Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Cybersecurity Pulse
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
Reality Defender to embed deep‑fake detection in Orange Business services
U.S. AI‑security firm Reality Defender has signed a deal to integrate its multimodal deep‑fake detection technology into Orange Business, the enterprise arm of French telecom Orange. The integration will protect video‑conferencing, contact‑center and voice‑telephony services with real‑time, API‑driven analysis of audio, video, images and documents.
In this episode, Dr. Adam Lowe of CompoSecure/Arculus and fraud analyst Suzanne Sando discuss the surge in AI‑driven financial fraud and why traditional passwords are no longer sufficient. They highlight how retailers like eBay and Amazon are moving to password‑less passkeys and argue that banks should adopt similar zero‑trust authentication to curb account takeovers and improve user journeys. The guests explain that passkeys, embedded in cards or devices, offer cryptographic security that resists phishing, deepfakes, and spoofed biometrics, while also preserving customer experience and revenue. Finally, they stress the need for clear consumer education and buy‑in to ensure widespread adoption of stronger authentication methods.
France's data protection authority (CNIL) has imposed a €5 million fine on the national employment agency, France Travail, for a massive data breach. The breach, discovered in early 2024, exposed personal details of up to 43 million job seekers, including names, birth...
The Hunt.io team uncovered an openly accessible directory on IP 38.255.43.60 that hosts the complete BYOB (Build Your Own Botnet) framework, a sophisticated post‑exploitation tool targeting Windows, Linux and macOS. The infrastructure includes five C2 nodes across the United States, Singapore...
The FBI’s seizure of the RAMP cybercrime forum underscores law‑enforcement pressure on underground marketplaces, while Meta confronts a U.S. lawsuit alleging unauthorized access to WhatsApp messages. CISA published its first list of post‑quantum cryptography‑compatible products, urging organizations to prepare for...
Agentic shopping leverages AI‑driven assistants to automate the checkout process, eliminating the manual steps that traditionally generate rich behavioral data. By bypassing page‑level interactions, these autonomous flows erase signals such as mouse movement, dwell time, and device fingerprinting that fraud...
The Identity Theft Resource Center recorded a record 3,332 data compromises in the United States for 2025, a 5 % rise over the previous year. Despite more incidents, victim notices fell sharply to 279 million, the lowest level since 2014, as the...
The Identity Theft Resource Center’s 2025 breach report shows financial services endured 739 data compromises, the highest of any sector for a second straight year. Physical card‑skimming attacks resurfaced as “Skimming 2.0,” with Bluetooth‑enabled overlay devices driving incidents from four to...
Databricks unveiled BlackIce, an open‑source Docker‑based toolkit that bundles 14 leading AI security utilities into a single, reproducible environment. By containerizing both static command‑line tools and dynamic Python‑driven frameworks, BlackIce removes the setup friction and dependency clashes that have long...
Microsoft announced that starting March 27 2026, Conditional Access policies in Microsoft Entra will be enforced during sign‑ins even when resource exclusions are configured, with a phased rollout through June 2026. The change specifically targets sign‑ins from client applications that request only OIDC...
N‑able unveiled AI‑enhanced capabilities across its endpoint management, security operations, and data‑protection suite. Leveraging telemetry from over 11 million managed devices and a network of 25,000+ service providers, the company now offers agentic AI that automates scripting, threat detection, and recovery...
Brian Honan’s article in the Irish Examiner warns Irish small businesses and families that dependence on US‑based technology platforms can jeopardise digital sovereignty. He cites scenarios where tariffs, sanctions or policy shifts could abruptly block access to email, documents or...
BH Consulting’s CEO Brian Honan was featured in Security Week, outlining the firm’s view of the top cybersecurity priorities for 2026. The piece highlights BH Consulting’s 20‑year track record, ISO‑27001 certification, and its portfolio of services including CISO/DPO as‑a‑service, audits...
Cybercriminals are leveraging Google Search Ads to distribute macOS malware by directing users searching for “mac cleaner” to counterfeit Apple‑styled landing pages. The ads, hosted on compromised Google Ads accounts, redirect to Google Apps Script pages that decode Base64 payloads...
Tosi has launched a purpose‑built OT platform that consolidates connectivity, visibility, and security into a single console. The offering includes Tosi Control for fleet management and real‑time status, with Tosi Insight adding traffic analytics and anomaly detection, and a full...
Sumsub has introduced AI Agent Verification, a new layer that ties AI‑driven automation to a verified human identity through its Know Your Agent framework. The solution detects automated activity, evaluates its risk, and triggers targeted liveness checks when needed, ensuring...
cside has launched VPN Detection, a solution that identifies and manages traffic routed through virtual private networks. Unlike traditional IP‑list methods, it analyzes network behavior, browser fingerprints, and packet timing across OSI layers three to seven. The tool aims to...
Enterprises face escalating operational downtime risk, prompting CISOs to prioritize three strategic decisions. First, adopt STIX/TAXII‑compatible threat intelligence feeds that deliver fresh, high‑quality indicators, boosting detection rates by up to 58 %. Second, eliminate noisy false positives to protect analysts from...
Google has agreed to a $135 million settlement to resolve a class action alleging Android devices transmitted system‑service data over cellular networks without user consent. The lawsuit, spanning over five years, claimed background data transfers drained users’ plans starting in November...
US neobank Kontigo, a stablecoin bank serving Latin America, suffered a cyber attack that impacted 1,005 users and resulted in the loss of 340,905.28 USDT. The breach exploited a flaw in the Auth provider’s Apple OIDC authentication flow, allowing attackers...
The UK cybersecurity workforce has exploded, rising 194% between December 2021 and June 2025 to reach 83,700 professionals. This makes cyber the fifth‑fastest‑growing occupation and the most rapidly expanding IT role, outpacing the sector’s average 9.6% growth. Despite the surge, a talent...
The European Union has launched the Global Cybersecurity Vulnerability Enumeration (GCVE.eu) database, aggregating advisories from over 25 public sources into a single, searchable platform hosted by Luxembourg’s CIRCL and co‑funded by the EU’s FETTA project. The initiative aims to mitigate...
Phone numbers are increasingly used as digital identifiers for account recovery, two‑factor authentication, and user verification, making them a prime target for attackers. The article outlines how numbers become publicly accessible through social profiles, directories, data breaches, and app permissions....
Email senders increasingly encounter DNS‑based Real‑Time Blackhole Lists that block IPs suspected of spam, phishing, or compromised servers. When an IP lands on a blacklist, major ESPs reject or filter messages, causing bounce errors, silent drops, and plummeting engagement metrics....
Cyber InsurTech at a crossroads ? → https://t.co/lkwru1czZC This reflects the largest round announced recently, which happened to come from a cyber InsurTech startup. https://t.co/NIanaOZPp2
A coordinated cyber‑attack wave hit Bumble, Panera Bread, Match Group and CrunchBase, with the hacker group ShinyHunters claiming responsibility. The intrusions stemmed from phishing and vishing tactics that compromised contractor or employee credentials, granting brief, limited access to internal networks....
A new Python‑based Remote Access Trojan, dubbed PyRAT, has been identified as a cross‑platform threat capable of compromising both Windows and Linux systems. The malware leverages Python’s portability, compiling into ELF and PE binaries, and employs lightweight persistence mechanisms—XDG autostart...
NIST’s Center for AI Standards and Innovation released a formal Request for Information targeting secure practices for autonomous AI agents, signaling a shift from broad, principle‑based AI risk guidance to concrete, operational controls. The agency highlighted the limits of treating...
Matanbuchus, a C++‑based downloader sold as Malware‑as‑a‑Service since 2020, has evolved into a modular backdoor platform with its latest 3.0 release featuring heavy obfuscation, ChaCha20‑encrypted strings, and Protobuf‑encoded C2 traffic. The malware leverages DLL sideloading through a malicious HRUpdate.exe MSI...
In this episode, the hosts dissect recent social‑engineering attacks, covering a Verizon outage‑related credit scam, a rare case where a victim recovered nearly $1 million after a cyber fraud, and a surge of Ozembic/GLP‑1 weight‑loss drug scams targeting Wisconsin consumers with...
Standard Chartered CISO Shebani Baweja explains cyber resilience as an extension of information security focused on recovery, trust, and continuity during severe incidents. She highlights three priority areas: managing third‑party risk, preparing for emerging threats like AI‑driven attacks, and embedding...
APIs have become the backbone of digital business, but they also represent the most frequent attack vector for enterprise web applications, according to Gartner. The guide outlines common vulnerabilities such as broken authentication, excessive data exposure, and rate‑limiting gaps, and...
ImmuniWeb reported an all‑time sales record for 2025, maintaining double‑digit year‑over‑year growth while staying profitable. The company rolled out four major AI Platform updates, adding AI‑specific testing for web, mobile, API, LLM vulnerabilities and post‑quantum encryption readiness. Independent ISO 9001 and...
NSFOCUS announced an upgraded AI LLM Risk Threat Matrix, adding 14 new threat categories that focus on AI agent, multimodal, and Multi‑Agent Communication Protocol (MCP) vulnerabilities. The matrix expands coverage across identity, application, model, data, and infrastructure security throughout the...
TRM Labs reports a five‑fold surge in large language model‑powered scams in 2025, propelling AI‑generated deepfakes, voice clones and synthetic images into mainstream fraud. Crypto theft amounted to $35 billion, a slight dip from 2024, while illicit crypto wallet inflows jumped...
Regtech firm Prove says identity verification is evolving from a single, static check to a continuous, adaptive process. The shift is driven by deepfake threats, AI‑powered fraud, real‑time payment demands, and multi‑device interactions. Prove argues that dynamic verification can maintain...
The UK government announced a sweeping reform of policing that will create a new National Police Service, modeled after the FBI, to lead the fight against cybercrime, fraud and other internet‑enabled offenses. The proposal consolidates responsibilities currently spread across dozens...
OPNsense released version 26.1, code‑named Witty Woodpecker, enhancing firewall management, traffic visibility, and automation interfaces. The update revamps the live firewall log, redesigns the firewall rules UI, and expands API coverage to include Source NAT tagging and Destination NAT port...
The SEC is drafting rules that will require public companies to disclose their cybersecurity controls as part of regular financial reporting. This links cyber risk directly to compliance, forcing firms to treat security as a core reporting element. The article...
Coupang, South Korea’s e‑commerce powerhouse with $35 bn in sales, suffered a massive data breach that has escalated into a diplomatic dispute. U.S. officials, backed by allies in the Trump administration, are pressing for tighter security controls on the firm’s handling...
Researchers from Korea Institute of Science and Technology and Yonsei University introduced a universal operational privacy framework for distributed quantum sensing. The framework defines privacy through the experimentally accessible classical Fisher information matrix, making it protocol‑independent and applicable to singular...
Open Banking’s latest financial‑crime report shows fraud rates of just 0.013 % of transactions, far below the 0.045 % industry average, and an improved performance versus 2024. While overall fraud remains low, Authorised Push Payment (APP) scams now represent 74 % of Open...
Researchers from NYU Abu Dhabi introduced a recurrent Private Set Intersection (PSI) protocol tailored for unbalanced databases. The solution combines leveled Fully Homomorphic Encryption with cuckoo hashing, delivering real‑time performance for repeated small‑set queries against a large set. Benchmarks using...
A new UserEvidence survey of 506 security leaders reveals that while 80% of organizations have security and DevOps teams sharing observability tools, only 45% feel the teams are very aligned on tooling and workflows. Most respondents (93%) use three or...
Modern enterprises face escalating identity challenges as employees and automated workloads proliferate across SaaS, micro‑services, and multi‑cloud environments. Single Sign‑On (SSO) centralizes human authentication, reducing password fatigue and providing a unified audit trail, while federated identity extends access across organizational...
.jpg?height=635&t=1769625646&width=1200)
Enterprise security in 2026 is defined by the merging of cyber and physical domains, the rise of AI as both an attack accelerator and defense multiplier, and the recognition that cloud outages are now security incidents. Recent incidents like the...
The Victoria Department of Education suffered a data breach that exposed personal information of current and former students, prompting a privacy investigation. The breach highlighted longstanding issues in public‑sector access governance, such as dormant accounts and overly broad permissions. Attackers...
Fortinet has confirmed that the FortiCloud Single Sign‑On (SSO) authentication bypass vulnerability (CVE‑2026‑24858) is being actively exploited in the wild. The flaw, rated 9.4 on the CVSS scale, affects FortiOS, FortiManager, FortiAnalyzer and FortiProxy, allowing attackers with a valid FortiCloud...
Moltbot, an open‑source AI coding assistant with over 85,000 GitHub stars, has no official Visual Studio Code extension, yet a counterfeit "ClawdBot Agent – AI Coding Assistant" appeared on the Marketplace. Published on January 27 2026, the malicious extension automatically runs on IDE launch...
On one hand we should expect many open source models to get great at computer use because of clawdbot proving demand On the other hand random free oss models controlling millions of computers sounds like a nightmare
Service accounts are non‑human identities that power cloud, container and CI/CD workloads, but they often rely on static, long‑lived credentials. Over‑privileged and poorly managed accounts generate a majority of cloud security alerts and have been leveraged in high‑profile breaches such...
