Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Cybersecurity Pulse
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
RSAC 2026 spotlights AI‑driven attacks, quantum threats, and AI agents in identity management
The RSA Conference highlighted that AI‑powered attacks are pushing enterprises to adopt machine‑speed, lateral‑focused defenses. Concerns over looming quantum computing are accelerating the shift to post‑quantum cryptography and crypto‑agility. Additionally, AI agents are reshaping identity management while helping close the cybersecurity talent gap.
Anna’s Archive, a piracy activist group, has begun seeding roughly 2.8 million Spotify tracks—about 6 TB of audio—via its torrent index, despite a New York court injunction and a $13 trillion lawsuit filed by Spotify and major labels. The leak follows a massive hack that stole 86 million songs, with the group releasing the files in popularity‑based batches. The move puts the anonymous operators in contempt of court, exposing them to fines or imprisonment. Industry observers note the release could fuel AI training datasets while domain takedowns turn into a whack‑a‑mole game.
Cisco’s EMEA president Gordon Thomson told The Stack that British companies are less preoccupied with data‑sovereignty than their European counterparts. He noted that infrastructure autonomy has become a board‑level fear across the region, while AI localisation requirements are muddying the...
Apple has issued patches for CVE-2026-20700, a zero‑day vulnerability in the dyld dynamic linker affecting iOS, iPadOS, macOS, tvOS, watchOS and visionOS. The flaw enables arbitrary code execution with memory‑write capability and was actively exploited in highly sophisticated, targeted attacks,...
Keeper Security launched SuperShell™, a full‑screen terminal user interface for Keeper Commander, available from version 17.2.7 onward. The TUI provides a split‑view vault browser with vi‑style keyboard shortcuts, searchable panes, raw JSON inspection, and live TOTP display. Designed for developers,...
Managed Service Providers face escalating ransomware threats, making ad‑hoc responses untenable. A battle‑tested Incident Response Plan (IRP) provides a structured lifecycle—from preparation to lessons learned—that safeguards client systems and the MSP’s reputation. The guide outlines core pillars such as preparation,...
Healthcare providers face heightened risk from cyber attacks and natural disasters, making robust disaster recovery essential. Vendors such as Dataprise, Veeam, Acronis, Zerto, and Carbonite offer cloud, hybrid, and on‑premises solutions that promise rapid recovery, HIPAA compliance, and proactive monitoring....
A viral Instagram and LinkedIn trend sees millions prompting ChatGPT to generate caricatures that describe their jobs, then posting the images publicly. The practice unintentionally reveals how employees use large language models (LLMs) at work and what data they may...
World Leaks, a high‑profile extortion group, has introduced a new Rust‑written malware called RustyRocket, according to Accenture research. The tool provides stealthy persistence on both Windows and Linux systems, using heavily obfuscated, multi‑layered encrypted tunnels to exfiltrate data and proxy...
The Trump administration has temporarily shelved a suite of technology security measures targeting Chinese firms ahead of the April Trump‑Xi summit. The paused actions include a ban on China Telecom’s U.S. operations, restrictions on Chinese equipment in data centres, and...
The FIDO Alliance is mapping its phishing‑resistant passkeys, Device Onboard (FDO) and emerging Bare Metal Onboarding (BMO) to the UK NCSC’s Secure Connectivity Principles for Operational Technology. By replacing passwords with cryptographic credentials, FIDO eliminates the most common breach vector...
A question about AI and blockchain: What makes a blockchain Agent friendly? One possible answer I heard from @AbdelStark: Safety through Native Account Abstraction Suppose you give your agent some money to transact on your behalf. The agent could go rogue,...
Artificial intelligence is rapidly becoming a tool for cybercriminals, enabling faster, lower‑skill attacks and fueling a surge in deep‑fake‑driven scams. At the same time, AI‑powered personal assistants such as OpenClaw expose massive amounts of user data, raising urgent security concerns....
AI is already making online swindles easier. It could get much worse. Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening. #fintech #tech #finserv #AI @BetaMoroney @efipm @BrettKing @spirosmargaris @jasuja @enricomolinari @mikeflache https://t.co/xbcVW86X8z
Former exec at exploit development firm Trenchant, owned by L3Harris, admitted to selling internal hacking tools to a Russian broker. Did the company notify the vendors whose products were exploited so that they could be patched? https://t.co/4wKJgZoIkl
Google Threat Intelligence Group, together with DeepMind, released an AI Threat Tracker revealing that state‑backed APT groups are weaponizing Google’s Gemini models to research targets, craft multilingual phishing, and generate code for attacks. Notable actors include China‑based Temp.HEX, UNC6148 targeting...
TrendAI, the new business unit of Trend Micro, warns that AI skills—executable artifacts that blend human‑readable text with LLM instructions—represent a dangerous attack surface. These skills, used in products like Anthropic’s Agent Skills, OpenAI’s GPT Actions, and Microsoft’s Copilot Plugins, can...
On this day in 1994, the winter Olympics in Lillehammer were hit with a cyber attack. https://t.co/AZfPpQUjAr https://t.co/xox3MFDt75
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan explore the surge in romance and social‑engineering scams, highlighting high‑profile cases like a €3 million "Dubai Crown Prince" fraud and a handyman‑turned‑boyfriend con that inspired an Amazon Prime documentary. They...
Researchers have identified transparent DNS forwarders as a potent, overlooked vector for reflective amplification attacks. Unlike traditional open resolvers, these forwarders relay queries without rewriting source IPs, allowing attackers to exploit shielded recursive resolvers and bypass rate‑limiting controls. Weekly Internet‑wide...
Smart TVs can monitor content played on HDMI‑connected devices using two methods: HDMI‑CEC metadata and Automatic Content Recognition (ACR). ACR takes pixel‑level snapshots to fingerprint shows, movies, or games, while CEC logs device IDs and usage duration. The article outlines...
Microsoft's research reveals a new AI hijacking technique called AI recommendation poisoning, where "Summarize with AI" buttons embed hidden prompts that bias enterprise chatbots toward a vendor’s products. Over two months, researchers found 50 instances across 31 companies in sectors...
Cloud storage compliance has become a top priority for IT leaders in 2026 as organizations increasingly rely on remote data repositories. Rising regulatory scrutiny—spanning GDPR, HIPAA, PCI DSS, CCPA and others—means non‑compliance can trigger hefty fines, reputational harm, and operational...
The 0APT ransomware group burst onto the scene last month, publicly claiming roughly 200 victims within its first week. While investigators have found no evidence that any of those organizations were actually breached, the group’s infrastructure includes a fully functional,...
Lumma Stealer has reemerged at scale after a 2025 law‑enforcement takedown that crippled its command‑and‑control infrastructure. The malware‑as‑a‑service operation now relies on ClickFix lures—fake CAPTCHAs that trick users into running malicious commands—and the memory‑only CastleLoader to evade detection. Researchers report...
I just saw a Recruiter say "people share their data with every app out there, I don't understand why adding extra security layers to the ATS asking people to verify their identity is a problem."
Acting CISA Director Madhu Gottumukkala warned that a DHS shutdown would cripple the agency’s ability to issue timely cyber guidance, force over a third of frontline security staff to work without pay, and halt proactive threat‑hunting activities. The shutdown would...
CVE‑2026‑25646 reveals a heap‑buffer overflow in libpng’s png_set_quantize function, a flaw that has existed for nearly three decades across all historic releases. The bug triggers when a PNG image contains a palette chunk without a histogram and requests color quantization,...
Box Intelligent Content Management delivers a cloud‑based, zero‑trust platform tailored for healthcare’s strict security and compliance needs. The solution unifies over 1,500 integrations, enabling seamless collaboration between Office 365, Google Workspace and other systems while providing built‑in e‑signatures and workflow automation....
Acting CISA director Madhu Gottumukkala told House appropriators that roughly 70 CISA employees were reassigned to other DHS components over the past year, while more than 30 staff were moved into the agency. A small number of those transfers went...
Vercel Sandbox isolation levels: ✅ Compute & memory resource isolation ✅ Filesystem and durability isolation 🆕 Network isolation Wild how easy this is: --𝚊𝚕𝚕𝚘𝚠𝚎𝚍-𝚍𝚘𝚖𝚊𝚒𝚗 (CLI) or 𝚗𝚎𝚝𝚠𝚘𝚛𝚔𝙿𝚘𝚕𝚒𝚌𝚢 in 𝚂𝚊𝚗𝚍𝚋𝚘𝚡.𝚌𝚛𝚎𝚊𝚝𝚎. Try it out: https://t.co/UoWXCW9Ien
The DOJ has charged Peter Williams, former general manager of Trenchant—a cyber‑offensive unit of L3Harris—with stealing eight zero‑day exploits and selling them to a Russian broker for about $1.3 million in cryptocurrency. Prosecutors say the tools could grant access to millions of...
Microsoft disclosed CVE‑2026‑21514, an actively exploited vulnerability in Word that bypasses Object Linking and Embedding (OLE) security controls. The flaw lets specially crafted documents execute code without triggering Protected View or enable‑content prompts, requiring only a user to open the...
Arcjet launched version 1.0 of its JavaScript SDK, delivering a stable, production‑ready API for security functions such as bot mitigation, email verification, rate limiting, and data redaction. The SDK can block malicious bots, enforce custom traffic rules, and protect against...
The February 11 digital forensics round‑up highlights a wave of open‑source tools—including triagectl for macOS, Hindsight v2026.01’s Chrome Sync parsing, a chunked BitLocker‑key recovery script, a Velociraptor Notepad++ artifact, and FOSSOR for malware hash lookup—aimed at streamlining evidence collection. It also...
Black Duck announced a managed security service provider (MSSP) agreement with Accenture, designating the Black Duck Polaris platform as the standard tool for Accenture’s Application Security Practice. Polaris combines static, dynamic, and software composition analysis into a single SaaS offering,...
Last week the European Commission disclosed a cyberattack that compromised its mobile device management (MDM) platform, exposing staff names and phone numbers. Security experts from Huntress, Keeper Security, and CyberSmart warned that MDM systems are now a primary attack vector,...
Pentera Labs identified nearly 2,000 publicly exposed training applications across cloud platforms, with about 60% hosted on AWS, Azure or GCP. Roughly one‑fifth of these instances contained crypto‑mining scripts, web‑shells or persistence tools, indicating active exploitation. The vulnerable apps were...
Industrial control system vendors Siemens, Schneider Electric, Aveva, and Phoenix Contact released a flurry of Patch Tuesday advisories on February 11, 2026, addressing high‑severity flaws across dozens of OT products. Siemens issued eight advisories covering Desigo CC, Sentron Powermanager, Simcenter Femap, NX, and...
Identy.io, a global biometric authentication firm, announced a strategic expansion into Africa, focusing initially on Kenya and Nigeria. The company will deploy its software‑first Automated Biometric Identification System (ABIS) that captures biometrics via standard smartphones, reducing hardware costs. To support...
The FIRST forecast predicts 2026 will see roughly 59,000 CVEs, with extreme scenarios approaching 118,000, far exceeding the 48,000 reported in 2025. The surge stems from more CVE Numbering Authorities, expanded bug‑bounty programs, and AI‑driven discovery, not a sudden drop...
CrowdStrike announced Jonathon Dixon as vice‑president and managing director for Japan and Asia Pacific, tasking him with leading AI‑powered cyber‑security transformation across the region. Dixon arrives with more than 25 years of experience, most recently serving as JAPAC head at Verkada and...
In episode 824 of Risky Business, Patrick Gray and Adam Boileau dissect a wave of cybersecurity headlines, from Microsoft’s unsettling reshuffle of its security leadership and upcoming Secure Boot certificate refresh to aggressive state‑backed campaigns by Russia targeting the Winter...
The European Supervisory Authorities (EBA, EIOPA and ESMA) have signed a Memorandum of Understanding with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to coordinate oversight of critical ICT third‑party service providers under the Digital...
Telnet remains a major security weakness in the Asia‑Pacific, accounting for roughly half of the world’s exposed Telnet endpoints. Global throttling on Jan. 14 cut Telnet sessions by 83 % but Asian providers applied inconsistent filters, leaving the region’s traffic relatively high....
Financial data aggregators consolidate accounts into a single dashboard, using either APIs or screen‑scraping to retrieve information. While APIs provide scoped, credential‑free access, many providers still rely on screen‑scraping, which requires users to share login details. The article highlights privacy,...
Fraudsters are increasingly impersonating FINRA and its executives, using authentic‑looking logos, signatures, and fake email domains to lure victims into advance‑fee scams. The scams typically demand payment for alleged regulatory or tax charges tied to worthless securities or nonexistent inheritances,...
Britain will lead the Defence Cyber Marvel 2026 exercise, bringing together more than 2,500 personnel from 29 nations in Singapore. The week‑long drill simulates real‑world cyber attacks, pitting blue and red teams against each other while integrating military, government and...
The Senate Intelligence Committee voted 14‑3 to advance Army Lt. Gen. Joshua Rudd’s nomination as head of U.S. Cyber Command and the National Security Agency. Rudd, currently deputy chief of U.S. Indo‑Pacific Command, has no prior cyber warfare or intelligence...
The first Aave V4 security audit is now public. Big thanks to the @trailofbits team for the effort.
Test Data Management (TDM) tools are becoming essential for QA and DevOps teams as CI/CD pipelines demand rapid, compliant data provisioning. In 2026, vendors such as K2view, Delphix, Datprof, IBM Optim, Informatica, and Broadcom lead the market, each emphasizing self‑service,...
