🎯Today's Cybersecurity Pulse
Updated 14m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform as a remedy for fragmented legacy VPNs and hardware firewalls. The solution uses a single‑pass architecture that runs security checks across a global network spanning over 300 cities, removing service‑chaining bottlenecks. It also integrates zero‑trust capabilities.
Also developing:
By the numbers: Zafran Security raises $60M Series C
Blog•Feb 27, 2026
RefAssured, ID.me Partner to Fight Candidate Fraud
RefAssured and ID.me have launched an advanced fraud‑prevention solution that embeds identity verification into staffing agencies' existing applicant tracking systems. The joint offering combines RefAssured’s 1.5 million reference reports with ID.me’s digital identity wallet, which serves over 160 million users, to authenticate candidates early in the hiring workflow. By verifying identity and performance before candidates enter client talent pools, agencies can block fake resumes, deepfake profiles, and organized fraud rings without slowing placement speed. The solution is immediately available to enterprise staffing firms and aims to restore client trust while cutting hiring costs.
By HRTech Cube
News•Feb 27, 2026
OpenClaw Vulnerability Exposes How an Open-Source AI Agent Can Be Hijacked
OpenClaw, an open‑source AI agent that quickly amassed over 100,000 GitHub stars, was found to contain a critical vulnerability that lets any website a developer visits hijack the local agent via an unauthenticated WebSocket connection. The flaw bypasses rate‑limiting and...
By The Cyber Express
News•Feb 27, 2026
Oculeus 2FN Authenticates Calls in Real Time to Stop CLI Spoofing
Oculeus has launched its Two Factor Network (2FN) solution, giving telcos a real‑time framework to authenticate caller identity and stop CLI spoofing. The system creates a parallel verification path with digital signatures that peer‑to‑peer carriers exchange during call setup. Industry...
By Help Net Security
News•Feb 27, 2026
Hackers Tricked by Fake Satellite in Groundbreaking Cybersecurity Sting
Researchers unveiled HoneySat at NDSS 2026, the first high‑interaction satellite honeypot that mimics an entire CubeSat mission, including ground‑segment software and orbital dynamics. In three public deployments, attackers issued 22 authentic flight‑software commands, attempting to access ground systems, extract telemetry,...
By Orbital Today
News•Feb 27, 2026
Proofpoint Celebrates A/NZ Partners
Proofpoint announced the 2025 ANZ Partner Awards at its Protect Tour in Sydney, honoring partners that advance human‑ and agent‑centric cybersecurity. Nextgen Distribution earned Distributor of the Year, while NTT Data was named Partner of the Year. Infotrust secured Growth...
By ARN (Australia)
News•Feb 27, 2026
DoD Replaces Paper-Based Access Requests with Automated ICAM Workflow
The Department of Defense is phasing out the decades‑old DD Form 2875, replacing it with an automated Identity, Credential and Access Management (ICAM) workflow. The new system will provision, authorize, and revoke user access within hours, generate immutable audit logs,...
By Federal News Network
Blog•Feb 27, 2026
Beyond the CLI: 5 Governance Questions Every CISO Must Ask Before Deploying Claude Code
Anthropic’s Claude Code introduces a CLI‑based AI agent that can navigate repositories, draft patches, and run tests, turning code remediation into a near‑instant process. While the speed gains are compelling, the tool also grants autonomous execution rights that blur traditional...
By Erdal Ozkaya’s Cybersecurity Blog
News•Feb 27, 2026
The Key Components of a Vendor Relationship Management Framework
The rise of distributed supply chains has turned vendors into ongoing operational dependencies, prompting the need for a structured Vendor Relationship Management (VRM) framework. By distinguishing day‑to‑day vendor management from strategic Supplier Relationship Management, companies can ensure reliability while fostering...
By Security Boulevard
News•Feb 26, 2026
Cisco Says Hackers Have Been Exploiting a Critical Bug to Break Into Big Customer Networks Since 2023
Cisco disclosed that a critical vulnerability in its Catalyst SD‑WAN platform has been actively exploited since 2023. The flaw carries a CVSS rating of 10.0, granting attackers remote code execution and full administrative control. Hackers have used the bug to...
By DataBreaches.net
News•Feb 26, 2026
India: Cybersecurity Guidelines to Safeguard Space Systems
India has issued comprehensive cybersecurity guidelines for space systems, jointly crafted by the Indian Computer Emergency Response Team (CERT‑In) and the Space and IT Association‑India (SIA‑India). The advisory framework targets satellite operators, ground‑station managers, manufacturers and emerging private space firms,...
By OpenGov Asia
News•Feb 26, 2026
Malaysia Leads ASEAN in Cross-Border Cloud Governance
Malaysia, through the Malaysia Digital Economy Corporation, has secured ASEAN endorsement for a Regional Framework on Cross‑Border Cloud Computing. The framework, unveiled at the 6th ASEAN Digital Ministers’ Meeting, introduces shared governance principles and "Trusted Data Corridors" to ensure secure...
By OpenGov Asia
News•Feb 26, 2026
HackerOne Adds AI Agent to Validate Vulnerabilities
HackerOne introduced an AI agent that automatically validates reported vulnerabilities, distinguishing real threats from false positives. The agent, built on the Hai platform and trained with a Continuous Threat Exposure Management methodology, assesses risk, identifies duplicates, and recommends remediation priorities....
By Security Boulevard
News•Feb 26, 2026
Fake Zoom and Google Meet Scams Install Teramind: A Technical Deep Dive
A fake Zoom update and a parallel Google Meet impersonation are delivering the same Teramind monitoring MSI to Windows PCs. The installer’s filename contains a unique 40‑character hex string that the MSI parses at install time to set attacker‑specific instance IDs,...
By Security Boulevard
News•Feb 26, 2026
Stars Align for Passkeys but Will Adoption Follow?
Credential‑based fraud and login friction are eroding conversion for high‑value e‑commerce shoppers, prompting merchants to seek stronger, lower‑friction authentication. Passkeys, built on FIDO public‑key cryptography and unlocked via biometrics or PIN, promise to eliminate password reuse and phishing risk. PayPal...
By PYMNTS
News•Feb 26, 2026
Marquis V. SonicWall Lawsuit Ups the Breach Blame Game
Fintech firm Marquis, which serves over 700 banks, filed a lawsuit against firewall vendor SonicWall after a ransomware breach exposed client data for roughly 780,000 individuals. SonicWall later disclosed that a breach of its own firewall configuration backups affected all...
By Dark Reading
News•Feb 26, 2026
Does Implementing Agentic AI Fit the Budget of SMBs
Non‑human identities (NHIs) such as machine‑generated secrets are becoming a critical attack surface, prompting organizations to adopt comprehensive NHI management across discovery, classification, detection and remediation stages. Effective NHI programs deliver reduced breach risk, regulatory compliance, and operational efficiencies through...
By Security Boulevard
News•Feb 26, 2026
How Smart Are NHIs in Managing Complex Security Environments
Non‑Human Identities (NHIs) are machine credentials that protect data in cloud‑first environments. The article outlines a full NHI lifecycle—from discovery to remediation—and stresses that piecemeal tools fall short. It highlights industry‑specific challenges, such as patient data in healthcare and DevOps...
By Security Boulevard
News•Feb 26, 2026
Infotrust to Reinvest $50M From Nexgen Sale Into Shoring up Sovereign Security
Infotrust has sold its cloud and communications arm Nexgen to Aussie Broadband for up to $50 million, freeing capital to accelerate its sovereign cyber‑security strategy. The proceeds will be redeployed into identity, data‑privacy and broader federal‑government capabilities, as well as potential...
By ARN (Australia)
News•Feb 26, 2026
Can Agentic AI Effectively Handle Enterprise Security Needs
Enterprises are turning to Non‑Human Identity (NHI) management to close security gaps created by machine‑generated accounts and their secrets. By automating discovery, classification, monitoring and decommissioning, organizations can reduce breach exposure while cutting operational costs. Centralized NHI platforms deliver real‑time...
By Security Boulevard
News•Feb 26, 2026
How Can Agentic AI Improve Digital Security Processes
Agentic AI is emerging as a transformative layer for digital security by automating the management of Non‑Human Identities (NHIs) and their secrets. The technology enables proactive threat detection, automated response, and continuous visibility, allowing security teams to shift focus toward...
By Security Boulevard
News•Feb 26, 2026
ServiceNow AI Platform Vulnerability Enables Unauthenticated RCE
ServiceNow disclosed and patched a critical vulnerability, CVE-2026-0542, in its AI Platform that could allow unauthenticated remote code execution. The flaw bypasses the ServiceNow Sandbox, affecting web interfaces, API endpoints, and automation modules, and carries a CVSS rating of 9.8....
By eSecurity Planet
News•Feb 26, 2026
Idemia PS Deal Brings Growing Number of US mDLs to Trinsic’s Digital Identity Network
Trinsic has integrated Idemia Public Security’s mobile driver’s license (mDL) solution into its Digital Identity Acceptance Network, adding support for mDLs issued in New York, Arkansas, Iowa, West Virginia and Kentucky. Idemia, the leading U.S. provider of state‑backed mDLs, also serves three...
By Biometric Update
News•Feb 26, 2026
Project Compass Is Europol’s New Playbook for Taking on The Com
Project Compass, a Europol‑led operation backed by 28 nations including the Five Eyes, began in January 2025 to dismantle the transnational youth‑focused cybercrime network known as The Com. Since its launch the initiative has secured 30 arrests, fully or partially...
By CyberScoop
Blog•Feb 26, 2026
ProcessUnity Research Finds Third-Party Risk Management Confidence Outpaces Breach Reality
ProcessUnity’s State of Third‑Party Risk Assessments 2026, conducted with the Ponemon Institute, surveyed 1,465 risk leaders and found a stark disconnect between confidence in TPRM programs and actual breach outcomes. Respondents report an average of 12 third‑party breaches per year...
By Corporate Compliance Insights
News•Feb 26, 2026
Senate Moves One Step Closer to Passing Health Care Cyber Reforms
The Senate Health, Education and Labor Committee approved the bipartisan Health Care Cybersecurity and Resiliency Act by a 22‑1 vote, with only Sen. Rand Paul dissenting. The legislation obliges the Department of Health and Human Services to craft a cybersecurity...
By CyberScoop
News•Feb 26, 2026
FedRamp 20x Opens the Door to Fast Access to Secure Services
FedRAMP 20x redesigns the federal cloud‑security authorization process by eliminating the agency sponsor requirement and introducing a cloud‑native path that can deliver approvals in weeks instead of years. Automation replaces narrative controls with machine‑readable evidence, targeting over 80% validation through continuous‑monitoring...
By FedTech Magazine
Blog•Feb 26, 2026
Control System Cyber Incidents and Network Breaches Are “Apples and Oranges”
Joe Weiss argues that network‑focused breach statistics, such as those in the 2025 Verizon Data Breach Report, do not capture the reality of control‑system cyber incidents. While IT and OT network teams track data loss, ransomware and malicious traffic, control‑system...
By Control Global Blogs
News•Feb 26, 2026
IonQ Deploys Romania’s National Quantum Communication Infrastructure (RoNaQCI)
IonQ has rolled out Romania’s National Quantum Communication Infrastructure (RoNaQCI), creating a 1,500‑kilometer quantum‑key‑distribution (QKD) network that links six major cities. The system comprises 36 quantum‑secured links, accounting for more than 20% of Europe’s terrestrial quantum communications capacity. Leveraging wavelength‑division...
By Quantum Computing Report
News•Feb 26, 2026
Mike Pezzullo Reflects on Action Following Major ANU Data Breach
Former public servant Mike Pezzullo addressed the Universities Australia Solutions Summit, reflecting on the 2019 cyber‑attack that compromised nearly 20 years of Australian National University (ANU) student and staff records. The breach, attributed to Chinese state‑linked threat actors, exposed bank...
By The Mandarin (Australia)
News•Feb 26, 2026
Low-Code by Design: A Practical Way to Modernize Identity Governance
Low‑Code by Design reframes identity governance automation by building reusable, metadata‑driven integration modules instead of bespoke scripts. The approach captures application attributes such as account models and correlation rules, allowing a single tested component to be configured for many systems....
By IDPro – Blog/News
News•Feb 26, 2026
Huawei Takes Part in EU Research Programs Despite Commission Crackdown
Huawei is participating in 16 Horizon Europe research projects despite being labeled a high‑risk supplier by the European Commission. Fifteen of the contracts were signed before the 2023 ban, while a sixth‑year project was deemed outside the restriction scope. The...
By Politico Europe – Technology
News•Feb 26, 2026
$3M FanDuel Fraud Case Shows Why Online Gambling Needs Biometric IDV, Liveness
Federal prosecutors charged two Connecticut men with a $3 million fraud scheme that exploited knowledge‑based authentication on FanDuel, DraftKings and BetMGM. The perpetrators harvested personal data from roughly 3,000 victims using services such as TruthFinder and BeenVerified to open fraudulent gambling...
By Biometric Update
News•Feb 26, 2026
AWS Security Hub Extended Brings Enterprise Security Under One Roof
AWS Security Hub Extended introduces a bundled plan that lets enterprises procure, deploy, and manage a full‑stack security suite covering endpoints, identity, email, network, data, browsers, cloud, AI, and security operations from a single console. The offering expands protection beyond...
By Help Net Security
News•Feb 26, 2026
India and Israel Sign Tech and Cyber Security Pacts During Modi's Trip
During Prime Minister Narendra Modi’s state visit, India and Israel signed multiple agreements to deepen cooperation in technology and cybersecurity. The pacts create a joint innovation fund, enable real‑time cyber‑threat intelligence sharing, and launch collaborative projects in artificial intelligence, quantum...
By Nikkei Asia – Economy
News•Feb 26, 2026
European DYI Chain ManoMano Data Breach Impacts 38 Million Customers
ManoMano, a leading European DIY e‑commerce platform, disclosed a data breach affecting roughly 38 million customers after hackers compromised a Tunis‑based third‑party customer support provider. The breach exposed personal details such as names, email addresses, phone numbers, and support ticket communications,...
By BleepingComputer
News•Feb 26, 2026
The NIST OSCAL Framework for State and Local Governments
NIST’s Open Security Controls Assessment Language (OSCAL) gives state and local governments a machine‑readable alternative to spreadsheets, Word files, and PDFs for security‑control documentation. By encoding controls, implementations, and assessment results in JSON, XML or YAML, agencies can automate validation,...
By StateTech Magazine
News•Feb 26, 2026
Act Now to Battle Data Exfiltration
Accounting firms are facing a surge in data‑exfiltration attacks, where cybercriminals silently steal sensitive financial records to extort victims or sell the data. Traditional detection tools often miss covert channels, encrypted uploads, and traffic mimicry, leaving firms vulnerable. The average...
By Accounting Today
News•Feb 26, 2026
Critical Juniper Networks PTX Flaw Allows Full Router Takeover
Juniper Networks disclosed a critical CVE‑2026‑21902 vulnerability in the On‑Box Anomaly Detection framework of its Junos OS Evolved running on PTX Series routers. The flaw lets an unauthenticated attacker reach a root‑level service over an external port, enabling full device...
By BleepingComputer
News•Feb 26, 2026
Olympique Marseille Confirms 'Attempted' Cyberattack After Data Leak
Olympique de Marseille confirmed it was the target of an attempted cyberattack after a threat actor claimed to have breached its servers and leaked a sample of a database containing staff and supporter information. The club said its technical teams...
By BleepingComputer
News•Feb 26, 2026
Aeternum Botnet Shifts Command Control to Polygon Blockchain
Aeternum, a newly discovered botnet loader, has moved its command‑and‑control (C2) infrastructure onto the Polygon blockchain, using smart contracts to issue instructions. By writing commands as immutable blockchain transactions, the botnet eliminates the traditional servers and domains that law‑enforcement typically...
By Infosecurity Magazine
News•Feb 26, 2026
Greek Court Sentences Predator Spyware Gang
A Greek court sentenced four individuals, including two Israelis, to prison for operating the illegal Predator spyware that targeted politicians, journalists and business executives. The defendants—linked to the Israeli firm Intellexa—were convicted of breaching telephone confidentiality and illegal data access....
By Politico Europe – Technology
News•Feb 26, 2026
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
Cisco Talos has identified a new threat cluster, UAT-10027, delivering a novel backdoor called Dohdoor that leverages DNS‑over‑HTTPS for command‑and‑control. The malware uses DLL side‑loading through legitimate Windows executables and drops a Cobalt Strike beacon that unhooks NTDLL calls to evade...
By The Hacker News
News•Feb 26, 2026
Why Europe Can’t Defend What It Can’t Connect
Europe faces its most contested security decade since the Cold War, with the digital backbone—networks, data infrastructures and connectivity—now the primary frontline. Recent blackouts in Portugal and Spain illustrate how digital failures become national security events, while adversaries target subsea...
By Politico Europe – Technology
News•Feb 26, 2026
Contrast Security Integration Brings Verified Application Risk Into ServiceNow Workflows
Contrast Security’s integration with ServiceNow Application Vulnerability Response (AVR) streams verified, runtime‑backed vulnerabilities directly into ServiceNow tickets, uniting detection and remediation workflows. The bidirectional sync supplies exploitability evidence, code location and environment context, eliminating manual validation steps. This enables security...
By ChannelE2E
Blog•Feb 26, 2026
Forescout and Netskope Deliver Universal Zero Trust Integration Across Managed and Unmanaged Devices
Forescout Technologies and Netskope announced a strategic integration that unifies Zero Trust security across managed and unmanaged devices, including IT, OT, IoT, and IoMT assets. The solution merges Forescout’s real‑time device intelligence with Netskope’s AI‑driven cloud security to enforce consistent...
By IT Security Guru
News•Feb 26, 2026
Ransomware Payment Rate Drops to Record Low as Attacks Surge
Chainalysis reports ransomware victims paid only 28% of demanded sums in 2025, the lowest rate on record despite a 50% surge in attacks. Total on‑chain ransomware payments are near $820 million and could exceed $900 million as attribution improves. While the number...
By BleepingComputer
News•Feb 26, 2026
Versa Launches Sovereign SASE-As-A-Service As ‘Something New’ In Partners’ Toolkits
Versa has introduced the world’s first sovereign SASE‑as‑a‑Service, extending its earlier sovereign SASE model to a fully managed, in‑country offering. The service provides local control, management, and storage to satisfy data‑residency regulations such as the U.S. CLOUD Act. Versa reports...
By CRN (US)
Blog•Feb 26, 2026
AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds
Black Duck's 2026 Open Source Security and Risk Analysis report finds open source vulnerabilities in commercial codebases have more than doubled year‑on‑year. The average application now contains 581 vulnerabilities, a 107% increase, with 98% of codebases using open source components....
By IT Security Guru
News•Feb 26, 2026
Phishing‑Led Agent Tesla Campaign Uses Process Hollowing and Anti‑Analysis to Evade Detection
Agent Tesla’s newest campaign leverages a multi‑stage, fileless delivery chain that begins with a phishing email containing a RAR‑packed JSE loader. The loader fetches an AES‑encrypted PowerShell script, which executes entirely in memory and uses process hollowing to inject malicious...
By GBHackers On Security
News•Feb 26, 2026
How to Cut MTTR by Improving Threat Visibility in Your SOC
Mean Time to Respond (MTTR) is a critical KPI linking security speed to business risk. The article explains that poor threat visibility—stale data, alert overload, fragmented tools—drives MTTR higher, while high‑quality, execution‑verified threat intelligence can compress response times. ANY.RUN’s sandbox‑derived...
By HackRead