Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Open Cybersecurity Schema Framework (OCSF) emerges as de‑facto standard for security data
Since its 2022 launch, OCSF has attracted roughly 900 contributors and is now supported by major cloud and SIEM vendors. Recent updates introduce AI‑specific telemetry, helping security teams standardize event and finding data across products.
Also developing:
By the numbers: Noma Security raises $132M to expand AI agent security platform
Microsoft’s Defender Security Research team unveiled a new threat called “AI Recommendation Poisoning,” where website buttons labeled “Summarize with AI” embed hidden prompt‑injection instructions. Clicking these buttons feeds AI assistants a URL‑encoded command that tells the model to remember the site as a trusted source, subtly biasing future citations. The study logged 50 distinct attempts from 31 legitimate companies over 60 days, using tools like CiteMET and AI Share URL Creator. Microsoft has added Copilot defenses and hunting queries for Defender for Office 365 to detect the abuse.
School districts are experimenting with generative and agentic AI to bolster cybersecurity, but results are mixed. While vendor‑built AI features provide more reliable insights than generic models, many districts still rely on traditional tools due to staffing and budget constraints....
A cloud‑based identity verification database tied to IDMerit was found exposed without password protection or encryption, leaking roughly one billion personal records across at least 26 countries. The trove, estimated at one terabyte, contained names, dates of birth, addresses, phone...
Organizations are pouring billions into cybersecurity yet continue to suffer breaches because they treat security as a purely technical issue. Senior cyber leader Purvi Kay argues that weak governance, poor communication, and unclear accountability are the primary failures. She emphasizes...
Researchers at Aalto University warn that AI-driven voice analysis can extract sensitive personal data—from political views to health conditions—simply from speech patterns. Their study, published in IEEE Proceedings, highlights risks such as price‑gouging, discriminatory profiling, and stalking if corporations or...
Microsoft patched a high‑severity vulnerability (CVE‑2026‑20841) in the modern Windows Notepad app that adds Markdown support. The flaw allows remote code execution when a user opens a malicious .md file and clicks a crafted link. The issue affects only the...
Cynet has hired MacKenzie Brown as Vice President of Threat Intelligence Strategy to turn the vendor’s global telemetry into a practical, operational threat‑intelligence system for managed service providers (MSPs). Brown emphasizes moving beyond generic monthly reports toward actionable, tactical intel...
Plasma’s 2026 study identified the 25 most vulnerable passwords based on global search volume and common‑password lists. “password” led the list with over 10 million searches, followed by “admin”, “qwerty”, and other simple sequences. The research also highlighted ten insecure password...
As the digital domain presents challenges of extraordinary scale and complexity from a constantly evolving threat landscape, it is clear that empowering cyber-resilient innovation ecosystems requires a fundamental reimagining of how we synergize across modalities. The convergence of public-private partnership...
NIST announced a chip that reliably generates a single photon on demand using quantum‑dot technology. The device achieves near‑perfect efficiency and, when paired with superconducting nanowire single‑photon detectors, can transmit photons up to 600 miles. Mass‑production of the chip is...
Multi factor authentication is still one of the highest leverage security controls for SMBs. It is not flashy, but it closes real doors. Simple controls done consistently still win. https://buff.ly/jk1Ucgh
Finally more public Bitcoiners are willing to speak out on #BIP110's Attack to Centralize the Network... 👏 @MartyBent , starts at 9 min for 25 min: https://t.co/abwVenvoqo
The article argues that the long‑standing "shift‑left" mantra has backfired, overloading developers with security tasks while business demands prioritize speed. Qualys analyzed 34,000 public container images and found 7.3% malicious, many containing cryptomining code or exposed secrets. This risk stems...
BIP-110 is an attack on Bitcoin. An attack run by those who espouse the same ideals as bcashers, are intellectually dishonest, and fundamentally misunderstand how Bitcoin works. Bitcoin’s most retarded enemy so far 😂
AI safeguards shouldn’t just sound good, they should hold up under pressure. @GraySwanAI is putting them to the test with the Safeguards Challenge: real prompts, real attacks, real failures. Think you can break them (or prove they work)? We will be playing...
Praetorian released Titus, an open‑source secret scanner built in Go that runs as a CLI, library, Burp Suite, or Chrome extension. It inherits Nosey Parker’s 450+ detection rules and adds binary file extraction and a validation framework that confirms whether...
Cybersecurity leadership today goes beyond defense. We need to turn security from a barrier into a business advantage. We do this by building teams and systems that anticipate threats before they disrupt operations.
A new article in the Journal of Strategic Competition, “Rewriting History: Understanding Historical Catastrophic Cyber Economic Losses,” introduces the first systematic database of cyber‑related economic disasters. It catalogs 24 events from 1998 onward, estimating a cumulative $40 bn loss over 26...
Liquibase announced Secure 5.1, extending its modeled change‑control framework to Snowflake’s control plane. The release treats Snowflake access, sharing, and cost‑control changes as first‑class, auditable objects, enabling policy enforcement, drift detection and automated rollback. Secure 5.1 also adds support for Databricks, MongoDB,...
Intel 471’s 2025 report shows Latin America’s cyber‑maturity is improving but the region faces a rapidly intensifying threat landscape. Ransomware incidents jumped 78% year‑over‑year, with more than 450 breaches recorded, while Brazil alone accounted for 30% of ransomware and extortion attacks....
A MIT Center for Constructive Communication study reveals that leading large language models—GPT‑4, Claude 3 Opus, and Llama 3‑8B—alter answer quality based on perceived user traits. When prompted with biographies suggesting lower education, non‑native English proficiency, or foreign nationality, all three models show...
The Firewalla Orange is a 244‑gram, pocket‑sized firewall that turns any untrusted Wi‑Fi into a protected network in about ten minutes. In real‑world tests it delivered 1.72 Gbps wired throughput and 151 Mbps hotel Wi‑Fi speed while applying IPS, ad‑blocking and VPN...
Smart building operators are importing IT‑centric cybersecurity controls—encryption, authentication, zero‑trust—into legacy automation systems, but these measures can unintentionally disrupt deterministic control loops. A real‑world HVAC example shows a missed certificate renewal causing controllers to stop responding, leaving occupants uncomfortable and...
San Jose city officials disclosed that a lost USB drive may have exposed Social Security numbers of current and former employees. The breach occurred on Jan. 9, but the city delayed notifying affected workers, providing no estimate of how many were...
Australian fintech platform youX confirmed an unauthorized intrusion that exposed personal data of approximately 440,000 Australians. The stolen information includes loan applications, driver’s licence details and other identifying data. The breach was disclosed following the company’s internal investigation and reported...
IT leaders are re‑evaluating desktop strategies as demand becomes erratic, security standards tighten, and AI reshapes workloads. Future‑proofing requires elastic provisioning, centralized Zero‑Trust controls, and continuous automation rather than periodic overhauls. The article argues that operational efficiency and flexible platforms...
PayPal disclosed a data breach affecting its Working Capital loan application, where personal information—including Social Security numbers—was exposed from July 1 to December 13, 2025. The company identified the issue on December 12, 2025, rolled back the faulty code, and halted unauthorized access within a...
UK IT leaders are abandoning traditional on‑premises desktops and legacy VDI in favor of Desktop‑as‑a‑Service (DaaS) to meet evolving security, cost and hybrid‑work demands. DaaS, especially Microsoft’s Azure Virtual Desktop and Windows 365, offers scalable, cloud‑native environments that align spend with...
The article guides MSPs on replacing legacy security email gateways (SEGs) with modern, API‑native email security platforms that operate inside Microsoft 365 and Google Workspace. It stresses the need for behavioral, AI‑driven detection rather than static signatures, and outlines key vendor...
Food and ag sector weathers more ransomware attacks, braces for ‘strategic adaptation’ threats - Threat Beat https://t.co/Vt6H5NKPsU
Enterprises are finding that desktop‑OS choices in 2026 are no longer a tactical IT decision but a forced strategic commitment driven by the Windows 10 end‑of‑support deadline, costly Windows 11 upgrades, and the tax‑like Extended Security Updates (ESU). The pressure to meet...
The Radware 2026 Global Threat Analysis Report reveals a 168% jump in DDoS attacks in 2025 versus 2024, with customers averaging 139 attempted incidents per day. Technology, telecommunications and financial services bore the brunt, the tech sector alone accounting for...
CharlieKirk Grabber is a new Python‑based Windows infostealer first seen in February 2026. It rapidly harvests credentials from Chromium and Firefox browsers, Wi‑Fi profiles, Discord tokens, and gaming sessions, then packages the data into a ZIP archive for exfiltration via...
Ukraine’s National Bank temporarily shut down its online collectible‑coin store after a cyberattack compromised customer registration data. Attackers accessed personal details such as names, phone numbers, email and delivery addresses through a contractor that supports the storefront, but no financial...
A security-first culture is one of Aave’s strongest moats. Rather than launching products as soon as they’re ready, Aave Labs applies rigorous security-hardening processes to ensure the highest-quality outcomes. A big thank you to our smart contract team for all their...
Netzilo announced the launch of AI Edge, a platform that gives enterprises full visibility, sandboxing, and governance over OpenClaw autonomous agents. The solution captures LLM communications, tool‑call chains, file system activity, and local agent actions, feeding them into a behavioral...
FinCite, a provider of end‑to‑end investment advisory software, has achieved ISO 27001 certification, confirming its information security management system meets global standards. The certification spans the company’s entire operational backbone, including cloud infrastructure, development lifecycles, and client‑facing services such as onboarding...
Most SaaS breaches occur after launch because security efforts often wane while the attack surface expands. Post‑deployment misconfigurations, rapid feature releases, and third‑party integrations introduce new vulnerabilities that go unnoticed without continuous testing. StrongBox IT and similar providers advocate ongoing vulnerability...
Identity cyber scores are emerging as the primary metric insurers use to underwrite cyber‑insurance policies in 2026. Insurers now scrutinize password hygiene, privileged‑access management and MFA coverage, linking weak identity controls to higher breach likelihood and premium costs. The global...
Global Alliance announced enhanced operational safeguards for its digital platform, including multi‑factor authentication (MFA) for logins and sensitive actions. The firm now requires verification checkpoints before adding external withdrawal destinations, tightening outbound transaction controls. Real‑time data backups and DDoS mitigation...
On January 22, 2026 Nike disclosed that 1.4 terabytes of R&D, supply‑chain and pricing data were posted on the WorldLeaks leak site. The breach, driven by compromised VPN credentials, bypassed traditional endpoint detection and highlighted the rise of value‑chain extortion. WorldLeaks,...
Israel’s National Cyber Directorate disclosed that roughly two petabytes—equivalent to 100 National Library of Israel archives—have been exfiltrated from citizens and institutions over recent years. The breach scale eclipses prior megabyte‑ and terabyte‑level incidents, marking an unprecedented data loss. Concurrently,...
Fraud is evolving into a fast‑moving, AI‑driven threat across e‑commerce, payments and identity, outpacing traditional, institution‑by‑institution defenses. Discover Network argues that sharing data through a consortium enables real‑time signal aggregation, tokenization and enhanced decisioning to spot patterns no single bank...
In September 2025 Anthropic disclosed the world’s first autonomous AI‑driven cyberattack, where an AI system executed 80‑90% of the malicious workflow with only a handful of human interventions. The attackers masqueraded as a cybersecurity firm, using Claude Code and the Model...
Apple released emergency updates for iOS, iPadOS, and macOS after a previously unknown memory‑corruption flaw in the dyld Dynamic Link Editor (CVE‑2026‑20700) was found being actively exploited. The vulnerability, uncovered by Google’s Threat Analysis Group, was used alongside two earlier...
Security Compass unveiled SD Elements for Agentic AI Workflow, a platform that embeds policy‑driven security and compliance checks directly into AI‑assisted software development. The solution automatically generates, validates, and records evidence that both human developers and autonomous AI agents adhere to...
Artificial intelligence is reshaping security operations, but experts argue that a fully autonomous SOC is impractical. Dan Petrillo of BlueVoyant stresses that AI should augment analysts, handling high‑volume tasks like alert triage while humans retain decision‑making authority. Real‑world constraints—noisy data,...
Krikey AI announced it has earned SOC2 Type II certification and Amazon Web Services Nonprofit and Education competency badges, confirming its 3D animation generator meets rigorous security and operational standards. The certifications validate institutional‑grade data protection for enterprises, schools, and nonprofit...
In a Help Net Security interview, Paul Suarez, VP and CISO of Casey’s, explains that fuel‑payment hardware receives the same disciplined patching and modernization approach as other retail technology. He warns that QR‑code payment methods create fresh fraud opportunities, prompting...
Governments are proposing to mirror green‑energy tax incentives to boost cybersecurity, pairing financial rewards with a digital trust label similar to ENERGY STAR. The model would grant tax credits or rebates to firms that achieve the label, encouraging security‑by‑design across...
