans to operate in the long-term: Privacy, security, scale. - Privacy (by now it's obvious, and still) - because if we're to migrate our digital life -- financial and non-financial --...
AI Framework Flaws Put Enterprise Clouds at Risk of Takeover
Two critical flaws were discovered in the open‑source AI framework Chainlit, allowing arbitrary file reads (CVE‑2026‑22218) and server‑side request forgery (CVE‑2026‑22219). The vulnerabilities can expose environment variables, API keys and cloud credentials, and enable attackers to forge authentication tokens for...
City of London Police Launches Fraud Reporting Service
The City of London Police has unveiled a national "Report Fraud" service, replacing the older Action Fraud programme. The platform offers victims and businesses across England, Wales and Northern Ireland a single gateway to report cyber crime and fraud. By centralising...
2025: Double the Breaches, but Less Patient Data Compromised
In 2025 the healthcare sector saw breach incidents more than double, yet the total number of patient records exposed dropped sharply. The Fortified Health Security report, based on HHS OCR data, its own NIST Cybersecurity Framework assessments, and incident‑response experience,...
UK: North West Ambulance Service’s Increased Breach Reports May Reflect Better Reporting
North West Ambulance Service NHS Trust disclosed nearly 400 data‑breach incidents over the past three years, with reports climbing from 75 breaches in 2022/23 to 143 the following year and 172 in the most recent period. Confidentiality failures dominated, accounting...
Webinar: Aligning Cybersecurity Purchases with What Your SOC Team Needs
Security operations centers are plagued by alert fatigue because many tools are selected by executives without input from analysts. A BleepingComputer webinar on Jan. 29 will feature Sumo Logic experts discussing the disconnect between purchasing decisions and SOC needs. The session...
RansomHouse Claims Data Breach at Major Apple Contractor Luxshare
RansomHouse, a ransomware‑extortion group, alleges it breached Luxshare Precision Industry, a major Apple manufacturing partner, and accessed sensitive engineering data such as 3D CAD and PCB files. The group posted a victim profile on its dark‑web leak site, listing Apple...
Anthropic Quietly Fixed Flaws in Its Git MCP Server that Allowed for Remote Code Execution
Anthropic has patched three critical flaws in its Git MCP server that could be chained with the Filesystem MCP server to achieve remote code execution via prompt injection. The vulnerabilities – CVE‑2025‑68145 (path‑validation bypass), CVE‑2025‑68143 (unrestricted git_init), and CVE‑2025‑68144 (git_diff...
.webp?ssl=1)
Apache Airflow Flaws Expose Sensitive Workflow Data to Potential Attackers
Apache Airflow released version 3.1.6 to fix two credential‑exposure flaws (CVE‑2025‑68675 and CVE‑2025‑68438). The first flaw logged proxy URLs with embedded usernames and passwords, while the second allowed unmasked API keys and tokens in the Rendered Templates UI. Both issues affect...
Endace Pushes Packet Capture Into Real-Time Security Workflows
Endace released OSm 7.3, a major update that dramatically speeds packet‑capture search and adds a Vault REST API for automated forensic data access. The new search engine delivers up to 50‑fold performance gains, cutting typical query times from nearly a minute...
AI Supercharges Attacks in Cybercrime's New 'Fifth Wave'
Group‑IB warns that cybercrime has entered a fifth wave powered by weaponized AI, accelerating attacks with generative tools. Dark‑web marketplaces now sell synthetic identity kits and deep‑fake‑as‑a‑service for as little as $5, while AI‑enhanced phishing kits automate victim targeting and...
The Hidden Risk of Orphan Accounts
Orchid Security highlights the growing threat of orphan accounts—unused human, service, and AI identities that remain active across enterprise environments due to fragmented IAM and IGA processes. These hidden credentials, often with elevated privileges, have been leveraged in high‑profile breaches...
Radware Targets API Blind Spots with Real-Time Lifecycle Protection
Radware announced its API Security Service, an end‑to‑end platform that safeguards APIs throughout their entire lifecycle using live production traffic. The solution tackles OWASP Top 10 API risks, including sophisticated Layer 7 DDoS attacks, by delivering continuous discovery, runtime posture management, and...
Makina Loses $4.1 Million in Exploit Tied to Price-Feed Manipulation
Makina, a DeFi execution platform, suffered a $4.13 million exploit after an attacker used a flash loan to manipulate the price‑feed of its DUSD/USDC Curve pool. By inflating the MachineShareOracle’s reported prices, the hacker swapped roughly 110 million USDC against a pool holding...
%20(1).webp?ssl=1)
OPNsense 25.7.11 Enhances Network Visibility With Host Discovery Feature
OPNsense 25.7.11 introduces a native host discovery service that automatically resolves and stores MAC addresses for IPv4 and IPv6 hosts. The feature feeds live data to MAC‑based firewall aliases and captive‑portal client tracking, improving policy accuracy and device visibility. IPv6...
Sophos Introduces Workspace Protection to Simplify Hybrid and Remote Work Security
Sophos Group launched Workspace Protection, a browser‑centric security service designed for hybrid and remote work. The offering combines a purpose‑built protected browser with Sophos ZTNA, DNS Protection and an email monitoring add‑on, all managed through the Sophos Central console. By...
Why Secrets in JavaScript Bundles Are Still Being Missed
Intruder scanned 5 million web applications and uncovered over 42,000 exposed tokens hidden in JavaScript bundles. The secrets spanned 334 types, including active GitHub, GitLab, and Linear API keys, as well as Slack, Zapier, and CAD service credentials. Existing scanners—traditional regex‑based...
Major Firms Leave Critical Cyber Risks Unpatched for Months
A KYND study of over 2,000 firms, including FTSE 350 and S&P 500 members, found that 11% were exposed to vulnerabilities actively exploited by attackers. Of those, 88% remained unpatched for six months or longer, highlighting chronic remediation delays. Remote...
Intuitive.ai Partners with Matilda Cloud to Accelerate Secure, Compliant AI and Cloud Modernization for Life Sciences
Intuitive.ai has teamed up with Matilda Cloud to help life‑science firms accelerate AI and cloud modernization while meeting strict GxP and CSA regulations. The joint solution offers rapid, compliance‑ready visibility into cost drivers, security posture, and modernization pathways, promising 20‑40%...
Digital Fraud Prevention: 8 Steps to Protect Your Identity
Digital fraud losses surged to $12.5 billion in 2024, a 25% rise from the prior year, as criminals leverage AI, automation, and social engineering. The article outlines eight practical steps—from slowing down on suspicious messages to deploying multi‑factor authentication and secure...
Rubrik Introduces CXO Visionaries
Rubrik announced the launch of CXO Visionaries, an exclusive community for Fortune 500 and enterprise 2000 CIOs, CISOs and CTOs. The group aims to help leaders tackle rising cyber‑risk and AI‑driven attacks, offering peer insights and brand‑building opportunities. Rubrik Zero...
Old Habits Die Hard: 2025’s Most Common Passwords Were as Predictable as Ever
In 2025, the password "123456" again topped global lists, accounting for a quarter of the 1,000 most‑used passwords and appearing across all age cohorts. NordPass and Comparitech data show numeric‑only passwords dominate, while the US and UK see "admin" and...
Fraud Vs. Conversion: How Payments Can Reduce Risk without Adding Friction
Digital payments must balance speed with security. Consumers abandon 88% of checkout flows due to friction, while e‑commerce fraud costs $44 billion in 2024. The article outlines a multi‑layered strategy—strong authentication, merchant risk scoring, AI‑driven network detection, tokenization, and collaborative data...
The Post-Breach Narrative: Winning Back Trust After the Headlines Fade
When a cybersecurity breach dominates headlines, the real challenge begins after the news cycle fades: restoring stakeholder trust. Marketing and public‑relations teams must move beyond immediate statements to a sustained, authentic narrative that demonstrates accountability and transparency. Aligning internal messages...
.webp?ssl=1)
TP-Link Router Flaw Enables Authentication Bypass Through Password Recovery Mechanism
TP‑Link disclosed a high‑severity authentication bypass (CVE‑2026‑0629) affecting its VIGI security‑camera line. The flaw exploits the password‑recovery feature, allowing any LAN‑connected attacker to reset admin credentials without verification. With a CVSS v4.0 score of 8.7, the vulnerability grants full control over...
![Intrusion Detection System (Noun) [Word Notes]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://megaphone.imgix.net/podcasts/8797f03a-a50b-11ea-b6c0-87ebb093948d/image/hacking-humans-cover-art-cw.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
Intrusion Detection System (Noun) [Word Notes]
In this episode, host Rick Howard explains what an Intrusion Detection System (IDS) is—a technology that monitors network traffic for malicious activity and either alerts administrators or blocks threats. He highlights the dual roles of detection and prevention, emphasizing how...
How to Configure KeyLocker for JarSigner Using the DigiCert KSP Library?
Developers can now sign Java .jar files using DigiCert’s cloud‑based KeyLocker, which keeps private keys inside FIPS‑compliant HSMs. By installing the DigiCert KeyLocker Tools and configuring environment variables, the smctl command registers the DigiCert KSP library and synchronizes the desired...
Discord Exploited to Spread Clipboard Hijacker Stealing Cryptocurrency Funds
Security firm CloudSEK’s STRIKE team uncovered a new cryptocurrency‑theft campaign that leverages Discord communities to distribute a clipboard‑hijacking trojan dubbed Pro.exe. The malware, attributed to the RedLineCyber group, monitors Windows clipboard for wallet addresses and silently replaces them with attacker‑controlled...
Atradius Updates Credit-IQ Software to Boost Accounts Receivable Services Automation, Tighten Data Security for SMEs
Atradius Collections has released a major update to its Credit‑IQ.com accounts‑receivable platform, adding real‑time dashboards, plug‑and‑play ERP integration and support for eight languages. The upgrade also tightens data‑security with GDPR‑aligned EU data‑centers and ISO 27001 certification. Pricing stays at a flat...
Confusion and Fear Send People to Reddit for Cybersecurity Advice
Researchers from Google and University College London examined 1.1 billion Reddit posts from 2021‑2024 to map how users seek cybersecurity help. Help‑seeking activity remained steady until a sharp 66 % jump in 2024, topping 100 000 questions per month by August. Scams, account‑access...
UK Finance Report Examines Fraud Prevention and AML Efforts
UK Finance’s latest report warns that 2023 fraud losses reached £25.2 billion, exposing the flaws of siloed fraud and AML systems. It promotes a unified FRAML framework that blends machine‑learning‑driven fraud detection with anti‑money‑laundering compliance to cut alerts and accelerate investigations....
Cloudflare Zero-Day Flaw Allows Attackers to Bypass Security and Access Any Host
A critical zero‑day in Cloudflare’s Web Application Firewall allowed attackers to bypass all WAF rules by targeting the ACME certificate‑validation path. Researchers from FearsOff demonstrated that arbitrary requests to /.well-known/acme-challenge/ could reach origin servers, exposing sensitive endpoints in Spring Boot,...
This Intune Update Isn’t Optional — It’s a Kill Switch for Outdated Apps
Microsoft Intune MAM will enforce a mandatory update by January 19, requiring all iOS‑wrapped, SDK‑integrated apps and the Android Company Portal to run the latest versions. Outdated apps—including Outlook and Teams—will be blocked from launching. Administrators must push the new SDK...
Ethereum Posts Record Onchain Activity as Research Points to Possible Spam-Driven Growth: Asia Morning Briefing
Ethereum recorded an all‑time high of nearly 2.9 million daily transactions, yet Ether’s price stayed flat around $3,180, suggesting the activity may not stem from genuine user demand. On‑chain researcher Andrey Sergeenkov attributes the surge to a large‑scale address‑poisoning campaign that...
Just-in-Time (JIT) Provisioning: How Automated User Provisioning Works in SSO
Just‑in‑Time (JIT) provisioning automates user account creation the moment a worker logs in via SSO, using SAML or OIDC claims. The approach eliminates manual onboarding steps, cuts admin time, and reduces typo‑related security gaps. However, JIT only creates accounts; it...
Payments Connectivity in the ISO 20022 Era: A Case Study in Future-Proofing
The payments industry is midway through its ISO 20022 transition, with banks leveraging richer data to launch new services while many still depend on legacy translation layers. Real‑time and cross‑border payments are accelerating, pushing institutions to balance cost, liquidity, and resilience....
Top 10 HIPAA Compliance Software Solutions
The article ranks the ten leading HIPAA compliance software platforms, emphasizing a shift from periodic checklists to continuous, automated compliance operations. It highlights that 2025 healthcare breaches averaged $7.42 million per incident, prompting regulators to add MFA, full‑encryption, and annual audits....
How Pointing Errors Impact Quantum Key Distribution Systems
A new IEEE study introduces an analytical framework that quantifies how pointing errors degrade quantum key distribution (QKD) performance in optical wireless links. By applying Rayleigh and Hoyt statistical models to beam misalignment, the researchers derived closed‑form expressions for error...
SAP and Fresenius to Build Sovereign AI Backbone for Healthcare
SAP and Fresenius announced a joint venture to create a sovereign AI backbone for European healthcare, leveraging SAP Business AI and Business Data Cloud. The platform will provide a controlled, secure environment for AI models, ensuring data sovereignty and compliance...
Bao Xiong Linked to Cambodia Properties Allegedly Used for Online Fraud Operations
Chinese‑born businessman Bao Xiong, now a naturalized Cambodian, is alleged to control a network of casino‑linked properties that have been repurposed as online fraud and human‑trafficking hubs. U.S. sanctions against related entities such as the Prince Group have intensified scrutiny,...
EP259 Why Google Built a Security LLM and How It Beats the Generalists
In EP259, Distinguished Scientist Elie Burstein from Google DeepMind explains why Google built a security‑focused large language model (SecLLM) and how it outperforms generic LLMs for threat detection, code review, and incident response. He details the model’s specialized training data,...
Inside SearchGuard: How Google Detects Bots and What the SerpAPI Lawsuit Reveals
Google sued SerpAPI for allegedly circumventing its newly deployed SearchGuard anti‑bot system, which monitors mouse, keyboard, scroll and timing signals to distinguish humans from automated scrapers. The lawsuit, filed under DMCA Section 1201, highlights Google’s effort to protect its search...
Resecurity Leads Cybersecurity Innovation at ITCN Asia 2026
Resecurity has been appointed the Cybersecurity Innovation Partner for ITCN Asia 2026, the region’s largest ICT exhibition held in Lahore, Pakistan. The company will demonstrate its intelligence‑driven platform, featuring cyber‑threat intelligence, digital‑risk monitoring, AI‑powered fraud prevention, investigation tools, and supply‑chain...
QuProtect R3 Delivers Rapid Crypto-Agility for Cloud and On-Prem Environments
QuSecure unveiled QuProtect R3, an end‑to‑end cryptographic platform built for the quantum era, offering rapid visibility across cloud, on‑premise, and edge environments. The solution’s crypto‑agility engine enables one‑click rotation of ciphers, keys, and algorithms without code changes or downtime. QuProtect R3 unifies...
Real-Time Threat Intelligence: Empowering Proactive Cybersecurity with Seceon
Seceon Inc. unveiled an AI‑driven real‑time threat intelligence platform that continuously monitors networks, endpoints, cloud services, and user identities. By fusing machine‑learning, behavioral analytics, and global threat feeds, the solution identifies zero‑day attacks, insider threats, and fileless malware as they...
Visual Studio Code Abused in Sophisticated Multistage Malware Attacks
A new campaign dubbed Evelyn Stealer leverages compromised Visual Studio Code extensions, such as the Bitcoin Black theme and Codo AI assistant, to deliver a multi‑stage malware chain. The first‑stage payload uses DLL hijacking of the Lightshot utility to execute PowerShell scripts that...
Indirect Prompt Injection in Google Gemini Enabled Unauthorized Access to Meeting Data
Miggo Security uncovered an indirect prompt‑injection flaw in Google Gemini that leveraged calendar invite descriptions to bypass privacy controls and exfiltrate meeting data. By embedding a benign‑looking instruction, attackers could trigger Gemini to create a new event containing summaries of...
AtData Launches Gibberish Detection to Strengthen Fraud Intelligence and Block Bot-Generated Identities
AtData introduced Gibberish Detection, a machine‑learning model that flags synthetic, random or AI‑generated email addresses at the point of capture. The real‑time signal identifies roughly 5% of incoming emails as gibberish, rising to nearly 10% for a global on‑demand services...
Token Security Sees Rapid 2025 Growth as Enterprises Secure Agentic AI
Token Security reported triple‑digit growth in 2025 as enterprises grapple with a surge of non‑human identities (NHIs) that now outnumber human users. The company closed a $20 million Series A round and introduced AI‑driven discovery, lifecycle management, and least‑privilege enforcement for autonomous...