🎯Today's Cybersecurity Pulse
Updated 1h agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 5, 2026
Measuring AI Use Becomes a Business Requirement
A Larridin survey reveals a 16‑point visibility gap between executives and directors on AI usage, highlighting pervasive shadow AI and fragmented governance. Large enterprises run an average of 23 AI tools, yet only 38 percent maintain a comprehensive inventory, leaving many deployments unmanaged. The study shows that IT functions achieve the strongest ROI and confidence, while customer support and logistics lag behind. Formal AI training correlates with higher productivity and better ROI expectations, underscoring the need for real‑time measurement.
By Help Net Security
News•Feb 5, 2026
Tribunal Partially Overturns Ruling on Bunnings Privacy Breach
The Administrative Review Tribunal (ART) partially overturned the Australian Information Commissioner’s finding that Bunnings breached privacy law with its facial‑recognition trial. While the tribunal accepted Bunnings’ reasonable belief that the technology was necessary to combat retail crime, it cleared the...
By Inside Retail Australia
News•Feb 5, 2026
Two Ivy League Universities Had Donor Information Breaches. Will Donors Be Notified?
Harvard University disclosed a November phishing attack that exposed alumni, donor and limited staff data, while the University of Pennsylvania confirmed a ShinyHunters intrusion that accessed Salesforce, SAP and other systems, compromising roughly 1.2 million students, alumni and donors. Both breaches...
By DataBreaches.net
Podcast•Feb 5, 2026•6 min
SANS Stormcast Thursday, February 5th, 2026: Malicious Scripts; Synectix Vuln; Google Chrome; Google Looker;
In this Stormcast episode, the hosts discuss a multi‑stage malicious script that injects into Chrome, downloads a seemingly benign wallpaper image, and then installs additional payloads like Xworm to evade AV detection. They highlight a critical, unauthenticated web‑admin vulnerability (CVE‑2026‑1633)...
By SANS Internet StormCast
Podcast•Feb 4, 2026•9 min
How the SCAM Act Would Encourage Platforms to Go After Scammers
In this episode, Paul Benda explains the SCAM Act introduced by Senators Ruben Gallego and Bernie Moreno, which would impose new know‑your‑customer and ad‑takedown obligations on major tech platforms that profit from fraudulent advertising. He outlines why current market incentives...
By ABA Banking Journal Podcast
News•Feb 4, 2026
Tenable Pops After Blowout Earnings and Bullish 2026 Outlook
Tenable Holdings posted a strong fiscal fourth‑quarter, reporting adjusted earnings of $0.48 per share and revenue of $260.5 million, both surpassing analyst expectations. Year‑over‑year revenue grew 11% to $999.4 million, while calculated billings rose 8% to $327.8 million. The company added 502 new...
By SiliconANGLE
News•Feb 4, 2026
Threat Actors Hijack Web Traffic After Exploiting React2Shell Vulnerability: Report
Researchers at Datadog Security Labs report that threat actors are exploiting the React2Shell vulnerability (CVE‑2025‑55182) in React Server Components to compromise NGINX servers managed via Boato Panel, hijacking web traffic and redirecting users to malicious sites. The attacks target a...
By CSO Online
News•Feb 4, 2026
IT Gives, Security Takes Away, and Configuration Drift Is the Hidden Cost
Configuration drift—incremental, often unnoticed changes to security settings—has become a major hidden threat for enterprises. Modern, hyper‑configurable security platforms and frequent temporary exceptions cause the drift to accelerate, eroding a company’s security posture over time. High‑profile breaches such as Colonial...
By Security Boulevard
News•Feb 4, 2026
Insider Threat Cited in $22M Iowa Bank Fraud Case
Prosecutors allege that an Iowa bank employee colluded with Curtis Weston to create 66 fraudulent loans worth $22 million, exploiting customer information from a previous employer. The scheme used 26 stolen identities and cycled funds through multiple banks and an online...
By American Banker Technology
News•Feb 4, 2026
Critical N8n Flaws Disclosed Along with Public Exploits
Multiple critical flaws identified as CVE‑2026‑25049 let any authenticated n8n user execute arbitrary code on the host server. The vulnerabilities stem from weak sandboxing of user‑written JavaScript and bypass the prior CVE‑2025‑68613 fix. Versions prior to 2.5.2 and 1.123.17 are...
By BleepingComputer
News•Feb 4, 2026
AT&T Turns to Autonomous AI Agents to Slash Fraud and Customer Wait Times
AT&T is rolling out autonomous AI agents to combat spam and fraud calls while streamlining internal processes. The network‑integrated digital receptionist, ActiveArmor, engages unknown callers in real time, disconnecting suspicious interactions or taking messages. Internally, the company’s partnership with Microsoft...
By PYMNTS
News•Feb 4, 2026
Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes
A critical vulnerability (CVE‑2026‑24512) in ingress‑nginx allows authenticated attackers to inject arbitrary Nginx directives via the rules.http.paths.path field, leading to code execution and secret disclosure in Kubernetes clusters. The flaw affects all ingress‑nginx releases before v1.13.7 and v1.14.3. Exploitation requires...
By eSecurity Planet
News•Feb 4, 2026
Reclaiming Privacy: The 8th Street’s Mission to Safeguard Spaces
The 8th Street, founded by former cybersecurity experts, is launching its flagship Hidden Camera Detector to combat the surge of covert surveillance in homes, offices, and hotels. The compact device combines RF and GPS detection to locate hidden cameras with...
By Retail Insider Canada
News•Feb 4, 2026
What Is Malvertising and Protecting Yourself From Ad-Based Attacks Online
Malvertising—a form of malicious advertising—saw a 42% month‑over‑month surge in the first half of 2023, underscoring its rapid adoption by cybercriminals. A recent case involved Lowe’s employees being duped by spoofed Google ads that mimicked the MyLowesLife portal, leading to...
By Retail Insider Canada
News•Feb 4, 2026
Don’t Panic: 0apt’s Listings and Data Leaks Are Fakes — Researchers
Researchers at DataBreach.com have uncovered that the new ransomware‑style group 0apt is not delivering real stolen data. The site lists high‑profile companies, but each download streams infinite random bits generated by /dev/random, producing only white noise. The tactic creates the...
By DataBreaches.net
News•Feb 4, 2026
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google released a Chrome update that patches two high‑severity vulnerabilities, CVE‑2026‑1862 and CVE‑2026‑1861, affecting the V8 engine and libvpx video decoder. The V8 type‑confusion flaw can enable arbitrary code execution, while the libvpx heap overflow may cause crashes or be...
By eSecurity Planet
Social•Feb 4, 2026
EU Nears Security Accreditation for Galileo PRS Service
.@defis_eu says @GalileoGNSS secure PRS service to get EU security accreditation 'soon;' @DLR_en preparing service to geo-locate global GPS/Galileo interference. #EuropeanSpaceConf. @GrudlerCh. https://t.co/BEoAxMEwVU https://t.co/CtsfxxkoYt
By Peter B. de Selding
News•Feb 4, 2026
CISA: VMware ESXi Flaw Now Exploited in Ransomware Attacks
CISA confirmed that ransomware gangs are exploiting a high‑severity VMware ESXi sandbox‑escape flaw, CVE‑2025‑22225, which Broadcom patched in March 2025 alongside two related vulnerabilities. The vulnerability enables an arbitrary kernel write, allowing attackers with privileged VMX process access to break...
By BleepingComputer
News•Feb 4, 2026
'A Bet for the Future of Cybersecurity' – Nord Security Hits 400 Patents as Race for Solutions Against Next-Gen Threats...
Nord Security announced it now holds over 400 patents worldwide, a four‑fold increase since 2023, underscoring a rapid escalation in its R&D efforts. The bulk of the filings target VPN protocols, advanced identity management, machine‑learning threat detection, and quantum‑resistant cryptography....
By TechRadar
News•Feb 4, 2026
ACFW Firewall Test Prologue – Still Failing at the Basics
The forthcoming Advanced Cloud Firewall (ACFW) test reveals that a significant number of cloud firewall vendors are unable to block basic application‑layer attacks such as SQL injection, command injection, SSRF and API abuse, with detection rates often below 20%. While...
By Security Boulevard
Blog•Feb 4, 2026
Shows Trojan-Resilient NTT Protects Post-Cryptography Against Control and Timing Faults
Researchers introduced a Trojan‑resilient Number Theoretic Transform (NTT) architecture that detects and mitigates control‑flow and timing faults on reconfigurable platforms. Implemented on an Artix‑7 FPGA, the design uses a clock‑cycle counter, control‑status register, and RENO‑based recomputation to correct anomalies. The...
By Quantum Zeitgeist
Blog•Feb 4, 2026
SEALSQ Corp (NASDAQ: LAES) Details Quantum-Resistant Security Vision
SEALSQ Corp unveiled a "root‑to‑quantum" security platform that embeds a hardware Root of Trust into microcontrollers and TPM‑class devices, pairing it with post‑quantum cryptography and a proprietary quantum highway. The solution promises cryptographic agility, enabling seamless updates as quantum threats...
By Quantum Zeitgeist
News•Feb 4, 2026
Global SystemBC Botnet Found Active Across 10,000 Infected Systems
Silent Push has identified more than 10,000 active SystemBC infections across data‑centre and government servers in the US, Europe and Asia. The multi‑platform proxy malware turns compromised hosts into SOCKS5 relays, a technique frequently observed before ransomware campaigns. A previously unknown...
By Infosecurity Magazine
News•Feb 4, 2026
Significant Ransomware & Firewall Misconfiguration Breach
Marquis, a fintech provider, suffered a ransomware breach traced to misconfigured legacy SonicWall firewalls and exposed backup files. The attackers leveraged publicly accessible configuration data to map the network and deploy ransomware without triggering traditional alerts. The incident highlights how...
By Security Boulevard
News•Feb 4, 2026
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
APT28, a Russia‑linked threat group, is exploiting a newly disclosed Microsoft Office zero‑day through crafted Office and RTF documents delivered via phishing emails. The vulnerability enables unauthorized code execution without macros, allowing lightweight loaders to establish command‑and‑control while evading traditional...
By Security Boulevard
News•Feb 4, 2026
Google Ads Adds a Second Set of Eyes for High-Risk Account Changes
Google Ads has introduced multi‑party approval, a security layer that obliges a second administrator to sign off on high‑risk actions such as adding or removing users and changing roles. When an admin initiates such a change, an in‑product request is...
By Search Engine Land
News•Feb 4, 2026
CISA Warns of Five-Year-Old GitLab Flaw Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the five‑year‑old GitLab SSRF vulnerability (CVE‑2021‑39935) after confirming it is being actively exploited. The flaw, fixed by GitLab in December 2021, allows unauthenticated users to access...
By BleepingComputer
News•Feb 4, 2026
ConnectSecure Introduces Linux Patching Capability to Simplify Cross-Distro Updates
ConnectSecure unveiled a cross‑platform Linux patching capability that consolidates updates for Red Hat, Ubuntu, Debian, and CentOS into a single console. The tool automates kernel and OS patch identification and deployment, cutting manual effort by up to 80 %. It also introduces...
By Help Net Security
News•Feb 4, 2026
The Double-Edged Sword of Non-Human Identities
Flare’s 2025 analysis uncovered more than 10,000 Docker Hub images exposing API keys, cloud tokens, and AI model credentials. The leaks illustrate how non‑human identities—tokens, service accounts, and workload identities—are embedded in containers and can persist for years, as seen...
By BleepingComputer
News•Feb 4, 2026
New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure
Group‑IB uncovered new technical markers that expand the ShadowSyndicate cybercrime infrastructure, adding two fresh SSH fingerprints and revealing server‑transfer tactics that link dozens of servers to a single operator. The cluster consistently reuses OpenSSH keys and hosts on the same...
By Infosecurity Magazine
News•Feb 4, 2026
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
Chinese‑linked hacking group Mustang Panda launched a covert espionage campaign in late 2025, distributing counterfeit US diplomatic briefings to government officials across Asia and Eastern Europe. The malicious PDFs triggered infection simply by being opened, deploying the PlugX DOPLUGS downloader...
By HackRead
News•Feb 4, 2026
BOXX Unveils Complete Cyber and Tech E&O Coverage
BOXX Insurance launched Tech E&O by BOXX, a comprehensive errors‑and‑omissions policy tailored for technology firms ranging from startups to enterprises. The product combines traditional E&O with integrated cyber coverage, 24/7 incident response, and a risk‑management platform. It introduces novel protections...
By Fintech Global
News•Feb 4, 2026
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
TP‑Link disclosed nine critical authenticated command‑injection flaws in its Archer BE230 v1.2 router firmware, each assigned a separate CVE and scoring 8.5‑8.6 on the CVSS v4.0 scale. The vulnerabilities affect web, VPN, cloud, and configuration modules, allowing attackers with high‑privilege access to...
By GBHackers On Security
News•Feb 4, 2026
AI Drives Doubling of Phishing Attacks in a Year
Cofense reports that phishing attacks doubled in 2025, with security filters catching one malicious email every 19 seconds, up from one every 42 seconds in 2024. The surge is driven by AI, which threat actors now use as a core...
By Infosecurity Magazine
News•Feb 4, 2026
ID.me Appoints Former State Executive and Government Modernization Leader Mitch Melis as Field CTO, Public Sector
ID.me announced the appointment of Mitch Melis as Field Chief Technology Officer for the public sector. Melis will act as a trusted advisor to government agencies, helping them scale digital identity solutions while meeting compliance and fraud‑prevention requirements. He brings...
By MarTech Series
News•Feb 4, 2026
Why Moltbook Changes the Enterprise Security Conversation
Moltbook is a social platform where AI agents register, read, and post content autonomously, creating a hidden communication channel that bypasses traditional human‑centric security controls. Enterprises can deploy agents that interact with Moltbook long after an initial prompt, exposing data...
By Security Boulevard
News•Feb 4, 2026
Essential Practices for Keeping Business Technology Fully Secure
Businesses face escalating cyber threats, making comprehensive technology security essential. The article outlines a layered strategy that starts with regular risk assessments to pinpoint vulnerabilities and allocate defenses. It emphasizes strong password policies, multi‑factor authentication, and automated software patching as...
By TechBullion
News•Feb 4, 2026
MomentProof Deploys Patented Digital Asset Protection
MomentProof, Inc. has deployed its patented MomentProof Enterprise platform for AXA, enabling cryptographically sealed, AI‑resilient digital assets in the insurer's claims process. The technology certifies images, video, audio and metadata at capture, providing deterministic authenticity verification. AXA reports eliminated probabilistic...
By HackRead
News•Feb 4, 2026
Why Operational Threat Intelligence Needs AI Agents Now, Not Later
Operational threat intelligence is being overwhelmed by noise and slow manual processes, prompting a shift toward AI agents. Gartner highlights that most organizations lack end‑to‑end AI integration across the intelligence lifecycle, with only 43% reporting tangible benefits. AI agents can...
By AI-TechPark
News•Feb 4, 2026
Microsoft Rolls Out Native Sysmon Monitoring in Windows 11
Microsoft has begun rolling out native Sysmon functionality to Windows 11 Insider builds in the Beta and Dev channels. The built‑in service mirrors the popular Sysinternals Sysmon tool, logging process, file and clipboard events to the Windows Event Log. It remains...
By BleepingComputer
News•Feb 4, 2026
Former Nuance Communications Employee Facing More Charges in 2023 Geisinger Data Breach Case
Former Nuance Communications employee Max Vance has been hit with two additional false‑statement counts after a superseding indictment revealed he lied to FBI agents about downloading protected health information. The indictment follows his original charge of unlawfully accessing data belonging...
By DataBreaches.net
News•Feb 4, 2026
Banks Are Not Prepared for the Industrialization of Crypto Theft
Drainer‑as‑a‑Service (DaaS) platforms are industrializing crypto theft, letting low‑skill actors launch high‑value heists at scale. Traditional bank compliance, reliant on static blacklists, cannot keep pace with the real‑time, multi‑domain attacks these services enable. The author urges banks to shift from...
By American Banker Technology
News•Feb 4, 2026
Noah Taps Sumsub for Reusable KYC
Financial infrastructure firm Noah has teamed up with identity‑verification specialist Sumsub to embed a reusable KYC framework across its platform. The integration enables users verified by any of Sumsub’s 4,000+ partner institutions to onboard on Noah‑powered wallets, exchanges and payment...
By Finextra
News•Feb 4, 2026
DMARC Alerts in Slack
EasyDMARC now pushes DMARC and email‑authentication alerts straight into Slack, turning a traditionally passive control into an active operational signal. The integration delivers high‑signal events—such as DNS record changes, authentication‑failure spikes, and policy shifts—complete with domain, severity and rationale, while...
By Security Boulevard
Blog•Feb 4, 2026
Microsoft: Info-Stealing Malware Expands From Windows to macOS
Microsoft has observed a rapid rise in information‑stealing malware targeting macOS, a shift from its traditional Windows focus. Since late 2025, threat actors have deployed macOS‑specific stealers such as DigitStealer, MacSync and Atomic macOS Stealer, often written in Python and...
By Security Affairs
News•Feb 4, 2026
SECNAP CloudJacket MXDR Integrates SOC, SIEM, and NDR
SECNAP Network Security launched CloudJacket MXDR, a managed extended detection and response platform that unifies SOC, SIEM, and NDR functions under a single pane of glass. Built on the patented CloudJacket foundation, the solution adds multi‑tenant capabilities, AI‑augmented analyst workflows,...
By Help Net Security
News•Feb 4, 2026
Interlock Ransomware Exploits Zero-Day in Gaming Anti-Cheat Driver to Disable EDR, AV
Interlock ransomware has added a zero‑day exploit in a gaming anti‑cheat driver (CVE‑2025‑61155) to its arsenal, deploying a signed kernel driver called UpdateCheckerX64.sys. The new BYOVD tool, dubbed Hotta Killer, creates a demand‑start service and uses DeviceIoControl to terminate security...
By GBHackers On Security
News•Feb 4, 2026
AI Bots Are Now a Signifigant Source of Web Traffic
The latest TollBit report, backed by Akamai data, shows AI‑driven scraping bots now account for a sizable share of web traffic, with one out of every 50 visits to monitored sites originating from such bots. AI bots are increasingly ignoring...
By WIRED AI
News•Feb 4, 2026
Supply Chain Attack Exploits Notepad++ Update Mechanism to Push Targeted Malware
A sophisticated supply‑chain attack hijacked Notepad++'s update mechanism after a hosting‑provider breach, remaining active from June 2025 to December 2025. Attackers rotated command‑and‑control servers and deployed three distinct infection chains that delivered Cobalt Strike beacons and a custom Chrysalis backdoor. The...
By GBHackers On Security
News•Feb 4, 2026
The First 90 Seconds: How Early Decisions Shape Incident Response Investigations
Eric Zimmerman of the SANS Institute argues that incident response failures stem more from early‑stage decisions than from tool gaps. He defines the "first 90 seconds" as a repeatable decision window that recurs each time a new system enters scope,...
By The Hacker News