Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Syrian government X accounts hijacked, revealing MFA failures
In early March 2026, several Syrian government accounts on X—including the presidency and central bank—were seized and used to post pro‑Israel messages and explicit content. investigators traced the breach to shared credentials and the absence of multifactor authentication. Officials pledged urgent remedial steps and new regulations to strengthen credential security.
Also developing:
By the numbers: Noma Security raises $132M to expand AI‑driven security platform
Forescout Technologies has become a vendor affiliate of the North American Electricity Information Sharing and Analysis Center (E‑ISAC), extending its threat‑intelligence sharing to U.S. utilities and grid operators. Through its Vedere Labs research unit, the company will feed cyber and physical threat data into the E‑ISAC community, complementing its existing work with the European E‑ISAC. The partnership arrives as the 2025 Threat Roundup shows a 6 % rise in actors targeting the energy sector, and Forescout already protects hundreds of substations for more than 50 North American utilities. By integrating OT, IT and IoT visibility, its platform helps utilities meet NERC requirements and implement Zero Trust segmentation.
I'm excited to be speaking today at the Virtual AI Summit on the cybersecurity implications of AI! I'll be talking about practical frameworks for AI deployment and oversight. If AI is on your roadmap, governance join me there today: https://buff.ly/6C9RTgu
Anthropic has uncovered a coordinated distillation attack by three Chinese AI labs—Deepseek, Moonshot AI, and MiniMax—targeting its Claude model. Over 24,000 fabricated accounts generated more than 16 million queries to extract reasoning, programming, and tool‑usage capabilities. The labs employed proxy services...
Smart devices and IoT gadgets are rarely patched, leaving them vulnerable to malware such as Mirai. These products, from smart TVs to internet‑connected cameras, routinely harvest user data and can be hijacked to spy or launch attacks. Security experts recommend...
Square Enix announced that the security question and answer tied to Square Enix Accounts for Final Fantasy XI and Final Fantasy XIV will be retired on February 24, 2026. Players will not need to remember or re‑enter this credential, and...
Very proud moment of our architecture so far at Seena Labs. We got someone asking the Seena interviewer agent to reveal some code and attack us and this was Seena's response. If anyone has good advice/ resources on how to...
Red‑team exercises simulate real cyber‑attacks to test how healthcare organizations respond under pressure. Pieter Ceelen of Fortra explains that these engagements uncover hidden vulnerabilities such as credential sharing, unpatched legacy medical IoT, and unclear emergency procedures like shutting down internet...
Simple analogy on AI and cybersecurity. Security has never been solely a technology problem - it's largely a people problem. Complexity of business integration, misconfigurations, legacy systems, business transformations, M&As, etc. are all part of this industry we call cybersecurity. I can't remember...
Google and Apple announced that encrypted Rich Communication Services (RCS) messaging is now in beta testing between Android and iPhone devices. The feature leverages the GSMA RCS Universal Profile and provides end‑to‑end encryption, visible as a lock icon in both...
Optimizely, a New York‑based ad‑tech firm, disclosed a data breach after a sophisticated voice‑phishing (vishing) attack on February 11. Threat actors accessed the company’s CRM and other internal business systems, extracting only basic contact information and not sensitive customer data. The...
Researchers at Novee Security uncovered 13 vulnerability categories and 16 zero‑day flaws across Foxit and Apryse PDF platforms, including critical XSS and OS command injection bugs. Using a human‑agent AI swarm, they rapidly identified high‑impact issues such as one‑click attacks...
Operation Spiderweb in June 2025 demonstrated how Ukrainian forces hijacked Russian mobile networks to control and stream data from drones, disabling about 20 aircraft. The incident exposed a growing vulnerability as 4G/5G standards now embed native drone support, allowing off‑the‑shelf...
In this episode, Tim Peacock and Anton Chuvakian host Alex Pabst, Deputy CISO at Allianz, and Mike Sinnoh, Director of Detection & Response at Google, to discuss evolving SOC metrics in the age of AI and automation. They critique traditional...
The U.S. Energy Department patched an identity‑verification flaw in its critical minerals portal that let outsiders register with email addresses mimicking official energy.gov accounts. Security researcher Ronald Lovelace uncovered the issue using subdomain enumeration and reported it through the department’s...
Until it hacks everyone’s GitHub accounts and wipes out all their IP. Be careful with tools like this. Make sure you understand what it can access and what it can do. Understand where it is sharing your code and storing...
AI agent traffic nearly tripled in a year. 25Billion bot requests in 2 months. The question is no longer how to block bots — it's how to trust them. Visa + Akamai are building the answer. "What it takes to secure...
Belgium’s Centre for Cybersecurity recorded a sharp rise in phishing complaints, logging 226 reports in Q4 2025 and 106 in January 2026. Scammers frequently masquerade as police or representatives of telecom and banking firms such as Proximus, Argenta, and Card...
The Open Rights Group is urging the UK government to adopt a digital sovereignty strategy that reduces reliance on foreign tech giants such as Amazon, Microsoft, Google and Palantir. It argues that over‑dependence creates strategic fragility, citing the Trump‑ordered shutdown...
Security researchers have uncovered a supply‑chain worm, dubbed SANDWORM_MODE, spreading through at least 19 malicious npm packages that employ typosquatting. The malware not only steals developer and CI credentials but also injects rogue servers into AI coding assistants such as...
Healthcare diagnostics firm Vikor Scientific, now operating as Vanta Diagnostics, disclosed a data breach affecting nearly 140,000 individuals. The breach was traced to Catalyst RCM, a revenue-cycle‑management vendor, whose compromised credentials allowed the Everest ransomware group to exfiltrate roughly 12 GB...
United Insurance Brokers Limited (UIB) has partnered with cyber‑risk analytics firm CyberCube to bolster its cyber insurance offering. UIB will deploy CyberCube’s Broking Manager and Prep Module, giving its global practice data‑driven exposure insights. The collaboration targets accelerated growth in...
OpenAI unveiled EVMbench, an open‑source benchmark that tests AI agents' ability to spot and exploit smart‑contract flaws. The tool draws on 120 vulnerabilities from 40 audits, including scenarios from Stripe‑backed Tempo blockchain, and was released in partnership with crypto investor...
Questions to ask when evaluating an authentication mechanism 🔒 Why I still use a password with a Yubikey, not a passkey or a pin Why I dislike the device code flow with a browser How lack of segregation facilitated a Microsoft breach. Defense...
User accidentally gains control of over 6,700 robot vacuums while tinkering with their own device to enable control with a PlayStation controller — security flaw reveals floor plans and live video feeds https://t.co/G8sfl730OU
Liminal, previously focused on enterprise customers, is extending its secure, multi‑model AI platform to managed service providers (MSPs) targeting small‑ and medium‑size businesses (SMBs). The platform consolidates access to leading large language models—including OpenAI, Anthropic, Google and Perplexity—while sanitizing sensitive...
Supply chain cyber risk is moving from a pure prevention mindset to a resilience‑first strategy. Third‑party exposure dominates, with 61% of firms reporting a supplier breach in the past year, prompting tighter transparency and governance. AI accelerates both attacks—often under...
“AI can defeat CAPTCHA systems and analyse voice biometrics to compromise authentication,” [TR: Never trusted voice recognition, it’s too fuzzy to use for auth in my opinion. Infecting memory is an interesting problem.]
This week’s cybersecurity briefing spotlights a Dell RecoverPoint zero‑day that’s actively delivering web shells in VMware environments, alongside critical Ivanti EPMM remote‑code‑execution flaws and an Apache NiFi RBAC bypass. Over 40% of OpenClaw AI skills were found vulnerable, highlighting supply‑chain...
This Week in Fraud (2/17) https://t.co/DeKt9G8P3d "2026 identity fraud is more sniper than shotgun" Great stuff from Nick. https://t.co/eNakT4O4Fd
Third‑party vendors are now a primary attack vector for trucking firms, with 35.5% of all data breaches in 2024 traced to external partners—a 6.5% rise year‑over‑year. The report also notes that 4.5% of breaches originated from fourth‑party suppliers, highlighting deep...
Phishing emails that look authentic on a desktop become far harder to spot on mobile devices, increasing the chance of credential theft. The author received a Vanguard‑style phishing message where the sender’s email address was hidden and the link text...
Micrologic, a Canadian sovereign‑cloud provider, has teamed with AI‑driven data‑security firm Cohesity to launch a fully Canadian‑jurisdictional data‑protection platform. The joint solution combines Micrologic’s Canada‑only cloud infrastructure with Cohesity’s backup, disaster‑recovery and isolated recovery environment technology. It promises recovery speeds...
Reticulum is an open‑source, decentralized networking protocol that operates without traditional internet infrastructure. It uses cryptographic identity‑based addressing and built‑in encryption to secure traffic across any medium, from LoRa radios to Wi‑Fi and Ethernet. Its hardware‑agnostic design lets users build...
The U.S. Department of Justice is intensifying its use of the False Claims Act to pursue cybersecurity misrepresentations, noting a “significant upward trajectory” in such cases. In the past year, the DOJ secured $52 million through nine FCA settlements involving cyber‑related...
Enterprises deploying private Large Language Models are rapidly adding inference APIs, model‑management dashboards, and tool‑calling endpoints. Each new endpoint widens the attack surface, especially when permissions are excessive and credentials remain static. Exposed endpoints let attackers hijack non‑human identities, enabling...
Labour MP Graeme Downie warned that the UK is dangerously exposed to disruption of its undersea cable network. He cited the Joint Committee on the National Security Strategy, noting that about 98% of internet traffic travels through these cables, making...
Russian cyber actors targeting Ukraine’s energy grid have shifted from causing immediate outages to gathering intelligence that guides missile strikes. By mapping facilities, tracking repair crews, and monitoring recovery rates, they provide real‑time data that improves strike accuracy. The number...
Restaurants are evolving into digital ecosystems, relying on cloud POS, loyalty apps, and third‑party delivery platforms. This shift creates a broader attack surface, making cybersecurity as vital as food safety for protecting brand trust. Leaders are adopting defense‑in‑depth strategies, unified...
Romanian officials say recent ransomware attacks on the country’s water agency, oil pipeline operator and coal‑based power producer were part of a coordinated Russian hybrid operation. Groups such as Qilin and Gentlemen, which speak Russian, claimed responsibility, linking the attacks...
Innovate UK’s Cyber Security Academic Startup Accelerator (CyberASAP) alumni have attracted £47.4 million in post‑programme funding over the past nine years, with private capital accounting for 68% of that amount. The accelerator, funded by the Department for Science, Innovation and Technology,...
The European Banking Authority released a follow‑up to its 2022 peer‑review on ICT risk assessment under the Supervisory Review and Evaluation Process (SREP). The report finds that competent authorities have markedly strengthened ICT risk supervision, largely due to the Digital...
Attackers are actively exploiting two critical Ivanti Endpoint Manager Mobile (EPMM) zero‑days (CVE‑2026‑1281 and CVE‑2026‑1340) that allow unauthenticated remote code execution. More than 4,400 EPMM instances are exposed on the public internet, giving threat actors full control of enterprise mobile...
EscalaX announced a strategic partnership with privacy‑focused consultancy BidSafe One to strengthen its data‑protection and regulatory compliance posture. The collaboration will help EscalaX optimise consent management and align its operations with GDPR, CCPA/CPRA, IAB TCF and GPP standards. By integrating...
Simbian unveiled its AI Pentest Agent, the first autonomous penetration‑testing solution that embeds business context to prioritize real‑world risk. Developed with LRQA, the agent delivers on‑demand assessments in hours, replacing periodic manual tests and providing transparent reasoning traces. It operates...
Humanity, a startup building an internet trust layer, announced a shift from its Proof of Humanity model to a broader Proof of Trust framework. The new system lets users verify attributes such as age, residency, and employment without exposing raw...
Google has disabled several Antigravity accounts, including paid Gemini Ultra subscribers, after detecting a sharp rise in malicious activity tied to the open‑source AI agent OpenClaw. The bans target only the Antigravity backend, leaving Gmail, Workspace and other Google services...
Iranian APT group MuddyWater has launched Operation Olalampo, targeting organizations across the Middle East and North Africa. The campaign, first seen on Jan 26, 2026, deploys new malware families—GhostFetch, HTTP_VIP, the Rust backdoor CHAR, and the GhostBackDoor implant—delivered via macro‑laden Office...
Triad Radiology Associates, a 50‑year‑old North Carolina imaging practice, disclosed a data breach affecting roughly 11,000 patients. The intrusion, detected in February, likely occurred between late July and September and exposed names, addresses, Social Security numbers and bank account details....
In a Help Net Security interview, Rich Kellen, VP‑CISO of IFF, warns that treating operational technology (OT) labs like conventional IT data centers creates hidden security risks that can corrupt scientific results and endanger safety. He explains that OT environments...
Healthcare organizations focus on high‑tech defenses, yet physical and procedural gaps remain a major source of breaches. Low‑tech incidents such as tailgating, unattended devices, and badge sharing contributed to over 51 million compromised records in 2022. The article outlines practical controls—including...
