Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
New Report From the MPA’s Content Security Initiative Links Control Failures to Content Security Incidents Across the Entertainment Industry
The Motion Picture Association’s Trusted Partner Network released the TPN STAR Report, the first industry‑wide study linking security‑assessment data to real‑world content‑security incidents. The report finds that while most studios have basic policies, inconsistent execution of technical controls—especially MFA, vulnerability management, and cloud configuration—creates exploitable gaps. Security alerts in Q1 2026 outpaced the entire previous year, driven by credential‑based attacks and delayed patching. The findings call for continuous monitoring, faster remediation, and broader adoption of Zero‑Trust architectures across the entertainment supply chain.
Why Backing Up Your Microsoft 365 Data Is Only Half the Job
Microsoft 365 has transformed from a suite of web apps into the enterprise’s central control plane, intertwining identity, collaboration, security, and workflow. While Microsoft secures the underlying platform, customers now shoulder configuration, access delegation, and governance responsibilities. A breach at a...
Building Cyber Resilience Through Zero Trust in the Public Sector
Public sector agencies are prime cyber‑crime targets, prompting governments to replace perimeter defenses with identity‑led Zero Trust models. In Australia, Zero Trust is codified in the 2025 Protective Security Policy Framework and reinforced by state strategies such as NSW’s 2026‑2028...
U.S. Ends Investigation Into Claims WhatsApp Chats Aren’t Private
The U.S. Commerce Department abruptly ended a 10‑month investigation into allegations that Meta Platforms can access and store unencrypted WhatsApp messages. The probe, led by an export‑control agent who claimed Meta viewed all content, was shut down at senior agency...
CyberHeed Pushes Beyond Checkbox Compliance with SmartPrep
CyberHeed, a Melbourne startup, is expanding its SmartPrep platform to serve as a foundational "compliance brain" for organizations at any maturity level. The tool reuses up to 60% of work across different GRC frameworks, shifting focus from certificate‑driven compliance to...
Federal Drawdown of Election Support ‘Destroyed’ Ongoing Relationships, Experts Say
Federal efforts under President Trump to scale back the Cybersecurity and Infrastructure Security Agency (CISA) have stripped election‑security staff, halted disinformation teams and eliminated the agency’s election program in the FY 2027 budget proposal. State officials in Michigan and Georgia testified...
Always-On Defence Becomes Critical as AI Accelerates Cyber Threats: Infotrust
Cybersecurity leaders warn that AI‑driven automation is accelerating attack speed, forcing organisations to shift from periodic checks to an always‑on defence model. Infotrust CEO Simon McKay notes attackers now have access to the same AI tools used by defenders, enabling larger‑scale...
Exclusive: OpenAI, Anthropic Meet with House Homeland Security Behind Closed Doors on Cyber Threats
OpenAI and Anthropic briefed the House Homeland Security Committee staff in classified sessions about their new cyber‑capable AI models—OpenAI’s tiered‑release GPT‑5.4‑Cyber and Anthropic’s Mythos Preview, which remains unreleased due to exploit risks. Both firms are granting federal agencies direct access...
Broken VECT 2.0 Ransomware Acts as a Data Wiper for Large Files
Researchers have identified a critical flaw in the VECT 2.0 ransomware that causes it to act as a data wiper for files larger than 128 KB. The ransomware, promoted on BreachForums and linked to the TeamPCP threat group, targets victims of recent...
Spam/Phishing E-Mails
David Jensen issued a brief security alert to his Substack subscribers, warning that scammers are sending emails that appear to come from him. The fraudulent messages request recipients to sign up for services or join messaging apps. Jensen urges readers...
Shift to SSI Could Preserve Security of India’s Digital Ecosystem at Scale
The Data Security Council of India and the Digi Yatra Foundation released a joint paper urging a shift to self‑sovereign identity (SSI) for India’s digital ecosystem. It argues that centralized identity systems like Aadhaar are straining under scale, privacy expectations,...
Hackers Are Exploiting a Critical LiteLLM Pre-Auth SQLi Flaw
Researchers have identified a critical pre‑authentication SQL injection flaw (CVE‑2026‑42208) in the open‑source LiteLLM gateway, which routes LLM API calls. The vulnerability lets attackers send a crafted Authorization header to read or modify the proxy’s database, exposing stored API keys,...
Treasury Missed Security Controls in Giving DOGE System Access, GAO Finds
The Government Accountability Office (GAO) released a report revealing that the Treasury Department granted a Department of Government Efficiency (DOGE) associate access to its three payment systems without adhering to required security controls. The associate, identified by GAO as matching...
The Founder of Scholly Sold His Scholarship App to Sallie Mae. He Says They Fired Him for Asking Why They...
Sallie Mae bought scholarship‑matching app Scholly in 2023, gaining access to its five million users. Founder Christopher Gray has filed a Delaware lawsuit and an SEC whistleblower complaint, alleging he was fired after warning the acquirer about selling users' personal...
Google and Mastercard Contribute Agentic Commerce Standards to FIDO Alliance
The FIDO Alliance announced two new technical working groups to create open standards for AI‑agent authentication and commerce. Google donated its Agent Payments Protocol (AP2) and Mastercard contributed its Verifiable Intent framework to the Payments Working Group. The Agentic Authentication...
CVE-2026-3854 GitHub Flaw Enables Remote Code Execution
Researchers disclosed a critical GitHub vulnerability, CVE‑2026‑3854, that enables remote code execution through a single git push. The bug stems from unsanitized push‑option values that are embedded in internal service headers, allowing command injection across GitHub Enterprise Cloud, Enterprise Server,...
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
Former NSA Deputy Director Chris Inglis reflects on the 2013 Snowden disclosures, emphasizing that investigations found no illegal abuse of authority but that the fallout still damaged public trust. He argues Snowden bypassed internal reporting channels, highlighting systemic contractor‑management flaws...
Iran, Russia, and the Future of Cyber Warfare
In this episode, RAINN cyber analyst Haley Benedict breaks down the cyber dimension of the Iran‑Israel conflict, noting that Iranian cyber activity has been surprisingly muted—likely due to pre‑emptive defenses, leadership losses, and an internet blackout. She highlights hacktivist attacks,...
One Year After CVE-2025-31324: Lessons for ERP Security Leaders
One year after SAP disclosed CVE-2025-31324, the flaw continues to be exploited long after the vendor released a patch. Onapsis reports the vulnerability ranked among the three most frequently abused weaknesses of 2025, alongside Oracle E‑Business Suite and Microsoft SharePoint....
Oracle Cuts up to 30,000 Jobs, Shedding Senior Security Talent Amid 22% Revenue Surge
Oracle announced a global workforce reduction of 20,000‑30,000 employees, targeting senior security professionals like Nina Lewis despite a 22% year‑on‑year revenue jump. The cuts expose a tension between the company's growth ambitions and the operational capacity needed to sustain DevSecOps...
Federal CIO Cautious on Anthropic’s Mythos Despite Planned Rollout
Federal CIO Greg Barbaccia said the government will proceed with a measured rollout of Anthropic’s Mythos AI model, noting its promise for bolstering cyber defenses while emphasizing lingering uncertainties about real‑world performance. He has only seen lab‑based evaluations and no...
Elsight’s Halo, Its BLOS (Beyond Line-of-Sight) Connectivity Platform, Is Now Certified on the U.S. DCMA Blue UAS List, Enabling Faster...
Elsight's Halo beyond‑line‑of‑sight (BLOS) connectivity platform has been certified on the U.S. Defense Contract Management Agency (DCMA) Blue UAS List, confirming it meets the department’s rigorous supply‑chain and cybersecurity standards. The certification lets U.S. military units procure Halo directly through...
Russian Disinformation Operation Storm-1516 Generates Hundreds of Millions of Views on Social Media
A Russian influence operation known as Storm-1516 has posted more than 190 fabricated stories since August 2023, including a viral video linking Ukrainian President Volodymyr Zelenskiy to Jeffrey Epstein that alone drew 2.9 million views. The campaign, spread through the X...
Link Cyber Risk Directly to Financial Outcomes, Not Just Controls
How are you actually measuring cyber risk today? Frameworks are helpful, but they don’t always translate cleanly to business impact. Are you tying risk to financial outcomes or still working mostly in controls and maturity?
US Bill Would Require Warrants for Digital Surveillance, Biometric Searches
The House introduced the Surveillance Accountability Act (H.R. 8470), a bipartisan bill that would require a warrant for virtually all government searches of digital and biometric data, including facial recognition, license‑plate readers, cloud storage, and data‑broker records. The legislation amends...
Vidar Rises to Top of Chaotic Infostealer Market
Credential‑stealing malware Vidar has surged to become the most used infostealer on the Russian Market, overtaking Lumma and Rhadamanthys after law‑enforcement takedowns in 2025. Intrinsec’s report attributes the rise to a major upgrade and expanded distribution network, including phishing, fake...
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
Resilience’s new cyber‑insurance analysis translates technical threats into monetary loss, giving CISOs a data‑driven script for board budget discussions. The study of manufacturing claims from March 2021‑February 2026 shows ransomware responsible for 90% of incurred loss while representing only 12% of claims....
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded API key embedded in ClickUp’s public website allowed anyone to retrieve 959 corporate and government email addresses and 3,165 internal feature flags without authentication. The flaw, first reported in early 2025, remained active through April 2026, exposing sensitive...
Silence Laboratories Launches First Quantum-Safe Vault for Assets
Silence Laboratories has unveiled a commercial digital‑asset vault built to resist future quantum‑computer attacks. The solution combines the NIST‑approved post‑quantum ML‑DSA signature scheme with the firm’s existing multi‑party computation (MPC) custody framework. By running key‑share operations inside Google Cloud Confidential...
Apple Patches Bug that Exposed Deleted Signal Messages
Apple released an iOS 17.5.1 update that patches a bug allowing Signal’s deleted messages to be recovered from the phone’s notification database. The flaw kept notification previews for up to a month, even after users removed them within the app,...
Paragon Is Not Collaborating with Italian Authorities Probing Spyware Attacks, Report Says
Paragon Solutions, the Israeli‑American maker of Graphite spyware, has failed to answer a formal information request from Italian prosecutors investigating a 2024 hacking campaign that targeted journalists and activists. The company previously promised to assist the probe but instead cancelled...
Windows Silently Snapshots Screens for AI Training
Windows has over 1.4 billion active users. Almost none of them know their operating system is quietly taking snapshots of their screen to train Microsoft's AI. That is 1 of 18 hidden tracking mechanics Microsoft buried deep in the system settings. Here's all...
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
Brazilian cybercrime group LofyGang has resurfaced after a three‑year hiatus, launching a new Minecraft‑targeted campaign that distributes the LofyStealer (aka GrabBot) malware. The stealer is disguised as a popular Minecraft hack called "Slinky" and uses the game’s official icon to...
Cyber Command, NSA Chief Warns Foreign Adversaries Likely to Target Midterms
U.S. Cyber Command head Gen. Joshua Rudd told the Senate that foreign adversaries are likely to attempt interference in the 2024 midterm elections. He noted uncertainty about whether the Election Security Group, the joint task force used since 2018, has...
Police Arrest 10 Suspected Members of Black Axe Cybercrime Gang
Swiss police, in coordination with Europol, arrested ten suspected members of the Black Axe criminal network on 28 April 2026. The raids across multiple cantons captured the group’s Southern Europe regional head and several individuals of Nigerian origin accused of romance scams,...
IAM’s Adaptation for AI Agents Drives M&A Deals for Silverfort, iC Consult
Silverfort, a digital identity security firm, has acquired AI‑native provider Fabrix Security to embed Fabrix’s real‑time AI decision engine into its Runtime Access Protection platform. The combined solution aims to protect human, non‑human and agentic identities at runtime, addressing the...
Unified Employee Data Makes SOC 2 Compliance Effortless
Hot take: compliance feels complex because of how it gets handled. SOC 2 turns painful when teams try to recreate reality inside a compliance tool using integrations, exports, and manual checks. That’s what turns it into a second job. @Rippling takes a different...
US FMCSA Tightens ID Checks for Driver Database, Taps Idemia
The Federal Motor Carrier Safety Administration (FMCSA) announced stricter identity‑verification requirements for users of its Drug and Alcohol Clearinghouse, a database that flags commercial drivers barred for substance‑related offenses. The new rules target medical review officers, substance‑abuse professionals, third‑party administrators...
Harvey and Ansarada Unite to Offer Secure AI‑Powered Deal Document Workflows
Harvey and Ansarada have launched a partnership that integrates Ansarada’s AI‑driven virtual data rooms with Harvey’s legal AI platform, enabling secure, end‑to‑end deal document analysis and drafting. The integration preserves permissions, audit trails and governance, promising faster due‑diligence for law...
How Identity, Geopolitics and Data Integrity Define Cyber Resilience
The article argues that cyber resilience now hinges on three intertwined forces—identity, geopolitics, and data integrity. Identity weaknesses trigger roughly 90% of breaches, while fragmented global regulations leave 69% of firms scrambling. Data poisoning and unmanaged "shadow AI" expose 63%...
Recent Exploits Expose Infrastructure Gap Before Trillion‑Dollar On‑Chain Adoption
3 bridge incidents in 3 weeks sounds bad but i think the harder read is this, we have been asking the biggest institutions in the world to come onchain and trust us with trillions. How can we expect that while...
ShinyHunters Breach Carnival's Holland America Loyalty Program, Exposing 7.5 Million Emails
ShinyHunters announced a supply‑chain breach of Carnival Corp.’s Holland America Line loyalty database, leaking 8.7 million records and at least 7.5 million unique email addresses. Carnival confirmed the incident, saying it acted quickly to contain the attack and is working with security...
Join a No‑Pitch Virtual Roundtable on Transport Security
I'll be hosting a virtual roundtable tomorrow on securing transport systems. No pitches, just real discussion with cybersecurity leaders. Great way to network and learn. If you're interested, register now at: https://buff.ly/L7CxprA
Social Media Scams Surge 8‑Fold, Cost $2.1 B
Scams that *start on social media* have increased 8x since 2020, including: - Investment Scams (crypto scams, fraud investments) - Shopping Scams (bogus items via scam ads/listings) - Romance Scams (fake crisis to steal $, fraud investment reccs) Reported losses = $2.1 billion https://t.co/qyYjhuNEae
Turning Secret Detection Into Measurable Risk Reduction
HashiCorp’s Vault Radar extends secret detection beyond visibility by adding correlation, automated workflow integration, and reporting. The platform matches discovered secrets with Vault or AWS Secrets Manager, enabling teams to see which exposures are already managed and which represent governance...
DeFi Hack Delays, Doesn’t Deter Traditional Finance
1/ A $293M DeFi exploit should’ve been the kind of event that sends TradFi running. Instead, Morpho CEO Paul Frambot [ @paulframbot ] says the reaction has been more revealing: Delayed? Yes. Deterred? Not quite. 👇
Digital Security Improves; Overall Damage Is Decreasing
Narrative violation: The digital world has, empirically, become more secure, not less. ~Every device can be hacked at some cost, to be clear. But total volume of damage has declined.
AI Era Amplifies Need for Personal Data Protection
#AI-Powered Future: Why Protecting Personal #Data Online Matters More Than Ever by @SecurityTrybe #CyberSecurity #InfoSec #IT #Tech #Technology https://t.co/ZvCjZmvVoW
US Drops Probe Into WhatsApp‑Meta Chat Visibility Claims
The US has abruptly ended its investigation into claims that WhatsApp chats were visible to Meta. https://t.co/f1WXpQz58J
AI Uncovers Injection Flaw; Defenders Must Act First
The bad news is they got in; the good news is that they used an AI to find the security hole (an unsanitized injection) via decompiling the executable and got it quickly fixed. So the vulnerabilities can be found -...