🎯Today's Cybersecurity Pulse
Updated 1h agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Jan 19, 2026
British Army to Spend £279 Million on Permanent Cyber Regiment Base
The British Army will invest £279 million to build a permanent base for its 13 Signal Regiment at Duke of Gloucester Barracks in Gloucestershire. The new facility will house cyber training, operations, and the Army’s Cyber, Information and Security Operations Centre, enhancing network defence capabilities. Construction starts in 2027 with completion slated for 2030, creating 92 jobs, including 32 apprenticeships. The move responds to over 90,000 cyber attacks on UK military networks in the past two years.
By Help Net Security
News•Jan 19, 2026
Why FinCrime Detection Is Delayed and How to Fix It
FinCrime detection latency occurs when the signal arrives late or lacks context, not because analysts are slow. Opoint outlines four timestamps—event, first public mention, internal awareness, and decision—to expose where delays happen. Early‑stage OSINT, especially from non‑English sources, can close...
By Fintech Global
News•Jan 19, 2026
TMT Expands Digital Trust and Safety with Microsoft Publishers
The Media Trust (TMT) announced a partnership to bolster digital trust and safety within Microsoft’s advertising ecosystem. Leveraging TMT’s proprietary AI detection, global infrastructure, and malware‑analysis teams, the collaboration will deliver real‑time threat detection and mitigation for malware, redirects, and...
By AI-TechPark
News•Jan 19, 2026
Threat Hunting in 2026: Why Proactive Defence Is the Only Way Forward
Threat hunting is shifting from reactive incident response to proactive, pattern‑based defense as attackers repeatedly exploit known vulnerabilities. Experts at Qualys argue that focusing on adversary telemetry—such as weaponization, ransomware links, and dark‑web chatter—enables teams to anticipate exploitation cycles. Automation...
By The Cyber Express
News•Jan 19, 2026
Oligo Appoints Shira Bendkowski as VP of Product
Oligo Security announced Shira Bendkowski as its new Vice President of Product. Bendkowski, formerly VP of Product at Aqua Security and head of product at XM Cyber, will steer Oligo’s product vision for runtime security across applications, cloud, workloads, and...
By AI-TechPark
News•Jan 19, 2026
PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses
Researchers have uncovered PDFSIDER, a backdoor malware that exploits DLL side‑loading in the legitimate PDF24 Creator application to evade endpoint detection and response tools. The malicious payload is delivered via spear‑phishing ZIP archives, signed with valid certificates, and replaces the...
By GBHackers On Security
News•Jan 19, 2026
Argus: Python-Based Recon Toolkit Aims to Boost Security Intelligence
Argus v2.0, a Python‑based reconnaissance toolkit, launches with 135 specialized modules unified under a professional command‑line interface. The overhaul adds multi‑threaded execution, over 25 CLI commands, and four deployment options—including pip, Docker, script, and direct Python. It integrates major threat‑intelligence...
By GBHackers On Security
News•Jan 19, 2026
SEON Identity Verification Combines KYC Checks with Real-Time Fraud Intelligence
SEON introduced an AI‑powered Identity Verification solution that combines document validation, biometric liveness detection, proof‑of‑address checks, and optional government database queries within its unified risk platform. The service draws on more than 900 real‑time fraud signals to evaluate both the...
By Help Net Security
News•Jan 19, 2026
SIOS Technology VP of CX Cassius Rhue Shares 2026 IT Predictions
SIOS Technology’s Vice President of Customer Experience, Cassius Rhue, outlined a forward‑looking vision for high‑availability (HA) and disaster‑recovery (DR) solutions through 2026. He predicts HA will evolve from pure uptime guarantees to a strategic pillar for hybrid‑cloud resilience, cybersecurity, AI...
By AI-TechPark
News•Jan 19, 2026
Global Tensions Are Pushing Cyber Activity Toward Dangerous Territory
Geopolitical rivalries are increasingly manifesting as cyber operations that target critical infrastructure, disinformation networks, and supply‑chain dependencies. Recent incidents—from the Ukrainian power‑grid outage to a Norwegian dam breach—illustrate how state actors can weaponize digital tools against civilian services. AI‑generated disinformation...
By Help Net Security
News•Jan 19, 2026
Rubrik Introduces Security Cloud Sovereign for Data Sovereignty and Regulatory Compliance
Rubrik unveiled Security Cloud Sovereign, a data‑protection platform that keeps all data, metadata, and control planes inside a customer‑chosen jurisdiction. The solution offers immutable safeguards that prevent encryption, deletion, or alteration even if attackers gain elevated access. Integrated threat‑detection analytics...
By Help Net Security
News•Jan 19, 2026
Outsourcing IT Support: Benefits, Risks, and Smart Next Steps
The episode outlines how fast‑growing SaaS companies can outsource IT support by contracting for clear outcomes, defining precise scopes, and applying zero‑trust controls. It emphasizes data‑driven metrics such as First Contact Resolution, MTTR, and CSAT to justify the move, while...
By Security Boulevard
News•Jan 19, 2026
Why Wrench Attacks Are Becoming One of the Most Violent Forms of Crypto Crimes
Wrench attacks are physical coercion crimes that force cryptocurrency holders to reveal credentials or authorize transfers, bypassing technical defenses. The phenomenon gained headlines after the 2025 kidnapping of Ledger co‑founder David Balland and has accelerated as crypto market capitalisation climbs, with...
By Cointelegraph
News•Jan 19, 2026
Review: AI Strategy and Security
AI Strategy and Security, authored by Dr. Donnie W. Wendt, is a practical guide for technology leaders and security professionals designing enterprise AI programs. The book maps AI adoption to business objectives, outlines readiness assessments, and defines a comprehensive team...
By Help Net Security
News•Jan 19, 2026
7 Top Cybersecurity Projects for 2026
The 2026 cybersecurity roadmap highlights seven priority projects for CISOs, ranging from AI‑aware identity and access management to advanced email protection, autonomous code‑vulnerability discovery, and enterprise‑wide zero‑trust adoption. Leaders emphasize extending IAM controls to non‑human agents, leveraging small language models...
By CSO Online
News•Jan 19, 2026
Researchers Hijack Hacker Domain Using Name Server Delegation
Infoblox researchers exploited a DNS misconfiguration called lame nameserver delegation to seize control of abandoned hacker domains. Within hours they intercepted over 57 million push‑notification logs from roughly 120 misconfigured domains, capturing traffic at 30 MB per second. The data exposed a...
By GBHackers On Security
News•Jan 19, 2026
Bytebase: Open-Source Database DevOps Tool
Bytebase is an open‑source DevOps platform that streamlines database schema and data changes through a structured change‑request workflow. It lets teams submit SQL changes, run automated reviews, and track executions across development, staging, and production environments. The tool includes built‑in...
By Help Net Security
News•Jan 19, 2026
Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages
Huntress researchers uncovered a malicious Chrome extension, NexShield, that masquerades as the legitimate uBlock Origin Lite ad blocker. The extension installs a delayed denial‑of‑service loop, then displays a fake crash warning that tricks users into running a PowerShell command which...
By GBHackers On Security
News•Jan 19, 2026
Traveling? ‘Evil Twin’ WiFi Networks Can Steal Crypto Passwords
Evil Twin attacks clone legitimate Wi‑Fi hotspots, luring travelers to connect and exposing them to credential theft. The method is prevalent in airports, cafés, hotels and conference venues, where attackers intercept traffic and harvest exchange logins, 2FA codes, or seed...
By Cointelegraph
News•Jan 19, 2026
Entity Resolution Vs. Identity Verification: What Security Teams Actually Need
The episode clarifies the distinction between identity verification—confirming a person’s claimed identity at a specific moment—and entity resolution—linking disparate identity fragments into a unified profile. It explains why security teams, facing credential exposure and reuse, need entity resolution combined with...
By Security Boulevard
News•Jan 19, 2026
Return Fraud, Counterfeits and Other Scams: 2025 Was a Banner Year
2025 proved a banner year for retail fraud, with the OECD and EUIPO estimating counterfeit sales near US$467 billion and Liquidonate reporting US$127 billion in fraudulent returns alone. Online returns now outpace in‑store returns three‑to‑one, creating fertile ground for tactics like wardrobing,...
By Inside Retail Australia
News•Jan 19, 2026
Why Financial Analysts Need Robust PC Security—And How Online Cleaners Help
Financial analysts face heightened cyber risk, making workstation hygiene essential. Modern online PC cleaners now combine malware detection, registry repair, and privacy safeguards, turning routine maintenance into a security layer. Paid solutions add real‑time monitoring, frequent definition updates, and enterprise...
By TechBullion
News•Jan 19, 2026
New OpenAI Leak Hints at Upcoming ChatGPT Features
OpenAI is quietly testing a major ChatGPT web update slated for rollout in the next few weeks. The preview, dubbed “Salute,” adds a task‑creation interface with file uploads and progress tracking. Additional changes include a model‑preference flag aimed at hospitality‑specific...
By BleepingComputer
News•Jan 19, 2026
OAuth Scopes & Consent: Complete Guide to Secure API Authorization
The episode explains OAuth scopes as granular permission strings that let users grant apps only the access they need, illustrating real‑world examples from healthcare, retail, and finance and showing how consent screens translate technical scopes into plain language. It covers...
By Security Boulevard
Blog•Jan 18, 2026
Hacktivists Hijacked Iran ’S State TV to Air Anti-Regime Messages and an Appeal to Protest From Reza Pahlavi
Hackers seized control of Iran’s Badr satellite on Jan 18, 2026, broadcasting a ten‑minute anti‑regime video featuring exiled Crown Prince Reza Pahlavi. The clip urged citizens to keep protesting and called on the military to join demonstrators. The intrusion occurred amid a...
By Security Affairs
News•Jan 18, 2026
Hundreds Answer Europe's 'Public Call for Evidence' On an Open Digital Ecosystem Strategy
The European Commission launched a public call for evidence on open digital ecosystems, running from 6 January to 3 February 2026. More than 370 submissions have already been received, reflecting strong stakeholder interest. The evidence will shape a Commission communication that outlines concrete...
By Slashdot
News•Jan 18, 2026
Microsoft Releases OOB Windows Updates to Fix Shutdown, Cloud PC Bugs
Microsoft issued emergency out‑of‑band (OOB) updates for Windows 10, Windows 11, and Windows Server after the January 2026 Patch Tuesday introduced two critical bugs. The first bug broke credential prompts for Microsoft 365 Cloud PC and Azure Virtual Desktop sessions, while the second prevented...
By BleepingComputer
.webp?ssl=1)
News•Jan 18, 2026
How Security Teams Use IP Location and DNS History In Cybercrime Investigation
Security teams start cybercrime investigations with a single alert—often a suspicious IP or login—and quickly need context beyond raw logs. By enriching that alert with IP location data and DNS history, analysts can identify geographic anomalies, hosting providers, and past...
By GBHackers On Security
News•Jan 18, 2026
NDSS 2025 – Compiled Models, Built-In Exploits
Researchers at NDSS 2025 unveiled a systematic study of bit‑flip attacks targeting deep‑learning executables compiled by modern DL compilers. Unlike prior work that focused on flipping weights within frameworks, the new approach exploits publicly known model structure embedded in the...
By Security Boulevard
News•Jan 18, 2026
4 in 5 Small Businesses Had Cyberscams Last Year, Almost Half Were AI Powered
A recent Identity Theft Resource Center survey shows that four out of five small businesses experienced a cyber‑scam or breach in the past year, with almost half of those attacks powered by artificial intelligence. The study found that 38% of...
By DataBreaches.net
News•Jan 18, 2026
Japanese Nuclear Regulator Employee Loses Phone Containing Sensitive Info in China
Japan’s Nuclear Regulation Authority disclosed that an employee lost a government‑issued smartphone while on a personal trip to China in November. The device contained a database of contact information for senior nuclear officials, plant operators, and emergency responders, classified as...
By DataBreaches.net
News•Jan 18, 2026
80% of Hacked Crypto Projects Never ‘Fully Recover,’ Expert Warns
Nearly four out of five crypto projects hit by a major hack never fully recover, according to Immunefi CEO Mitchell Amador. He attributes the low survival rate to operational paralysis, lack of incident‑response plans, and breakdowns in communication that erode...
By Cointelegraph
News•Jan 18, 2026
Google Chrome Now Lets You Turn Off On-Device AI Model Powering Scam Detection
Google Chrome now lets users delete the on‑device AI model that powers the Enhanced Protection feature, which uses generative AI to detect scams, malicious downloads, and risky extensions. The toggle appears in Settings > System under “On‑device GenAI.” The capability is currently...
By BleepingComputer
Blog•Jan 17, 2026
Amera IoT Unveils Quantum-Proof Encryption Backed by 14 US Patents
Amera IoT introduced AmeraKey® Encryption, a quantum‑proof solution backed by 14 U.S. patents. The system creates identical encryption keys on both ends of a link using a Picture‑and‑PIN method, eliminating the need to transmit keys or ciphertext. By leveraging transmission‑free...
By Quantum Zeitgeist
Blog•Jan 17, 2026
NEXCOM Unveils Quantum-Resistant Platforms at MWC Barcelona 2026
NEXCOM announced at MWC Barcelona 2026 a suite of quantum‑resistant platforms that embed post‑quantum cryptography (PQC) frameworks for long‑term data protection. The rollout targets telecom, enterprise and industrial networks, emphasizing edge security and resilient networking. Alongside the PQC platforms, the...
By Quantum Zeitgeist
Social•Jan 17, 2026
Newsrooms Must Adopt Holistic Safety Beyond Digital Checklists
I spoke to @CJR about the FBI seizing devices from a @washingtonpost reporter and what newsrooms should know. The way forward here is more than just a digital security checklist, but a holistic focus on safety: physical, digital, emotional, legal....
By Runa Sandvik
News•Jan 17, 2026
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Ukrainian and German authorities have arrested two Ukrainian suspects linked to the Black Basta ransomware‑as‑a‑service operation and placed its alleged Russian leader, Oleg Nefedov, on the EU Most Wanted and INTERPOL Red Notice lists. The gang, which emerged in 2022, infiltrated over...
By The Hacker News
News•Jan 17, 2026
A Faceless Hacker Stole My Therapy Notes – Now My Deepest Secrets Are Online Forever
Finnish psychotherapy provider Vastaamo suffered a massive data breach, exposing personal and therapy records of about 33,000 patients. Hackers contacted victims, demanding Bitcoin payments under threat of publishing the sensitive information. In September 2025, a Helsinki court released the alleged...
By DataBreaches.net
News•Jan 17, 2026
JFrog Researchers Uncover RCE Exploit for Existing Redis Database Vulnerability
JFrog researchers have demonstrated a remote code execution (RCE) exploit for Redis vulnerability CVE‑2025‑62507, leveraging a stack buffer overflow triggered by the XACKDEL command with multiple IDs. The flaw, originally rated 8.8 CVSS, now warrants urgent patching to Redis version 8.3.2....
By Security Boulevard
Blog•Jan 17, 2026
Update: hash.py Version 0.0.14
Didier Stevens released hash.py version 0.0.14 on 17 January 2026. The update is labeled a bug‑fix release and is available as a zip archive. The post provides both MD5 (66A205915A280CC474541053739B8EDD) and SHA‑256 (C459B75F132BB4AA394D8EA27A79F409C446AAA67536946673EC824EA9219F9F) checksums for verification. No additional features are announced, emphasizing stability...
By Didier Stevens’ Blog
News•Jan 17, 2026
How Attackers Target Financial Applications and VAPT Stops Them?
Financial applications faced a staggering 1.2 billion attacks in 2025, double the frequency of other sectors. Exploitation of known CVEs jumped 74%, while API abuse and business‑logic flaws emerged as primary breach vectors. The report underscores the necessity of Vulnerability Assessment...
By Security Boulevard
News•Jan 17, 2026
Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover
Security researchers identified two critical cross‑site scripting flaws in Meta’s Conversions API Gateway that enable zero‑click Facebook account takeover. The client‑side XSS stems from improper postMessage origin validation, while a stored XSS arises from unsafe string concatenation in the backend...
By GBHackers On Security
News•Jan 17, 2026
Identity Management Challenges in Pharma & Biotech SaaS Platforms (And How to Solve Them)
Pharma and biotech firms are accelerating SaaS adoption for drug discovery, clinical trials, and manufacturing, but fragmented identity and access management (IAM) threatens compliance and intellectual‑property protection. The life‑sciences software market hit $16.1 billion in 2024 and is growing 11‑13% annually,...
By Security Boulevard
News•Jan 17, 2026
Best Security Awareness Training Platforms For 2026
The 2026 roundup identifies the ten leading security awareness training platforms, highlighting AI‑driven phishing simulations, micro‑learning, gamification, and comprehensive compliance reporting. Solutions such as KnowBe4, Proofpoint, and Cofense demonstrate measurable risk reductions, with industry benchmarks showing up to an 80%...
By GBHackers On Security
News•Jan 16, 2026
Is Your Data Truly Secure with Free AI Tools
Enterprises are increasingly dependent on non‑human identities (NHIs) such as tokens, keys, and certificates to power cloud and DevOps workflows. The article argues that many organizations still treat these machine passports like afterthoughts, exposing them to breach risk and compliance...
By Security Boulevard
News•Jan 16, 2026
Can We Be Certain AI Keeps Cloud Data Secure
Non‑human identities (NHIs) are machine credentials—secrets, tokens, keys—essential for securing cloud environments. Organizations across finance, healthcare, and travel are shifting from point solutions like secret scanners to comprehensive NHI management platforms that cover discovery, classification, monitoring, and decommissioning. The article...
By Security Boulevard
News•Jan 16, 2026
Is Advanced AI Security Affordable for Small Businesses
Small businesses can adopt AI‑driven security without breaking the bank by choosing scalable, subscription‑based or open‑source solutions that integrate with existing infrastructure. Managing Non‑Human Identities (NHIs) with automated discovery and lifecycle tools further reduces breach risk and compliance costs. A...
By Security Boulevard
News•Jan 16, 2026
How Is AI Improving the Management of Cloud Secrets
Non‑human identities (NHIs) such as machine tokens and keys now outnumber human accounts, making their secret management a critical security priority. Organizations are shifting from point‑solution secret scanners to comprehensive NHI platforms that cover discovery, classification, monitoring, and automated rotation....
By Security Boulevard
News•Jan 16, 2026
How AI Impacts the Cyber Market and The Future of SIEM
The rise of large‑language models is prompting a fundamental rethink of cyber‑security architectures, especially around Security Information and Event Management (SIEM). After decades of network‑centric prevention, data‑heavy SIEMs, and the EDR‑driven response era, AI has sparked a fifth phase where...
By Security Boulevard
News•Jan 16, 2026
More Problems for Fortinet: Critical FortiSIEM Flaw Exploited
Fortinet disclosed a critical OS‑command‑injection flaw in its FortiSIEM platform (CVE‑2025‑64155) on Jan. 13, assigning it a 9.4 CVSS rating. The vulnerability enables unauthenticated remote code execution via crafted TCP requests to the phMonitor service. Within days, security firm Defused reported...
By Dark Reading