Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
How CISOs Can Thrive Amidst Geopolitical And Economic Uncertainty
Forrester’s 2026 report warns that CISOs now operate amid heightened geopolitical conflict, economic volatility and AI‑driven attack surfaces. It urges security leaders to embed AI protection in core budgets, streamline overlapping controls, and adopt visible change‑leadership practices. The report also stresses expanding enterprise risk management to cover partner ecosystems and state‑sponsored threats. These recommendations aim to help security executives sustain protection while navigating tighter spending and a rapidly evolving threat landscape.
Cyberattack at French Identity Document Agency May Have Exposed Personal Data
France’s National Agency for Secure Documents (ANTS) suffered a cyberattack on its portal that manages passports, ID cards, residence permits and driver’s licences. The breach, detected on April 15, may have exposed login credentials, names, email addresses, dates of birth and...
Do Salesforce Customers Have a Security Problem?
Over the last twelve months, a wave of data breaches linked to Salesforce‑hosted customer data has exposed millions of records from companies such as Grubhub, Loblaw, Hallmark and Google. The attacks, largely attributed to permissive org settings, social‑engineering and human...
The Backup Myth that Is Putting Businesses at Risk
Businesses often equate backup with protection, but backup only restores data after an outage, leaving operations stalled. Research shows downtime costs average $9,000 per minute, or $540,000 per hour, making rapid recovery essential. While 60% of firms believe they can...
NIST Is Cataloging so Many Vulnerabilities It Can only Assign Severity Scores to the Highest Priority Threats
The National Institute of Standards and Technology (NIST) announced a major overhaul of its National Vulnerability Database (NVD) enrichment process after CVE submissions surged 263% between 2020 and 2025. Starting April 15, NIST will assign full severity scores only to...
Secure Your Crypto: Essential Practices for Maximum Protection
Crypto Security Checklist - High Security Email for important accounts (Protonmail) - Always use 2FA (never mobile 2fa) - Level 1 Data (Seed phrases, passwords high security emails): paper or metal in fireproof safe, never digital. - Level 2 Data (account passwords): unique and...
Six Years After “DeFi Summer” Is the Sun Already Setting on the Decentralized Finance Revolution?
A series of high‑profile hacks – KelpDAO’s $292 million rsETH exploit, Drift’s $285 million privileged‑access breach, and Venus’s $14.9 million loss – triggered an estimated $10 billion outflow from DeFi over a single weekend. The attacks exposed vulnerabilities in governance, cross‑chain bridges, and operational...
What Is Configuration Drift, and How Can Governments Manage It?
Configuration drift—unintended divergence from approved cloud baselines—is emerging as a top security risk for state and local governments adopting hybrid and multicloud environments. The drift stems from manual tweaks, rapid automated updates, and fragmented governance across diverse platforms. IBM’s CTO...
I Tried to Wipe My Digital Footprint without Paying for a Data Removal Service - 5 Free Ways
The article outlines how data brokers legally collect personal details from public records, apps and social media, then sell them to third parties. While opting out is possible, the process is fragmented, requiring separate requests and identity verification for hundreds...
AI Security Fundamentals Unchanged, Just Faster and Messier
I keep hearing “AI security is different.” Not sure I buy that. Most of what teams are dealing with looks very familiar, just faster and messier. Shadow AI, identity, third parties. We’ve seen all of this before. The tooling changed. The fundamentals didn’t.
Why the Axios Attack Proves AI Is Mandatory for Supply Chain Security
Two weeks ago a suspected North Korean group injected malicious code into the widely used Axios JavaScript library, which averages about 100 million weekly downloads across enterprises, startups and government agencies. An Elastic researcher identified the compromise within minutes using an...
Minidoka Memorial Hospital Updates Easter Morning Cyberattack
Minidoka Memorial Hospital in Rupert, Idaho experienced a cyber incident on Easter morning, April 5, that temporarily disabled imaging services and forced the transfer of some emergency patients. The hospital’s clinics continued treating patients, and a follow‑up update on April 17 confirmed...
Cloudflare Wants to Rebuild the Network for the Age of AI Agents
Cloudflare announced a suite of services at its Agents Week to make autonomous AI agents first‑class network clients. The flagship offering, Cloudflare Mesh, provides a private IP space that lets agents, Workers and devices communicate bidirectionally without VPNs or SSH...
ENISA Moves to Top‑Level Global CVE Authority, Shifting Vulnerability Governance
The European Union Agency for Cybersecurity (ENISA) announced its bid to become a Top‑Level Root CVE Numbering Authority by late 2026, a move that would give Europe a permanent seat on the CVE Program Board and diversify the traditionally US‑centric...
TechCreate Group Ltd. And pQCee Intend to Collaborate on One of the First Quantum-Safe QR Hybrid POS Terminal
TechCreate Group Ltd. announced a partnership with quantum‑security firm pQCee to embed NIST‑approved post‑quantum cryptography into its QR‑Hybrid point‑of‑sale terminals. The collaboration will replace vulnerable RSA and ECC algorithms with quantum‑safe encryption, aiming to thwart harvest‑now‑decrypt‑later attacks. Both companies plan...
Tom Wetzel, AI for Insurance Agents and Cyber Crime Expert - PIR Ep. 806
In this episode, Tom Wetzel, president of Thomas H. Wetzel & Associates, discusses the rapid rise of AI‑driven cybercrime targeting insurance agents and their supply‑chain vendors. He explains how generative AI tools like WormGPT enable even low‑skill criminals to launch...
Breach at BE PRIME Cybersecurity Company Exposes Client Data and Surveillance Systems; Be Prime Threatens Journalists
Mexican cybersecurity firm BePrime confirmed a breach that exposed roughly 12.6 GB of client data and video‑surveillance feeds. The attacker claims they accessed administrator accounts that lacked multi‑factor authentication, a basic security control. BePrime’s response included a press release threatening legal...
Security Keys: The Most Secure Way to Log In
Physical security keys such as YubiKey provide the strongest form of multi‑factor authentication, protecting accounts from phishing, SIM‑swap and code‑interception attacks. They can function as a traditional second factor or enable password‑less login via FIDO2 passkeys. Users should deploy multiple...
Attackers Abuse Microsoft Teams to Impersonate the IT Helpdesk in a New Enterprise Intrusion Playbook
Microsoft’s security research reveals a new intrusion playbook where threat actors exploit Microsoft Teams’ cross‑tenant chat feature to impersonate IT helpdesk staff. By convincing employees to grant remote access through legitimate tools, attackers bypass traditional phishing filters and blend into...
Planning for Cyber Defense of Critical Urban Infrastructure
Cybersecurity for critical urban infrastructure has become a public‑safety priority as ransomware attacks increasingly target city services, especially water and transportation systems. Attackers exploit phishing and weak user credentials, often encrypting data and demanding cryptocurrency payments. Municipalities frequently lack robust...
Vercel Confirms Security Incident as Threat Actor Claims Stolen Data for Sale
Vercel, the cloud development platform behind Next.js, confirmed an unauthorized intrusion into internal systems after a hacker group claimed to be selling stolen data. The threat actor, linked to ShinyHunters, posted a sample dataset of 580 employee records and alleged...
British Scattered Spider Hacker Pleads Guilty in the US
A 24‑year‑old British hacker, Tyler Robert Buchanan, pleaded guilty in a U.S. federal court to conspiring with the Scattered Spider group to infiltrate dozens of corporate networks and steal cryptocurrency. He employed SMS‑phishing and SIM‑swapping attacks to harvest employee credentials,...
Hackers Exploit Vercel’s Trust in AI Integration
Vercel disclosed a data breach after a compromised third‑party AI tool, Context.ai, abused OAuth to hijack a Google Workspace account. The attackers accessed a limited set of customer credentials and unmarked environment variables, prompting Vercel to advise credential rotation. Threat...
Indian Agency Arrests Key SIM Card Supplier of a Broader Cyber Fraud Network
India’s Central Bureau of Investigation (CBI) arrested a key conspirator in Guwahati who supplied roughly 10,000 fraudulently obtained SIM cards to cyber‑criminal networks, a major step in the ongoing Operation Chakra‑V. The suspect allegedly transferred about ₹67 lakh (≈ $80,000) through multiple...
Pilot Blocks More than 2 Million Phishing Attempts
The Dutch Anti‑Phishing Shield pilot, launched in July 2025, has blocked more than 2 million phishing attempts. Phishing accounts for 91% of cyber attacks, contributing to 25 million victims in the Netherlands. The initiative unites telecoms, broadband operators, police, the Dutch Banking Association...
Solar Inverter Advancements Stress Growing Need for Cybersecurity
The solar industry is moving to formalize cybersecurity for inverters as their connectivity expands. The Solar Energy Industries Association’s February report calls for a domestic manufacturing base and endorses UL 2941, a new multi‑layered security standard developed by NREL and UL...
Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims
A Florida cyber‑incident response negotiator, Angelo Martino, pleaded guilty to conspiring with BlackCat/ALPHV ransomware operators to steal confidential client data and launch attacks on U.S. companies in 2023. By feeding insurers' policy limits and negotiation tactics to the attackers, he helped...
SBC Summit Malta Focuses on Compliance, Risk and Operational Resilience
The SBC Summit Malta, slated for April 29‑30, 2024, will spotlight an ‘Operations and Compliance’ stage aimed at bolstering security, fraud prevention, and regulatory readiness. The two‑day event gathers C‑level leaders, security and fraud experts, and regulators to share best...
Hackers Abuse QEMU for Defense Evasion
Security firm Sophos has identified a rise in the misuse of the open‑source QEMU emulator by threat actors to facilitate ransomware and remote‑access operations. In campaign STAB4713 linked to the PayoutsKing ransomware, attackers leveraged QEMU to create reverse‑SSH tunnels after...
LayerZero Post Mortem Shows Lazarus Group Stole $290M From KelpDAO via RPC Node Compromise
On April 18, 2026, North Korea’s Lazarus Group stole roughly $290 million from KelpDAO’s rsETH bridge by compromising two LayerZero RPC nodes that feed the protocol’s verifier. The attackers injected malware that supplied false transaction data only to the verifier while keeping external...
Bluesky Disrupted by Sophisticated DDoS Attack
Bluesky, the decentralized microblogging platform, suffered a distributed denial‑of‑service attack that began late on April 15 and persisted for roughly 24 hours, causing intermittent outages across feeds, notifications, threads, and search. The company reported no evidence of data theft and said it...
Data Authenticity & Accountability Crucial in the AI Age
Data authenticity has become a cornerstone of AI deployment as deepfake and synthetic‑data threats rise, exposing firms to fraud, litigation and reputational damage. The EU’s new digital omnibus aims to streamline AI, cybersecurity and data rules, promising roughly $6 billion in...
Aikido Launches Endpoint to Secure AI-Native Developer Workflows
Aikido Security unveiled Aikido Endpoint, a lightweight agent that secures developer workstations by scanning and blocking malicious packages, IDE extensions, and AI tools before they reach the filesystem. The solution leverages Aikido Intel, a threat‑intelligence feed that evaluates nearly 100,000...
AI Fuels Wireless Talent Shortage
Enterprise networks are grappling with a severe wireless talent shortage, with 86% of organizations unable to find qualified staff. The shortage is amplified by AI‑driven workloads and IoT expansion, driving operational complexity and higher security incident costs—averaging $21.2 million annually for...
C-DOT, Jumps Automation Partner to Develop Gamified Cybersecurity Awareness Platform
The Centre for Development of Telemetics (C‑DOT) has signed an MoU with Jumps Automation LLP to create a gamified cybersecurity awareness platform delivered as a commercial‑grade SaaS. The solution will combine a gaming arena, leaderboards, LMS, discussion forums and realistic...
The Architecture of Trust: How Enterprises Can Safely Deploy PII in LLMs
Enterprises can now safely process personally identifiable information (PII) within large language models by embedding the models in a purpose‑built protective architecture. The approach combines a fine‑grained entitlement layer that classifies and enforces access rules, end‑to‑end encryption that keeps data...
Musk and Former X CEO Under Investigation by French Cybercrime Authorities
Elon Musk and former X chief Linda Yaccarino were summoned by Paris’ cyber‑crime unit for voluntary interviews about the platform’s AI chatbot Grok. The probe, launched after a February raid on X’s French office, now includes allegations of fraudulent data...
Day 158: User Behavior Analytics - Catching the Insider Threat
The post outlines building a User Behavior Analytics (UBA) system that learns normal employee activity and flags anomalies in real time. By establishing a behavioral baseline, the solution can spot insider threats such as off‑hours server access or sudden data‑exfiltration...
DWP’s £300m Pensions Dashboard Scheme Commissions Security Review Ahead of Provider Connections
The Department for Work and Pensions’ £300 million (≈ $381 million) Pensions Dashboards Programme has commissioned a £50,000 (≈ $63,500) security review as it approaches a six‑month deadline for private‑sector pension providers to connect. Leeds‑based cyber consultancy tmc3 will assess the security of the...
Vercel Discloses Breach Impacting Internal Systems and Limited Customers
Vercel announced that unauthorized actors accessed its internal systems, affecting a limited subset of customers. The company has engaged incident‑response experts and law enforcement while urging customers to review logs and rotate secrets. The breach raises fresh concerns about supply‑chain...
Proof‑based Protocols and Diversity Essential for Long‑term Security
This is the kind of attack that many people in blockchain security had long expected. This is why proof based protocols, multiple, operator diversity etc matter. The challenge with security is that it’s a super long game and it’s hard to convince...
Context.ai’s SOC2 Audit Traced Back to Delve
I’ve confirmed that Context .ai was “audited” by Delve for SOC2 Redirects now deleted but https://t.co/o3dRukNdBn used to redirect to Delve themselves You cannot make this up…
One Login: GDS to Create ‘Easily Digestible Version’ of Privacy Impact Report
The UK Government Digital Service (GDS) announced it will publish an "easily digestible" version of the Data Protection Impact Assessment (DPIA) for the GOV.UK One Login by the end of 2026, though the full unedited report is unlikely to be...
Breach Discovered by Customer Undermines Trust
Few things are more embarrassing for any company than to only learn from your customer that you have been breached. It's what happened with Context ai. Vercel acted as their security team. This could well be a business-ending event, as it shows the...
Tech Firms Shield Datacenter Metrics, Thwart EU Transparency Push
So, the EU commission wanted to oblige datacentre operators to report data on key performance indicators. But then tech companies successfully "pushed to classify all individual information on datacentres as confidential, citing commercial interests" https://t.co/qmPgzunR0w
Physicist Warns Quantum Breakthrough Could Threaten Bitcoin by 2029
Chris Tam, director of BTQ Technologies, warned that recent quantum computing progress could make Bitcoin's cryptography vulnerable by 2029, far earlier than earlier estimates. The warning has reignited a split in the crypto world between those urging immediate upgrades and...
Over 20 iOS Crypto Wallets Hijacked by FakeWallet
More than 20 malicious crypto-wallets for iOS: how the FakeWallet crypto-stealer is spreading through the App Store: https://t.co/SSkqda8UH5 https://t.co/efDIdCmpRh
Rushing AI Deployment Sacrifices Security for Speed
The push to deploy AI creates security gaps, as speed is prioritized over proper testing. https://t.co/yz4Sdmq27H
Cloud Platform Admits Non‑sensitive Data Breach, Customers Notified
Cloud development platform confirms theft of "non-sensitive data" and says customers were already notified. https://t.co/H2ODt6Fsuz
Rethinking Cybersecurity Acronyms for Modern Success
Cyber security has many acronyms to measure success but are these still fit for purpose today? https://t.co/OweXT5eLQr