🎯Today's Cybersecurity Pulse
Updated 1h agoWhat's happening: Cloudflare pushes agile SASE to replace fragmented VPNs and firewalls
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One platform, positioning it as an agile SASE solution to the growing fragmentation of legacy VPNs and hardware firewalls. The platform uses a single‑pass architecture that runs security checks across a global network spanning more than 300 cities, removing service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
By the numbers: Zafran Security raises $60M Series C
News•Feb 9, 2026
European Commission Discloses Breach that Exposed Staff Data
The European Commission disclosed a cyber‑attack on its mobile‑device‑management platform on 30 January, where attackers accessed staff names and phone numbers but did not compromise the devices themselves. The breach was contained within nine hours after detection and traced to two zero‑day flaws (CVE‑2026‑1281, CVE‑2026‑1340) in Ivanti Endpoint Manager Mobile, the same software exploited in recent Dutch agency hacks. The incident coincides with the Commission’s new cybersecurity legislation aimed at bolstering defenses against state‑backed threats. It also raised concerns about cross‑border data sharing protocols within EU agencies.
By BleepingComputer
News•Feb 9, 2026
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
Vortex Werewolf, also known as SkyCloak, is a threat cluster that has been delivering Tor‑enabled remote‑access backdoors to Russian government and defense organizations through sophisticated Telegram‑themed phishing campaigns. Victims are lured to counterfeit Telegram login pages that harvest phone numbers,...
By GBHackers On Security
News•Feb 9, 2026
From Penetration to Inclusion: How CRC Credit Bureau Is Re-Engineering Nigeria’s Credit Ecosystem
Nigeria’s credit penetration has topped 40%, signaling a rapid shift toward broader financial inclusion. CRC Credit Bureau, the country’s largest licensed bureau, has built the most comprehensive credit data ecosystem by pulling information from banks, fintechs, utilities, telcos, and digital...
By CFI.co (Capital Finance International)
News•Feb 9, 2026
Visa Says Cybersecurity Decides Who Wins Digital Commerce
Visa’s cyber‑solutions leader Jeremiah Dewey argues that cybersecurity is no longer a defensive checkbox but a core business function that fuels growth in digital commerce. He cites a 126% surge in ransomware attacks and $5 million average breach costs to illustrate...
By PYMNTS
.png)
News•Feb 9, 2026
Port’s View as Feature Lets Org Admins See the Product Through Any User’s Permissions to Reproduce Issues, Validate RBAC, and...
Port introduced a highly requested “View as” feature that lets organization administrators instantly experience the platform with any user’s effective permissions. The tool enables rapid reproduction of permission errors, validation of RBAC changes, and secure troubleshooting without needing screenshots or...
By Port (getport) – Blog
News•Feb 9, 2026
UAE Cyber Security Council Warns Stolen Logins Fuel Majority of Financial Cyberattacks
The UAE Cyber Security Council warned that roughly 60% of financial cyberattacks begin with stolen usernames and passwords. As digital banking expands, compromised credentials have become the primary gateway for fraud, identity theft, and unauthorized access to sensitive financial data....
By The Cyber Express
News•Feb 9, 2026
NIS2: Supply Chains as a Risk Factor
The EU’s NIS2 directive expands cybersecurity obligations beyond a company’s own network to include every external partner in the supply chain. It mandates that firms systematically identify, assess, and continuously monitor risks from service providers, cloud vendors, and subcontractors. The...
By CSO Online
News•Feb 9, 2026
Acalvio Named as Current Company to Beat in the 2025 Gartner® AI Vendor Race
Acalvio Technologies has been crowned the "Company to Beat" in Gartner’s 2025 AI Vendor Race for AI‑powered advanced cyber deception. Gartner highlights that AI is removing technical barriers, allowing deception systems to scale, automate traps and adapt to attacker behavior...
By AI-TechPark
News•Feb 9, 2026
Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos
Singapore launched its largest coordinated cyber‑defense effort, Operation Cyber Guardian, after the UNC3886 advanced threat actor targeted all four major telcos—M1, Singtel, StarHub and Simba. More than 100 cyber defenders from six government agencies worked with the operators to contain...
By The Cyber Express
News•Feb 9, 2026
Black Duck Releases BSIMM16
Black Duck unveiled BSIMM16, the 16th edition of its Building Security In Maturity Model, analyzing 111 organizations and 91,200 applications. The study finds AI-generated code now dominates application‑security concerns, with a 10% rise in AI‑focused attack intelligence and risk‑ranking. Regulatory...
By AI-TechPark
News•Feb 9, 2026
Wisely Ai Sets a New Impact Benchmark Protecting 100 Mn Indosat Users From 2 Bn+ Scam and Spam Communications in...
Tanla Platforms’ Wisely AI has been deployed by Indosat Ooredoo Hutchison across Indonesia, analyzing more than 11 billion communications for 100 million subscribers in its first six months. The system identified over 2 billion spam and scam messages, blocked more than 2 million malicious...
By AiThority
News•Feb 9, 2026
Cybersquatting Attacks Exploit Trusted Brands to Steal Customer Data and Spread Malware
Cybercriminals are increasingly exploiting cybersquatting to clone trusted brands, harvest customer credentials, and deliver malware. Research from SecPod shows a 19‑fold surge in malicious domain registrations between late 2024 and mid‑2025, with more than 99 % used for phishing or malware...
By GBHackers On Security
News•Feb 9, 2026
United Airlines CISO on Building Resilience when Disruption Is Inevitable
United Airlines’ chief information security officer, Deneen DeFiore, explained how the carrier modernizes cybersecurity without jeopardizing safety‑critical aircraft systems. The airline wraps legacy platforms with modern identity, segmentation and monitoring controls while adding compensating resilience measures. United treats cyber risk...
By Help Net Security
News•Feb 9, 2026
Exploring Private Cryptocurrency Swaps Beyond Traditional Exchange Verification
The article highlights a rising demand for anonymous crypto swap platforms that let users trade Monero (XMR) without KYC verification. Monero’s built‑in privacy features—ring signatures, stealth addresses, and confidential transactions—make it ideal for privacy‑focused traders. KYC‑free services operate as direct...
By TechBullion
Social•Feb 9, 2026
Weekly Update: New PC Stream, Cybercrime
Weekly update is up! Home Sweet Home; First Stream From the New PC; Law Enforcement and Cybercrime Prevention; The Betterment Data Breach https://www.troyhunt.com/weekly-update-490/
By Troy Hunt
Social•Feb 9, 2026
Prioritize Parachutes over Costly Drop‑plane Flights
If it were me, I would stop paying for the drop plane flights rather than the parachutes. Seems like a bit of a prioritization issue.
By The Grugq
News•Feb 9, 2026
Allama: Open-Source AI Security Automation
Allama is an open‑source security automation platform that lets teams build visual workflows for threat detection and response. It ships with integrations for more than 80 security tools, from SIEMs to ticketing systems, and leverages AI‑powered agents that can enrich,...
By Help Net Security
Social•Feb 9, 2026
Digital IDs Unite Identification, Authentication, and Authorization
The Promise of Digital Identities (IDs) https://t.co/ZELeCaUzpS "A digital ID combines the three pillars of secure transactions—identification, authentication, and authorization". Not my words, the Feds. Well, to be fair, my words too. Albeit some time ago. https://t.co/aTC5u5N9wx
By Dave Birch
News•Feb 9, 2026
New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions
Cyber‑intelligence firm CYFIRMA uncovered a new Telegram phishing campaign that hijacks the platform’s QR‑code and manual login flows. Attackers register their own Telegram API credentials and relay victim‑supplied phone numbers, OTPs, or QR scans to create fully authorized sessions on...
By GBHackers On Security
News•Feb 9, 2026
AI Agents Behave Like Users, but Don’t Follow the Same Rules
The Cloud Security Alliance report warns that autonomous AI agents are expanding faster than identity and access management (IAM) frameworks can keep up. Organizations still rely on static credentials such as API keys and shared accounts, while modern workload‑identity standards...
By Help Net Security
News•Feb 9, 2026
AI's GPU Problem Is Actually a Data Delivery Problem
Enterprises are spending billions on GPU clusters for AI, yet many GPUs sit idle because the data delivery layer between object storage and compute cannot keep pace. F5 argues that the real bottleneck is not the GPUs but the lack...
By VentureBeat
News•Feb 9, 2026
Carmakers Rush To Remove Chinese Code Under New US Rules
U.S. regulators are set to ban any Chinese‑origin software in cloud‑connected vehicle systems, forcing automakers to certify by March 17 that core code contains no Chinese provenance. The rule also covers advanced autonomous‑driving software and will expand to connectivity hardware by...
By Slashdot
Blog•Feb 9, 2026
Can You Fly That Thing?
The post argues that AI "skills"—executable English‑written programs—transform conversational agents into operators capable of performing specific tasks. It highlights the rapid growth of public skill repositories, with tens of thousands of community‑built skills amassing thousands of GitHub stars. For consumers,...
By Tomasz Tunguz
News•Feb 8, 2026
Roundcube Webmail: SVG feImage Bypasses Image Blocking to Track Email Opens
Roundcube Webmail’s HTML sanitizer failed to treat the SVG element’s href attribute as an image source, allowing external URLs to load even when the “Block remote images” setting is enabled. This oversight lets attackers embed an invisible 1×1 SVG...
By Hacker News
News•Feb 8, 2026
UK Construction Firm Hit by Prometei Botnet Hiding in Windows Server
A UK construction company discovered the Russian‑linked Prometei botnet hidden on its Windows Server in January 2026. The malware entered via weak RDP credentials, installed persistent services, and used Mimikatz to steal network passwords while mining Monero cryptocurrency. Researchers from eSentire’s...
By HackRead
News•Feb 8, 2026
Insurtech Cowbell Enters Australian Market with AI-Driven Cyber Insurance Solution
Cyber‑insurance specialist Cowbell has entered Australia with Prime One, a product aimed at SMEs earning up to A$100 million. Backed by Zurich Australian Insurance, the offering provides up to A$5 million per‑claim coverage and can be quoted, bound, and issued in under...
By Crowdfund Insider
News•Feb 8, 2026
New Tool Blocks Imposter Attacks Disguised as Safe Commands
Tirith is a new open‑source, cross‑platform utility that monitors shell input to detect and block homoglyph‑based URL attacks and other deceptive command‑line tricks. It hooks into popular shells such as zsh, bash, fish, and PowerShell, inspecting every pasted command for...
By BleepingComputer
News•Feb 8, 2026
FCC Cybersecurity Alert and Recommendations to Communications Providers
On January 29, 2026 the Federal Communications Commission released public notice DA 26‑96, urging all communications providers to adopt a set of cybersecurity best practices aimed at thwarting ransomware attacks. The notice, issued by the FCC’s Public Safety and Homeland Security...
By DataBreaches.net
Blog•Feb 8, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs released its Malware Newsletter Round 83, curating the latest research and incident reports across the global malware landscape. The edition spotlights 341 malicious capabilities uncovered in the ClawHavoc bot, APT28’s exploitation of CVE‑2026‑21509, and Amaranth‑Dragon’s weaponization of CVE‑2025‑8088 for...
By Security Affairs
News•Feb 8, 2026
Hospital Employee Snooped in 98 Patient Records, Saskatchewan Privacy Commissioner Finds
A Saskatchewan privacy commissioner confirmed that a unit clerk at Dr. F.H. Wigmore Regional Hospital accessed their own health record and those of 98 other patients 102 times between July 2024 and June 2025. The employee disclosed private details to a coworker and a...
By DataBreaches.net
News•Feb 8, 2026
SMS Verification: Secure Online SMS Code Receiving with Virtual Numbers
SMS verification services offering temporary virtual phone numbers are gaining traction among privacy‑focused users and businesses. These platforms provide numbers from over 190 countries, allowing one‑time password (OTP) codes to be received online without a physical SIM. They operate on...
By TechBullion
News•Feb 8, 2026
Sumsub Launches ‘Risk Intolerant’ Registry to Spotlight Crypto and Fintech Safety Champions
Sumsub, a global verification and fraud‑prevention platform, has unveiled a public "Risk Intolerant" registry that awards badges to fintech, crypto, gaming, edtech and mobility firms demonstrating strong KYC, AML and fraud‑mitigation controls. The highest "Titan" badge has been granted to...
By The Fintech Times
Blog•Feb 8, 2026
The Rise of Quantum-Resistant Cryptography: Why 2026 Demands a New Security Paradigm
The episode explains how quantum-resistant cryptography is becoming essential in 2026 as quantum computers threaten traditional encryption like RSA and ECC. It outlines the rapid shift from research to standards, highlighting NIST’s upcoming post‑quantum standards and the surge in industry...
By Ian Khan’s Technology Blog
News•Feb 8, 2026
Vouch
Vouch introduces an explicit trust‑management layer for open‑source projects, letting maintainers vouch for or denounce contributors through GitHub issues, discussions, or a CLI. Unvouched users are blocked from contributing, while denounced users can be globally excluded. The system stores trust...
By Hacker News
News•Feb 8, 2026
Several Dutch Agencies Suffer Major Data Breach
Several Dutch government agencies, including the Data Protection Authority (AP) and the Council for Justice, suffered a data breach after a vulnerability in Ivanti Endpoint Manager was exploited. Unauthorized actors accessed personal information of agency employees, exposing names, contact details,...
By DataBreaches.net
Social•Feb 7, 2026
Moltbook’s Hidden SKILL File Fuels Unstoppable AI Agent Growth
The growth engine behind Moltbook's explosion to 1.5 million AI agents is a bit sinister. Everyone's sharing screenshots of bots debating philosophy and having existential crises. Good content. Very shareable. But it's a distraction from what's actually happening underneath. Mason Hall, ex-a16z...
By Jason Lemkin
Social•Feb 7, 2026
Human Error Cost $134M; Enforce Airdrop Max Limits
We helped in this recovery effort, a tiny bit. I didn't tweet when it first happened, to not spread FUD. A human error of $134m vs $1,340. All airdrop features should have a maximum value check. I am not even sure if...
By Changpeng Zhao
News•Feb 7, 2026
Hong Kong Plans to Revive Privacy Law Requiring Firms to Report Data Breaches
Hong Kong’s privacy commissioner announced plans to revive mandatory data‑breach reporting after a 2024 pause over business‑environment concerns. The government will consult lawmakers this year on amendments to the Personal Data (Privacy) Ordinance, introducing phased implementation and penalties for non‑compliance....
By DataBreaches.net
Social•Feb 7, 2026
Market Size Irrelevant; Success Can Exceed Initial TAM
One of my biggest takeaways from talking to @dugsong and @jonoberheide: Market size doesn't matter. They ultimately sold Duo to Cisco for $2.35B, which was bigger than the initial TAM when they started the company.
By Turner Novak
Blog•Feb 7, 2026
Security Implications of DORA AI Capabilities Model
The DORA AI Capabilities Model highlights how AI can reshape software delivery while exposing critical security concerns. It recommends a layered, least‑privilege access model, centralized proxy routing, and strict version‑control practices to safeguard sensitive data. Human‑in‑the‑loop reviews, audit‑ready platforms, and...
By Phil Venables’ Blog
News•Feb 7, 2026
From Disinformation to Espionage – Russia’s Hybrid Actions Against Poland
Russia has intensified a hybrid campaign against Poland, combining espionage, large‑scale cyber attacks, sabotage, and disinformation. Recent intelligence uncovered Russian spies inside the Ministry of National Defence and daily cyber assaults reaching up to 3,000 incidents. Moscow’s political elites have...
By Defence24 (Poland)
News•Feb 7, 2026
Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data
Security firm Wiz uncovered a critical vulnerability in Moltbook, an AI‑coded social network for AI agents, where a mishandled private key in JavaScript exposed thousands of email addresses and millions of API credentials. The flaw enabled complete account impersonation and...
By WIRED AI
News•Feb 7, 2026
Japan's Lower House Election Becomes a Testing Ground for Generative AI Misinformation
Japan’s lower‑house election has become a testing ground for generative‑AI misinformation, with fake videos and fabricated news spreading rapidly on YouTube and TikTok. A survey cited by the Japan Times found 51.5 percent of respondents believed the fake content to be...
By THE DECODER
News•Feb 7, 2026
Payments Platform BridgePay Confirms Ransomware Attack Behind Outage
BridgePay Network Solutions confirmed a ransomware attack knocked its payment gateway offline, triggering a nationwide outage across core APIs, virtual terminals, and hosted pages. The breach began early Friday, prompting the company to involve the FBI, U.S. Secret Service, and...
By BleepingComputer
News•Feb 6, 2026
Federal Agencies Embrace Networking as a Service to Modernize Their Networks
Federal agencies such as CISA and the VA are rapidly adopting Network as a Service (NaaS) to replace legacy network infrastructure. By partnering with FedRAMP‑authorized providers like Cisco Meraki and Juniper Mist, they gain cloud‑native agility, scalable security, and AI‑driven...
By FedTech Magazine
Podcast•Feb 6, 2026•38 min
The Timewarp Attack: A Long-Term Threat to Bitcoin Consensus W/ Core Dev Antoine Poinsot
In this episode, Bitcoin Core developer Antoine Poinsot explains the “off‑by‑one” Timewarp bug and how it can be exploited to bloat the blockchain, increase validation costs, and give mining cartels a competitive edge. He outlines the Great Consensus Cleanup—a set...
By Bitcoin Magazine Podcast
News•Feb 6, 2026
TeamPCP and the Rise of Cloud-Native Cybercrime
Flare researchers have uncovered a threat group called TeamPCP that targets cloud‑native environments by abusing exposed Docker, Kubernetes and other orchestration interfaces. First seen in late 2025, the campaign leverages AI‑driven automation and known flaws such as CVE‑2025‑29927 and React2Shell...
By eSecurity Planet
News•Feb 6, 2026
Nitrogen’s Ransomware Can’t Be Decrypted — Even by Nitrogen
A recent government advisory highlights that the Nitrogen ransomware family cannot be decrypted, even by its own operators. Victims who pay the ransom receive no guarantee of a working decryption key, and recovered files may remain corrupted. The warning underscores...
By DataBreaches.net
News•Feb 6, 2026
Quantum Encryption Method Demonstrated at City-Sized Distances for the First Time
Researchers in China have demonstrated device‑independent quantum key distribution (DI‑QKD) across 100 km of optical fiber, marking the first city‑scale implementation. By leveraging single‑photon interference and quantum frequency conversion, the team achieved high‑fidelity atom‑atom entanglement and maintained CHSH Bell inequality violations...
By Phys.org (Quantum Physics News)
Blog•Feb 6, 2026
Quantum Cryptography’s Secret Key Rates Boosted by New Entropy Link
Researchers have linked two‑way quantum key distribution, specifically advantage distillation, to asymptotic hypothesis testing using an integral representation of relative entropy. This theoretical bridge yields tighter upper and lower bounds on secret‑key rates, outperforming traditional fidelity‑based limits at short and...
By Quantum Zeitgeist