Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Cybersecurity Pulse
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
RSAC 2026 flags AI‑driven attacks, quantum risks, and AI agents reshaping security
The RSA Conference 2026 identified three emerging security trends. AI‑driven attacks are pushing enterprises to adopt machine‑speed, lateral‑focused defenses. The looming quantum threat is accelerating adoption of post‑quantum cryptography and crypto‑agility, while AI agents are transforming identity management and helping close the cybersecurity talent gap.
Also developing:
AI agents are now automating the research and targeting phases of social engineering, turning weeks‑long preparations into minutes. This automation lowers both the skill threshold and cost for launching phishing and scam campaigns. Deepfake audio and video are being used in real‑time calls and meetings, allowing fraudsters to impersonate executives and extract millions. Experts urge new verification procedures and provenance tools to restore trust in digital communications.
February 2026’s cybersecurity job roundup lists 26 open positions across 12 countries, ranging from cloud security engineers to senior threat‑intelligence analysts. The roles cover cloud, AI, OT, and zero‑trust specializations, with many offering hybrid or fully remote work. Employers span consulting...
Coupang, South Korea’s largest e‑commerce platform, obstructed a government investigation into a massive data breach by deleting access logs and other evidence. The Ministry of Science and ICT reports that a former staff engineer exfiltrated 25.6 terabytes of personal information, affecting...
The Ethereum Foundation is sponsoring a security engineer to work with the nonprofit Security Alliance (SEAL) on its new “Trillion Dollar Security” initiative, aimed at tracking and neutralizing crypto drainers targeting Ethereum users. The partnership includes a public dashboard that...
![[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt8a0a23d922e8040c/698a52efc397d867074bbec6/DRVE_Event_2060319.png?width=1280&auto=webp&quality=80&disable=upscale)
The virtual event "Shields Up" spotlights emerging technologies reshaping cybersecurity defenses, featuring a slate of on‑demand webinars that explore AI‑driven attack surfaces, ransomware supply‑chain risks, and AI‑powered threat hunting. Complementary white papers dive into admin‑rights removal, least‑privilege strategies, and real‑world...
New research: 3 big challenges facing security teams (and how to overcome them) | Cybersecurity Dive https://t.co/mN9t6BWiD6
The IETF‑ratified Registration Data Access Protocol (RDAP) has entered a rapid growth phase after the mandatory whois sunset on 28 January 2025. Who‑is queries fell 60 % while RDAP queries surged from 7 billion to 65 billion per month, overtaking whois by June 2025. Adoption now...
Tesla Vice President Raj Jegannathan announced his departure after a 13‑year tenure, most recently overseeing IT, AI infrastructure, business applications, and information security. He previously led North American sales following the dismissal of Troy Jones, a period marked by declining...
Scientists warn that quantum computers threaten today’s cryptographic defenses, and simply swapping libraries will not suffice. Researchers led by Lei Zhang propose a new discipline—Quantum‑Safe Software Engineering—and introduce the Automated Quantum‑Safe Adaptation (AQuA) framework. AQuA’s three‑pillar approach tackles PQC‑aware detection,...
Operational technology (OT) cyberattacks have so far been limited by attackers' lack of deep process knowledge, but experts warn that a shift toward "living‑off‑the‑plant" techniques could enable more damaging exploits. Recent ransomware spillovers into OT and incidents like the Norway...
FedRAMP 20x seeks to modernize federal cloud compliance by replacing static checklists with continuous validation through Key Security Indicators (KSIs). The initiative promises faster, more flexible authorization for SaaS providers, but progress is hampered by funding cuts, staff shortages, and...
Identity verification firm Entrust has announced a strategic partnership with Google Cloud to launch an AI‑powered solution that tackles rising identity fraud. The joint offering combines Entrust’s verification platform and fraud intelligence with Google’s Gemini AI models, threat intelligence, and...
Fortinet disclosed a critical vulnerability (CVE‑2026‑21643) in its FortiClientEMS product, earning a CVSS 9.1 rating. The flaw is an unauthenticated SQL‑injection that allows remote code execution via crafted HTTP requests. Only FortiClientEMS 7.4.4 is affected, and Fortinet recommends upgrading to...
A Georgia woman, Dechanta Benning, was sentenced to 70 months in federal prison for a mail‑theft‑related check fraud scheme. Prosecutors allege the scheme stole between $550,000 and $1.5 million by intercepting business checks, altering payees, and using mobile‑deposit technology. Benning opened...
Ripple announced new integrations with Securosys and Figment, bolstering its institutional custody platform with hardware security modules and staking capabilities. The upgrades let banks and custodians manage cryptographic keys on‑premises or in the cloud while offering staking on Ethereum, Solana...
Secure digital payment solutions are gaining traction as businesses and consumers prioritize fraud protection and operational efficiency. Innovations such as dynamic credentials, limited‑use authorizations, and virtual cards address data‑breach risks while simplifying expense oversight. These tools enable real‑time transaction monitoring,...
The episode explains what a Windows VPS is, why you’d choose it over Linux or shared hosting, and how to run it securely. It stresses that buying a Windows VPS also means buying responsibility for updates, access control, and backups,...
Mastercard’s Decision Intelligence Pro (DI Pro) uses a sub‑300 ms recurrent neural network to assign risk scores to each payment transaction in real time. The platform treats fraud detection as an "inverse recommender" problem, comparing current merchant behavior to historical patterns. By...
Utah is drafting comprehensive State‑Endorsed Digital Identity (SEDI) legislation that puts individuals in control of their cryptographic keys while the government acts only as an endorser. The policy relies on open standards, supports both long‑lived and short‑term credentials, and preserves...
Researchers from Shanxi University and the Chinese Academy of Sciences have unveiled a semi‑device‑independent quantum random number generator (QRNG) that tolerates device imperfections while resisting general attacks. By imposing only an energy bound on emitted quantum states and applying the...
Jim LaRoe, CEO of Symphion, warns that most enterprises only manage printers for uptime and cost, leaving them unprotected despite comprising 20‑30% of endpoints. He highlights an ownership vacuum, missing budget lines, and reliance on default configurations as core leadership...
Leidos announced the integration of its UpHold Armor platform with RegScale’s Continuous Controls Monitoring solution to strengthen cybersecurity across the Department of Defense and other federal agencies. The joint offering will initially roll out to the U.S. Air Force, automating risk...
The storage‑focused news ticker highlighted a wave of AI‑centric and security‑driven product launches, from Aerospike’s default Dynamic Data Masking to Cloudera’s on‑prem AI inference and Trino‑powered warehouse. Databricks secured a $5 billion equity round, reporting $5.4 billion ARR with strong AI revenue,...
A hacktivist identified as “wikkid” scraped more than 536,000 payment records from the stalkerware vendor Struktura, also operating as Ersten Group. The leaked dataset reveals customer email addresses, the specific surveillance app purchased, payment amounts, card type and last four...
LayerX researchers disclosed a zero‑click remote code execution flaw in Anthropic's Claude Desktop Extensions (DXT) that leverages Google Calendar events to trigger arbitrary code on the host system. The unsandboxed extensions, which operate with full system privileges, affect more than...
Ontinue’s February 9 report details VoidLink, a Linux‑based command‑and‑control framework that can infiltrate enterprise and multi‑cloud environments. The implant adapts to AWS, Azure, GCP, Alibaba and Tencent clouds, harvesting credentials, escaping containers and employing kernel‑level stealth via eBPF or loadable modules....
Aerospike released version 8.1.1, introducing native Dynamic Data Masking (DDM) for its high‑performance NoSQL database. The feature lets administrators define masking rules that hide personally identifiable information at the database layer, automatically applying to all users and machines except those...
In this episode, Global CISO Alex Shulman‑Peleg argues that the traditional, centralized security model is obsolete in the cloud‑native and AI‑driven era, advocating for a federated "freedom and responsibility" approach where engineers own security outcomes. He likens security to code...
Password attacks increasingly rely on targeted wordlists harvested from an organization’s public‑facing content rather than generic dictionaries or AI models. Tools like the open‑source CeWL crawler extract company‑specific terminology, which attackers mutate with common patterns to generate plausible passwords that...
First-party fraud passes every check. The data lines up; the customer's real. The problem is intent, and intent is difficult to quantify. First-party fraud is hard to detect because it's hard to define. A PSP sees risk. A merchant sees a refund. A...
The Maryland National Guard joined NATO’s Crossed Swords 25 cyber‑defense exercise with Estonian partners at the CCDCOE in Tallinn, Oct. 27‑Nov. 7, 2025. The drill hosted 240 participants from roughly 45 countries and focused on strategic command, AI‑assisted tactical operations, multi‑domain integration, public‑private coordination,...
OpenClaw has integrated VirusTotal scanning into its ClawHub marketplace to curb malicious AI skills. The workflow hashes each skill, checks VirusTotal signatures, and submits unknown bundles to Code Insight for deeper analysis, flagging or blocking threats. This move follows security...
Doubleplus good snapshot of where we are and what we need to do... KeyFlux | Trust Infrastructure https://t.co/BagFR3amVx "What Actually Works Treat machine identity as a first-class problem. Not an afterthought bolted onto service accounts." https://t.co/qc8L7FI6bh
DataBee, a Comcast company, unveiled DataBee RiskFlow™, an agentic AI layer that lets security and IT teams ask natural‑language questions about vulnerability, login risk, and compliance evidence. The tool interprets queries, pulls the relevant data from DataBee’s security fabric, and...
Outtake, a cybersecurity startup, announced a $40 million Series B round to accelerate its unified digital‑trust platform amid a surge in AI‑driven phishing and impersonation attacks. The round, led by ICONIQ and featuring investors such as Satya Nadella and Nikesh Arora, brings total capital...
January 2026 saw 34 cybersecurity M&A announcements, underscoring rapid consolidation in the sector. CrowdStrike led the pack, agreeing to acquire SGNL for $740 million and Seraphic Security for about $420 million, bolstering its identity and browser‑runtime defenses. Other notable deals include Delinea’s...
Traditional Identity Governance and Administration (IGA) has focused on compliance, but 99% of granted permissions remain unused, creating “Zombie Access”. This compliance‑only approach leads to rubber‑stamping, with 58% of access reviews ineffective, exposing organizations to insider threats. Integrating data governance...
On February 7, 2026, Huntress confirmed active exploitation of multiple critical vulnerabilities in SolarWinds Web Help Desk (WHD), including CVE‑2025‑40551 and CVE‑2025‑26399, which permit arbitrary code execution via untrusted deserialization. Attackers leveraged the flaw to install a Zoho ManageEngine remote‑management...
Retired Gen. Paul Nakasone, former NSA director and U.S. Cyber Command commander, discussed his doctrine of persistent engagement, its role in safeguarding recent U.S. elections, and the evolving cyber threat landscape. He highlighted the need for broader public‑private partnerships, a...
Two Connecticut men, Amitoj Kapoor and Siddharth Lillaney, were indicted on 45 federal counts for a multi‑year scheme that used roughly 3,000 stolen identities to open fraudulent accounts on FanDuel, DraftKings, BetMGM and other online gambling platforms. They purchased personal...
BeyondTrust has patched a critical pre‑authentication remote code execution flaw (CVE‑2026‑1731) affecting its Remote Support and Privileged Remote Access products. The vulnerability lets unauthenticated attackers run OS commands on vulnerable on‑premise deployments. SaaS customers received the fix on February 2 2026, while...
A new open‑source repository provides a minimal, standards‑driven authentication stack for Cloudflare Workers, featuring PBKDF2‑SHA384 password hashing, a dual‑token JWT scheme, and strict TypeScript typing. The implementation follows NIST SP 800‑63B, NIST SP 800‑132, OWASP ASVS, and RFC 8725, and includes over 250...
Hackers have revamped ClawHub skill attacks by removing embedded malware and instead using clean SKILL.md files that lure users to counterfeit OpenClawCLI download sites. The malicious payload is hosted on look‑alike domains and fetched via an obfuscated bash command, allowing...
OpenAI has refreshed its Europe‑facing privacy policy to align with the November 2024 EU revisions. The new document expands coverage to include files, images, audio, video, and contact data, while adding clearer sections on user controls such as opting out of...
Baobab Insurance, a German cyber‑focused MGA, has broadened its underwriting capacity through an expanded partnership with global reinsurer SCOR. The SCOR syndicate at Lloyd’s now backs Baobab’s binder for companies with up to €1 billion in annual revenue across Germany and...
Iran’s government imposed a near‑total internet shutdown on Jan 8, temporarily crippling even its domestic National Information Network (NIN). Researchers observed that the abrupt blackout deviated from the regime’s refined playbook, suggesting panic or technical failure. The NIN, controlled largely by...
CISOs are urged to move past traditional compliance checklists and adopt a risk‑first strategy that anticipates emerging threats such as AI‑driven attacks, third‑party vulnerabilities, and future quantum risks. While standards like HIPAA, SOC 2, and ISO 27001 provide a useful baseline, they...
People Playground’s Steam Workshop was compromised in early February 2026 when a malicious mod called “FPS++” acted as a worm, deleting user data and spamming workshop items. The malware erased configurations, maps, and stats while preserving playtime, leaving achievements unrecoverable....
Regulators are intensifying enforcement of off‑channel mobile communications, forcing firms to capture, supervise, and retain messages. Traditional compliance programs rely on blanket device lockdowns, which push employees toward unapproved consumer apps and increase risk. Theta Lake and other vendors advocate...
Microsoft is investigating a fault in Exchange Online that began on February 5, causing legitimate emails to be flagged as phishing and quarantined. The problem stems from a newly deployed URL rule that incorrectly labels benign links as malicious. The issue...
