🎯Today's Cybersecurity Pulse
Updated 31m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform as a remedy for fragmented legacy VPNs and hardware firewalls. The solution uses a single‑pass architecture that runs security checks across a global network spanning over 300 cities, removing service‑chaining bottlenecks. It also integrates zero‑trust capabilities.
Also developing:
By the numbers: Zafran Security raises $60M Series C
News•Jan 5, 2026
Researchers Warn of Data Exposure Risks in Claude Chrome Extension
Anthropic launched a beta Claude Chrome extension that lets the AI browse, click, and type on users' behalf, fundamentally shifting the browser security model. Zenity Labs discovered the tool stays logged in permanently, exposing OAuth tokens, console logs, and personal data. Their research highlighted a “lethal trifecta” of risks: data access, autonomous actions, and susceptibility to malicious prompt injection. The built‑in safety switch proved insufficient, raising concerns about approval fatigue and enterprise data protection.
By HackRead
News•Jan 5, 2026
Stress Caused by Cybersecurity Threats Is Taking Its Toll
Cyber threats are increasingly complex, sparking a mental‑health crisis among IT and security teams. A recent Object First survey of 500 professionals found 84% feel uncomfortably stressed and 78% fear personal blame for breaches. Nearly 60% are actively looking for...
By CSO Online
News•Jan 5, 2026
Ca: Leduc County Target of Christmas Day Cybersecurity Attack
Leduc County in Alberta disclosed that a deliberate ransomware attack struck on December 25, disabling several of its information technology systems. The county became aware of the intrusion on Christmas Day and immediately initiated incident response protocols. While officials have...
By DataBreaches.net
News•Jan 5, 2026
VVS Stealer Uses Advanced Obfuscation to Target Discord Users
The VVS stealer, a Python‑based malware family distributed as a PyInstaller package, employs Pyarmor obfuscation to evade detection and specifically harvest Discord tokens and browser credentials. It injects malicious JavaScript into the Discord client, extracts data from Chromium‑based and Firefox...
By Infosecurity Magazine
News•Jan 5, 2026
Handala Leak Shows Telegram Account Risk, Not iPhone Hacks
Iran‑linked group Handala claimed full phone compromise of former Israeli PM Naftali Bennett and Chief of Staff Tzachi Braverman, but Kela researchers found the breach was limited to their Telegram accounts. The attackers likely used SIM‑swap, SS7 interception, phishing lures...
By eSecurity Planet
Podcast•Jan 5, 2026•29 min
EP257 Beyond the 'Kaboom': What Actually Breaks When OT Meets the Cloud?
In this episode, Chris Sistrunk explains that the biggest OT risks now stem from routine IT‑style attacks—often “living‑off‑the‑land” exploits on engineering workstations—rather than dramatic malware like Stuxnet, as organizations connect industrial systems to the cloud for telemetry and AI. He...
By Cloud Security Podcast
Blog•Jan 5, 2026
Telegram Hosting World’s Largest Darknet Market
Elliptic’s latest analysis reveals that Telegram now hosts the world’s largest Chinese‑language darknet markets, with Tudou Guarantee and Xinbi Guarantee together processing roughly $2 billion each month in money‑laundering, stolen‑data sales, AI deep‑fake tools, and other illicit services. Despite Telegram’s 2025...
By Schneier on Security
Podcast•Jan 5, 2026•6 min
SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns
The episode recaps recent security news, highlighting ongoing activity of the React2Shell exploit and the need to patch and isolate MongoDB servers against the MongoBleed vulnerability. It warns about classic advance‑fee cryptocurrency scams promising large payouts, and shares a practical...
By SANS Internet StormCast
News•Jan 4, 2026
Reminder: Survey on Threats Experienced by Journalists and Security Researchers
DataBreaches.net and security journalist Zack Whittaker have issued a reminder for cybersecurity journalists and researchers to complete a threat‑experience survey. The questionnaire captures legal actions, court orders, and violent intimidation faced while covering cybercrime. Participation is free via a Google...
By DataBreaches.net
News•Jan 4, 2026
8 WhatsApp Features to Boost Your Security and Privacy
WhatsApp, with over 3 billion users, faces growing security threats such as GhostPairing and mass phone‑number exposure. Meta has added a suite of privacy tools—including Privacy Checkup, disappearing messages, two‑factor authentication with PIN, app and chat locks, advanced security settings, and...
By WIRED (Security)
News•Jan 3, 2026
How to Protect Your iPhone or Android Device From Spyware
Recent zero‑click spyware attacks on iPhone and Android devices have prompted Apple and Google to release critical patches. High‑profile victims such as Jeff Bezos and activists illustrate the threat’s reach beyond nation‑state targets. Experts advise using Lockdown Mode, Android Advanced...
By WIRED (Security)
Blog•Jan 3, 2026
Overview of Content Published in 2025
In 2025 Didier Stevens published an extensive series of blog entries, delivering more than 70 incremental updates to his open‑source forensic utilities such as strings.py, oledump.py, pdf‑parser.py, and xorsearch.py. The posts also include quick‑takes on power consumption, hardware testing, and...
By Didier Stevens’ Blog
Blog•Jan 2, 2026
Friday Squid Blogging: Squid Found in Light Fixture
The UK government’s three‑month trial of Microsoft 365 Copilot revealed no measurable productivity uplift, echoing broader industry findings that generative AI often underdelivers. Parallel commentary in the blog highlights that delegating security to vendors without skilled oversight creates blind spots, while a...
By Schneier on Security
News•Jan 2, 2026
Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats
In a year‑end panel, cybersecurity leaders forecast that 2026 will be dominated by AI‑driven threats, with agentic AI and deepfake‑enabled social engineering emerging as top attack vectors. Identity management will shift toward zero‑trust models that include non‑human identities, while supply‑chain...
By Dark Reading
News•Jan 2, 2026
CTO New Year's Resolutions for a More Secure 2026
Security‑focused CTOs are setting five priority resolutions for 2026. First, they will operationalize AI governance by embedding repeatable controls, model gateways and telemetry into engineering pipelines to enforce "secure to ship" AI features. Second, they will add dedicated security controls...
By Dark Reading
News•Jan 2, 2026
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia
Transparent Tribe, also known as APT36, has launched a new wave of remote‑access‑trojan (RAT) attacks against Indian government, academic and strategic organizations. The campaign delivers weaponized LNK files disguised as PDFs, which execute HTA scripts via mshta.exe and load a...
By The Hacker News
Podcast•Jan 2, 2026•25 min
7MS #708: Tales of Pentest Fail – Part 6
In this episode, the host recounts a recent web application penetration test that went disastrously wrong, highlighting the missteps and unexpected challenges that can arise during a pentest. The story underscores the importance of thorough planning, clear communication with clients,...
By 7 Minute Security
News•Jan 2, 2026
The ROI Problem in Attack Surface Management
Attack surface management (ASM) tools promise reduced risk by expanding visibility, yet most programs deliver only larger asset inventories and louder dashboards. Security teams see counts climb and alerts surge, but leadership still struggles to answer whether incidents actually decline....
By The Hacker News
Podcast•Jan 1, 2026•36 min
Hot Sauce and Hot Takes: An Only Malware in the Building Special.
In this special in‑studio episode, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski tackle a hot‑wings challenge while fielding personal and career‑focused questions, offering listeners a candid look at their backgrounds and the moments that shaped...
By Hacking Humans
Blog•Dec 31, 2025
NEW TECH Q&A: Why Data Bill of Materials (DBOM) Is Surfacing as a Crucial Tool to Secure AI
Enterprises racing to embed AI realized in 2025 they lacked visibility into the data feeding models, prompting a governance shift. Bedrock Security’s research shows most leaders cannot map training or inference datasets, exposing firms to audit failures and regulatory penalties....
By The Last Watchdog
News•Dec 31, 2025
Identity Security 2026: Four Predictions & Recommendations
Todd Thiemann forecasts four identity‑security trends for 2026. AI agents will move from SaaS sandboxes into core business processes, creating new breach vectors that demand holistic identity controls. Mid‑market firms, facing app sprawl, will finally adopt Identity Governance and Administration...
By Dark Reading
News•Dec 31, 2025
Fears Mount That US Federal Cybersecurity Is Stagnating—Or Worse
U.S. federal cybersecurity faces a potential setback as the Cybersecurity and Infrastructure Security Agency (CISA) shed roughly 1,000 employees, leaving a 40% vacancy rate across critical mission areas. Recent White House staffing cuts, compounded by the lingering effects of the...
By WIRED (Security)
News•Dec 31, 2025
Cybercrime Economics: AI’s Impact and How to Shift Defenses
Generative AI is reshaping fraud economics by automating and personalizing attacks, lowering the skill barrier for cybercriminals. The article explains how traditional perimeter‑centric, rule‑based defenses are increasingly ineffective against AI‑driven, adaptive threats. It advocates a shift to continuous, behavior‑driven detection,...
By Security Magazine (Cybersecurity)
News•Dec 31, 2025
U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware
The U.S. Treasury’s Office of Foreign Assets Control removed three individuals tied to the Intellexa Consortium—responsible for the Predator commercial spyware—from the Specially Designated Nationals list. The delisting followed petitions asserting the subjects had distanced themselves from the consortium, though...
By The Hacker News
Podcast•Dec 31, 2025•56 min
The IACR Can't Decrypt with Matt Bernhard
The episode examines the IACR's botched Helios election, where a key management failure forced the organization to discard the vote and schedule a new election. Guest Matt Bernhard, an expert in secure voting systems, explains how Helios' homomorphic encryption works,...
By Security Cryptography Whatever
News•Dec 30, 2025
Cybersecurity Predictions 2026: An AI Arms Race and Malware Autonomy
Tyler Shields predicts that 2026 will see an AI‑driven escalation of both offensive cyber attacks and defensive tools, with attackers automating phishing, deep‑fakes, and vulnerability hunting at scale. Security teams will adopt autonomous containment, probabilistic exposure mitigation, and AI‑generated detection...
By Dark Reading
News•Dec 30, 2025
New Tech Deployments That Cyber Insurers Recommend for 2026
Cyber insurers see a sharp rise in AI‑driven phishing losses and a drop in vendor‑outage claims in H1 2025, prompting a shift in recommended defenses for 2026. Resilience’s Jud Dressler highlights role‑based access controls as the top technology to limit breach...
By Dark Reading
Blog•Dec 30, 2025
Using AI-Generated Images to Get Refunds
A recent Wired piece highlighted how scammers in China use AI‑generated images of merchandise, such as crabs, to falsely claim refunds, exposing a growing vulnerability in e‑commerce. The frauds, valued at roughly $27 per case, have led to administrative detentions...
By Schneier on Security
News•Dec 30, 2025
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
Silver Fox, a China‑based cyber‑crime group, has shifted its phishing focus to India, using income‑tax‑themed emails to deliver the modular ValleyRAT remote‑access trojan. The campaign tricks recipients into opening a PDF that redirects to a malicious zip file, which contains...
By The Hacker News
News•Dec 30, 2025
How to Integrate AI Into Modern SOC Workflows
AI is rapidly entering security operations, yet many SOCs lack a structured integration strategy. The 2025 SANS SOC Survey shows 40% of teams use AI tools without defined processes and 42% deploy them out‑of‑the‑box, leading to inconsistent value. Effective adoption...
By The Hacker News
News•Dec 30, 2025
How Can CISOs Create the Ideal Cyber Budget?
Cybersecurity budgets have hit a five‑year low in growth, leaving CISOs to stretch limited funds while confronting emerging AI‑related risks. Chris Wheeler, CISO of Resilience, advises a budgeting approach that prioritizes compliance, seeks controls with positive return‑on‑controls, and plans for...
By Security Magazine (Cybersecurity)
News•Dec 29, 2025
Dark Reading Confidential: Stop Secrets Creep Across Developer Platforms
Developers are increasingly leaking sensitive credentials across a growing array of platforms, from Git repositories to collaboration tools like JIRA and Slack. A recent “state of secret sprawl” report identified 23 million secrets in the public domain last year, and experts...
By Dark Reading
Blog•Dec 29, 2025
The Definitive 2025 Cyber Rewind & 2026 Roadmap
At SECON’s 2025 and 2026 conferences, the author highlighted a seismic shift in cyber risk, moving from classic phishing to automated, credential‑based attacks and AI‑driven threats. Data shows MFA bypass rates soaring to 45%, ransomware focusing on data theft, and...
By Erdal Ozkaya’s Cybersecurity Blog
Podcast•Dec 29, 2025•51 min
AI Surveillance: Unmasking Flock Safety’s Insecurities
The episode examines the security and privacy flaws of Flock Safety’s AI‑driven license‑plate readers and gunshot‑detection cameras, which are now installed in thousands of U.S. communities. Independent researcher Jon Gaines and activist‑musician Benn Jordan reveal dozens of software vulnerabilities—including outdated...
By Security Ledger
News•Dec 29, 2025
SBOMs in 2026: Some Love, Some Hate, Much Ambivalence
Software bills of materials (SBOMs) remain a cornerstone of supply‑chain security, yet widespread adoption stalls due to incomplete data, late‑stage generation, and open‑source gaps. Docker’s Hardened Images showcase a best‑practice model, embedding full SBOMs and Level 3 SLSA provenance, while many...
By Dark Reading
News•Dec 29, 2025
5 Threats That Defined Security in 2025
2025 was defined by a wave of high‑impact cyber threats, from the Chinese state‑backed APT Salt Typhoon targeting telecom networks and the US National Guard, to severe budget cuts at the Cybersecurity and Infrastructure Security Agency (CISA). The year also saw...
By Dark Reading
News•Dec 29, 2025
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
The weekly cyber recap highlights a wave of active exploits, most notably the MongoDB "MongoBleed" vulnerability (CVE‑2025‑14847) being leveraged against over 87,000 instances worldwide. High‑profile breaches include a Trust Wallet Chrome extension hack that cost users roughly $7 million and a...
By The Hacker News
News•Dec 29, 2025
The Worst Hacks of 2025
The worst cyber incidents of 2025 ranged from supply‑chain breaches of Salesforce integrations to ransomware attacks on Oracle’s E‑Business platform, massive data leaks at Aflac and Mixpanel, and a production‑shutting hack of Jaguar Land Rover. Hackers leveraged third‑party connectors, exploited...
By WIRED (Security)
News•Dec 29, 2025
The New Surveillance State Is You
In the first year of President Trump’s second term, citizens have flooded social media with videos and apps that track ICE and other federal agents during raids and arrests. The Department of Homeland Security responded with subpoenas to Meta, criminal...
By WIRED (Security)
News•Dec 29, 2025
This Month in Security with Tony Anscombe – December 2025 Edition
Tony Anscombe, ESET’s chief security evangelist, recaps the year’s most consequential cyber events in his December 2025 roundup. He highlights that U.S. organizations paid more than $2.1 billion in ransomware ransom from 2022‑2024, a figure FinCEN says only scratches the surface. The...
By WeLiveSecurity
News•Dec 29, 2025
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
MongoDB disclosed a critical vulnerability (CVE‑2025‑14847, CVSS 8.7) that allows unauthenticated attackers to read server memory via a flaw in zlib compression. Over 87,000 internet‑exposed instances have been identified, with 42% of cloud environments hosting at least one vulnerable deployment. The...
By The Hacker News
Social•Dec 28, 2025
Travel Plans, IoT Shelly Nirvana, Ubiquiti Security Fusion
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: https://www.troyhunt.com/weekly-update-484/
By Troy Hunt
Podcast•Dec 28, 2025•5 min
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
The episode warns that a critical MongoDB memory‑disclosure vulnerability (CVE‑2025‑14847), likened to Heartbleed, was patched on December 24 but is already being exploited in the wild. The flaw lets attackers manipulate BSON length fields to retrieve arbitrary memory, potentially exposing...
By SANS Internet StormCast
Blog•Dec 27, 2025
Security Leadership Master Class 7 : Contrarian Takes
The final Security Leadership Master Class pivots to contrarian perspectives, exposing common cognitive traps and ritualistic practices in cybersecurity. It critiques binary thinking, where perfection is equated with success and any flaw signals failure, and highlights the rise of "ceremonial...
By Phil Venables’ Blog
News•Dec 27, 2025
The US Must Stop Underestimating Drone Warfare
The article warns that the United States is vulnerable to low‑cost commercial drone attacks, citing recent strikes by Ukraine, Israel, and Houthi rebels that demonstrated drones’ ability to hit high‑value targets far from battlefields. Despite the Pentagon’s 2025 budget allocating...
By WIRED (Security)
News•Dec 26, 2025
Mentorship & Diversity: Shaping the Next Generation of Cyber Experts
Patricia Voight, CISO of Webster Bank, shared her journey from telecom security to leading financial‑services cyber risk, emphasizing the sector’s constant evolution. She highlighted the bank’s mentorship and summer‑intern programs, which deliberately recruit neurodivergent talent and partner with universities. Voight...
By Dark Reading
News•Dec 26, 2025
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
Kaspersky attributes a two‑year cyber‑espionage campaign to the China‑linked APT group Evasive Panda, which used DNS‑poisoning to deliver its MgBot backdoor. The attacks, observed from November 2022 to November 2024, targeted organizations in Turkey, China and India by hijacking DNS responses for...
By The Hacker News
News•Dec 26, 2025
These Are the Cybersecurity Stories We Were Jealous of in 2025
TechCrunch’s year‑end roundup spotlights the most compelling cybersecurity stories it didn’t publish in 2025, ranging from high‑profile investigations to niche technical exposés. Highlights include The Washington Post revealing a secret UK court order forcing Apple to build a backdoor, The...
By TechCrunch (Cybersecurity)
Blog•Dec 26, 2025
IoT Hack
A recent incident aboard a Mediterranean ferry exposed a remote access tool (RAT) likely introduced via insecure IoT devices. Commentators debated whether the breach qualifies as an IoT hack, noting that shipboard entertainment, CCTV and Wi‑Fi systems often lack proper...
By Schneier on Security
_Yuri_Arcurs_alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
News•Dec 26, 2025
Dark Reading Opens State of Application Security Survey
Dark Reading has launched its 2026 State of Application Security survey, extending the 2025 study that gathered insights from over 100 cybersecurity professionals. The new questionnaire adds topics like vibe coding and secure‑coding training while retaining core questions for year‑over‑year...
By Dark Reading