Today's Cybersecurity Pulse
Updated 2h agoCloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Feb 3, 2026
DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon
A critical security flaw named DockerDash was disclosed in Docker's Ask Gordon AI assistant, allowing unverified Docker image metadata to become executable instructions. The vulnerability, identified by Noma Labs, enables remote code execution in cloud and CLI environments and data exfiltration on Docker Desktop. Attackers inject malicious LABEL fields, which Ask Gordon passes to the Model Context Protocol gateway without validation, bypassing traditional security controls. Docker patched the issue in Desktop version 4.50.0, adding URL rendering blocks and mandatory user confirmations for MCP tool calls.
By Infosecurity Magazine
News•Feb 3, 2026
Orion Security Raises $32M in Series A Funding
Orion Security, a New York‑based AI‑driven contextual data protection firm, announced a $32 million Series A round. The financing was led by Norwest and included strategic participation from IBM alongside existing backers such as PICO Venture Partners and Lama Partners. The new...
By FinSMEs
News•Feb 3, 2026
From Credentials to Cloud Admin in 8 Minutes: AI Supercharges AWS Attack Chain
Threat actors used a publicly exposed AWS credential to launch an AI‑assisted attack that achieved full administrative control in under eight minutes. Large language models generated malicious Lambda code, enabling rapid privilege escalation, lateral movement across 19 principals, and costly...
By CSO Online
News•Feb 3, 2026
Umanitek Launches Guardian Agent to Tackle AI Hallucinations, Deepfakes and Identity Abuse
Umanitek AG unveiled Guardian Agent, a decentralized AI identity protection platform that combats large language model hallucinations, deepfakes, impersonation, and IP infringement. The service monitors hundreds of millions of accounts, delivering real‑time risk scores and generating verifiable evidence packs to...
By SiliconANGLE
News•Feb 3, 2026
OpenClaw Is a Major Leap Forward for AI—And a Cybersecurity Nightmare
Cybersecurity researchers uncovered roughly 1,000 unprotected gateways to OpenClaw, an open‑source proactive AI agent accessed through WhatsApp and Telegram. The exposed endpoints let anyone read or write files, hijack connected accounts, and exploit a plugin‑ranking system that a white‑hat hacker...
By Fast Company AI
News•Feb 3, 2026
Xeris Revolutionizes AI Agentic Cybersecurity With Patent Pending Super AI Agent Technology
Xeris unveiled a patent‑pending Super AI Agent platform designed to secure autonomous AI agents, multi‑cloud pipelines (MCP) and self‑evolving AI systems in enterprises. The technology acts as an autonomous supervisory AI that continuously observes, understands, and enforces policies on other...
By AiThority
News•Feb 3, 2026
Download: Tines Voice of Security 2026 Report
Tines has released its Voice of Security 2026 report, based on a survey of more than 1,800 security leaders and practitioners worldwide. The study reveals that while AI adoption is accelerating across security teams, manual work, rising workloads and burnout remain...
By Help Net Security
News•Feb 3, 2026
Hackers Exploit Critical React Native Metro Bug to Breach Dev Systems
Hackers are exploiting the critical CVE‑2025‑11953 flaw in the React Native Metro bundler to gain unauthenticated command execution on development machines. The vulnerability resides in the /open‑url HTTP endpoint, which accepts unsanitized POST data and can run arbitrary OS commands...
By BleepingComputer
News•Feb 3, 2026
Spanish Red Cross Launches Privacy-First Blockchain Aid Platform
The Spanish Red Cross has launched RedChain, a blockchain‑based platform that issues ERC‑20 aid credits on Ethereum and tracks donations in real time. Beneficiary personal data remains off‑chain, while cryptographic hashes on the public ledger provide verifiable proof of disbursement....
By Cointelegraph
News•Feb 3, 2026
Critical React Native Vulnerability Exploited in the Wild
A critical‑severity flaw (CVE‑2025‑11953, CVSS 9.8) in the React Native Community CLI’s Metro bundler has been actively exploited since late December. The vulnerability allows unauthenticated remote OS command execution via simple POST requests to development servers that bind to external interfaces....
By SecurityWeek
News•Feb 3, 2026
Researchers Warn of New “Vect” RaaS Variant
Researchers have identified a new ransomware‑as‑a‑service (RaaS) group called Vect, which has already hit organizations in Brazil and South Africa. The group markets a custom‑built C++ ransomware that uses ChaCha20‑Poly1305 encryption, claiming speeds 2.5 times faster than AES‑256‑GCM. Vect advertises...
By Infosecurity Magazine
News•Feb 3, 2026
ShareVault Achieves ISO 42001 Certification, Setting a New Global Standard for Responsible AI in Virtual Data Rooms
ShareVault announced it has earned ISO/IEC 42001:2023 certification, the first international standard for responsible AI management systems. The certification covers all AI‑powered capabilities in its virtual data room platform, including OCR, AI redaction, document chat, and automated translation, and validates...
By AiThority
Podcast•Feb 3, 2026•29 min
The Signal: What's New for Platforms & Payments Featuring Matt Downs of Global Payments | Episode 463
In this episode, Matt Downs, President of Integrated and Platforms at Global Payments, discusses the major shifts in platform payments as the industry heads toward 2026, emphasizing that payments have become a growth engine rather than a mere feature. He...
By Leaders in Payments
News•Feb 3, 2026
India’s Supreme Court to WhatsApp: ‘You Cannot Play with the Right to Privacy’
India’s Supreme Court delivered a stern rebuke to Meta, warning it cannot compromise Indian users’ right to privacy. The court questioned how WhatsApp, with over 500 million Indian users, obtains meaningful consent for data‑sharing and monetization of metadata. A ₹2.13 billion penalty...
By TechCrunch Apps
News•Feb 3, 2026
Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems
The Everest ransomware group alleges it stole roughly 90 GB of data from legacy Polycom engineering environments, which were acquired by HP in 2022 and now operate under the HP Poly brand. Screenshots released by the gang show file directories, source‑code trees...
By HackRead
News•Feb 3, 2026
Sandisk Brings SPRandom to Open Source for Large SSD Testing
SanDisk unveiled SPRandom, an open‑source preconditioning utility for large‑capacity enterprise SSDs. The tool, contributed to the fio benchmark suite, can shrink the time required to bring a 128 TB drive to steady state from over 144 hours to roughly six hours—a reduction...
By Help Net Security
News•Feb 3, 2026
RapidFort Raises $42M to Push Continuous Remediation for Software Supply Chain Security
RapidFort Inc. announced a $42 million Series A round to accelerate its continuous remediation platform for software supply chain security. The funding, led by Blue Cloud Ventures and Forgepoint Capital, will expand go‑to‑market efforts, enhance automated container hardening, and deepen adoption in...
By SiliconANGLE
News•Feb 3, 2026
Kasada Raises US$20M in Funding
Kasada, a New York cybersecurity startup, raised $20 million in a funding round led by EQT and backed by existing investors including Ten Eleven Ventures and Main Sequence Ventures. The capital will fund product scaling, cloud infrastructure expansion, and entry into...
By FinSMEs
News•Feb 3, 2026
How Data Brokers Can Fuel Violence Against Public Servants
A new Public Service Alliance report finds that state consumer‑privacy statutes fail to shield public employees from data‑broker exploitation, creating a "data‑to‑violence pipeline." The analysis of 19 laws shows no right for officials to compel redaction of personal details from...
By WIRED (Security)
News•Feb 3, 2026
When Cloud Outages Ripple Across the Internet
Recent high‑profile outages at AWS, Azure and Cloudflare have shown that cloud failures ripple far beyond compute, crippling the identity layer that underpins authentication and authorization. When shared services such as DNS, load balancers or managed databases go down, even...
By The Hacker News
News•Feb 3, 2026
Jan Recap: New AWS Privileged Permissions and Services
In January 2026 AWS introduced a suite of privileged permissions focused on networking, traffic control, and collaboration services. New actions for Network Firewall, Route 53 Global Resolver, EC2 VPC encryption controls, and Clean Rooms enable administrators to modify routing, firewall rules, and cross‑account...
By Security Boulevard
News•Feb 3, 2026
Self-Healing AI for Security as Code: A Deep Dive Into Autonomy and Reliability
Self‑healing AI is reshaping cybersecurity by automatically detecting and fixing vulnerabilities within DevSecOps pipelines. Microsoft’s large‑scale deployments illustrate how autonomous, AI‑powered “immune systems” can protect millions of users in real time. The article stresses that pure automation risks over‑reliance, so...
By Security Boulevard
News•Feb 3, 2026
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, North Korean‑linked APT37 (Ricochet Chollima) launched “Operation: ToyBox Story,” a spear‑phishing campaign targeting activists focused on North Korean affairs. The emails delivered Dropbox links to ZIP archives containing malicious LNK shortcut files that execute hidden PowerShell commands, creating...
By GBHackers On Security
News•Feb 3, 2026
SimSpace Unveils Major Upgrades to Its AI-Empowered Cyber Range Platform
SimSpace launched an Early Access Program for its upgraded AI‑empowered cyber range platform, aiming to close the training‑testing gap for cybersecurity teams. The new platform combines AI‑assisted self‑service range design, a visual workbench, comprehensive security benchmarking, and API‑first integration capabilities....
By AI-TechPark
![Secure Web Gateway (Noun) [Word Notes]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://megaphone.imgix.net/podcasts/8797f03a-a50b-11ea-b6c0-87ebb093948d/image/hacking-humans-cover-art-cw.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
Podcast•Feb 3, 2026•9 min
Secure Web Gateway (Noun) [Word Notes]
In this brief episode, host Rick Howard defines a Secure Web Gateway (SWG) as a layer‑seven firewall positioned at the network perimeter to enforce security policies and conduct detection and prevention tasks. He highlights the SWG’s role in inspecting web...
By Hacking Humans
Podcast•Feb 3, 2026•39 min
When Legit Is the Trick: Phishing’s Sneaky New Moves. [OMITB]
In this episode of Only Malware in the Building, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski explore how attackers are weaponizing legitimate Microsoft services to make phishing campaigns harder to detect. They break down two...
By Hacking Humans
News•Feb 3, 2026
Lt Gen (Dr) Rajesh Pant to Lead Webinar on AI-Driven Cyber Threats — Register Free Now
Cyble and The Cyber Express are hosting a free Zoom webinar on Feb 24, 2026 titled “AI, Ransomware & Hacktivism: The Cyber Risk Shift Most Leaders Are Failing to See.” The session will be led by Lt Gen (Dr) Rajesh...
By The Cyber Express
News•Feb 3, 2026
Shai-Hulud & Co.: The Software Supply Chain as Achilles’ Heel
Supply‑chain attacks have evolved from passive typosquatting to active worms, exemplified by the Shai‑Hulud malware. Shai‑Hulud steals developer credentials, republishes infected npm packages, and can trigger a dead‑man switch that erases evidence. The worm’s ability to move across languages and...
By CSO Online
News•Feb 3, 2026
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
A malicious Android app posing as a document reader amassed over 50,000 downloads on Google Play before being removed. The app functioned as a dropper for the Anatsa banking trojan, which can harvest credentials and execute unauthorized transactions. ThreatLabz identified...
By GBHackers On Security
News•Feb 3, 2026
Berchem School Hit by Cyberattack as Hackers Target Parents With €50 Ransom Demand
A ransomware group breached the servers of secondary school Onze‑Lieve‑Vrouwinstituut Pulhof in Berchem, forcing a shutdown of internal systems. The school refused to pay the initial ransom and the attackers escalated by demanding €50 per child from parents, threatening to...
By The Cyber Express
News•Feb 3, 2026
Q&A with Ashley Burkle, Director of Business Development at Identiv
In a February 2026 interview, Ashley Burkle, Director of Business Development at Identiv, outlined the company’s push to embed secure digital identities into consumer packaging through NFC, BLE and UHF RFID technologies. Identiv’s solutions turn everyday products into connected data sources,...
By The Retail Bulletin
News•Feb 3, 2026
Why Identity Threat Detection & Response Matters in 2026?
Identity Threat Detection & Response (ITDR) has become a core security pillar in 2026 as enterprises shift to cloud, remote work, and SaaS ecosystems, making compromised credentials the primary breach vector. Traditional defenses miss malicious activity that occurs after successful...
By Security Boulevard
News•Feb 3, 2026
Leveraging ISACA for Your CMMC Career
The Cybersecurity Maturity Model Certification (CMMC) is becoming the mandatory standard for Department of Defense contractors to demonstrate protection of Federal Contract Information and Controlled Unclassified Information. CMMC 2.0 streamlines requirements into three levels, with Level 1 covering basic cyber hygiene,...
By Security Magazine (Cybersecurity)
News•Feb 3, 2026
Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs
The Chinese APT group Lotus Blossom has been linked to a sophisticated supply‑chain attack on the Notepad++ distribution platform. Attackers delivered a custom backdoor dubbed Chrysalis via a malicious NSIS‑based update.exe that sideloaded a forged Bitdefender Submission Wizard DLL into...
By GBHackers On Security
Blog•Feb 2, 2026
AI Didnt Break Cybersecurity
The author argues that AI did not break cybersecurity; longstanding governance failures did. AI merely amplified existing shadow‑IT practices and unclear risk ownership, exposing gaps that boards and CISOs have ignored. The piece calls for a shift from treating security...
By Erdal Ozkaya’s Cybersecurity Blog
News•Feb 2, 2026
What Verified Breach Data Changes About Exposure Monitoring
Exposure monitoring relies on unverified breach feeds, leading to duplicate, fabricated, and stale alerts. Without validation, teams waste time triaging false positives and lose confidence in their programs. Verified breach data, as offered by Constella, provides source confirmation, de‑duplication, timestamps...
By Security Boulevard
News•Feb 2, 2026
NDSS 2025 – VeriBin: Adaptive Verification Of Patches At The Binary Level
VeriBin is a novel system that automatically verifies whether a binary‑level patch is safe to apply by checking functional equivalence between the original and patched executables. It leverages symbolic execution to isolate patch‑introduced changes and validates them against properties that...
By Security Boulevard
News•Feb 2, 2026
The Cost of Poor Cloud Resilience Is Often Paid in Ransom, Rubrik Warns
Rubrik warned that inadequate cloud resilience is turning ransomware attacks into costly ransom payments. The company showcased a tabletop exercise, “Zero Hour Horizon Retail,” which simulated a breach that escalated because backups were compromised and identity misconfigurations granted attackers full...
By SiliconANGLE
News•Feb 2, 2026
NjRAT Runs MassLogger
The long‑standing njRAT remote‑access trojan was observed delivering the credential‑stealing malware MassLogger via its C2 traffic. Using NetworkMiner Professional, analysts decoded PCAP data, extracting screenshots, command parameters and gzip‑compressed executables. The “CloudServices.exe” payload, identified as MassLogger, exfiltrates credentials by emailing...
By Security Boulevard
News•Feb 2, 2026
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi‑stage phishing campaign is targeting business users by sending clean‑looking procurement emails that contain PDFs with hidden clickable buttons. The PDFs exploit AcroForms and FlateDecode to redirect victims to a second file hosted on legitimate Vercel Blob storage, bypassing...
By HackRead
News•Feb 2, 2026
Top Cybersecurity Companies
Cybersecurity vendors are shifting from point products to AI‑driven unified platforms that combine SIEM, XDR, SOAR and threat intelligence. Companies like Seceon illustrate this trend by offering a fully integrated, machine‑learning‑based solution that scales across cloud, on‑prem and MSSP environments....
By Security Boulevard
News•Feb 2, 2026
Notepad++ Says Chinese Government Hackers Hijacked Its Software Updates for Months
The Notepad++ developer confirmed that state‑linked Chinese hackers hijacked the editor’s update mechanism from June to December 2025, delivering malicious payloads to a limited set of users. The attackers exploited a vulnerability on a shared‑hosting server to redirect update requests...
By TechCrunch (Cybersecurity)
News•Feb 2, 2026
Mozilla Announces Switch to Disable All Firefox AI Features
Mozilla announced that Firefox 148, releasing on February 24, will include a global “Block AI enhancements” toggle, letting users disable all generative AI features or manage them individually. The AI controls panel covers five specific tools—browser translations, PDF alt‑text generation, AI‑enhanced tab...
By BleepingComputer
News•Feb 2, 2026
How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
Between Jan 8‑13 2026 a global sports organization faced a coordinated ticket‑scalping attack that generated over 16 million malicious requests from 3.9 million unique IPs. DataDome’s Galileo Threat Research team identified the threat in real time and deployed AI‑driven detection that blocked every request...
By Security Boulevard
News•Feb 2, 2026
Microsoft: January Update Shutdown Bug Affects More Windows PCs
Microsoft confirmed that a shutdown bug introduced by the January 15 cumulative update affects Windows 11 23H2 devices with System Guard Secure Launch and extends to Windows 10 22H2, Enterprise LTSC 2021 and 2019 when Virtual Secure Mode (VSM) is enabled. Emergency...
By BleepingComputer
News•Feb 2, 2026
Outtake Closes $40M Series B Led by ICONIQ to Build the Unified Platform for Digital Trust in the AI Era
Outtake announced a $40 million Series B round led by ICONIQ, with participation from CRV, S32 and a slate of high‑profile tech executives. The funding will accelerate its unified digital‑trust platform that protects enterprises from AI‑driven impersonation and identity abuse. Outtake reported...
By The AI Insider
Blog•Feb 2, 2026
Please Don’t Feed the Scattered Lapsus ShinyHunters
The Scattered Lapsus ShinyHunters (SLSH) extortion gang blends data theft with aggressive personal harassment, including swatting, DDoS attacks, and media pressure. Operating through chaotic Telegram channels linked to The Com cyber‑crime network, they target executives via phone‑based phishing and MFA...
By Krebs on Security
Podcast•Feb 2, 2026•29 min
EP261 No More Aspiration: Scaling a Modern SOC with Real AI Agents
In this episode, Dennis Chow, Director of Detection Engineering at UKG, discusses the shift from static LLM chatbots to autonomous AI agents within a modern SOC, outlining a three‑tier model that treats agents as application‑level logic requiring robust identity, authorization,...
By Cloud Security Podcast
News•Feb 2, 2026
CTM360 Report Warns of Global Surge in Fake High-Yield Investment Scams
CTM360’s new report reveals a sharp global rise in fraudulent high‑yield investment programs, or HYIPs, promising unrealistic returns such as 40 % in 72 hours. Over 4,200 scam sites were cataloged in the past year, with December 2025 alone seeing 485 incidents—about 15...
By BleepingComputer
News•Feb 2, 2026
Ransomware Attack Compromised 377,000 People’s Social Security and Driver’s License Numbers From Texas Gas Station and Convenience Store Chain
A ransomware group infiltrated Gulshan Management Services, the operator of about 150 Handi Plus and Handi Stop gas stations across Texas, exposing personal data of 377,082 individuals. The attackers accessed the network through a phishing email and remained undetected for several days,...
By DataBreaches.net