Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Cybersecurity Pulse
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
Ransomware and supply‑chain breaches surge across sectors
The Cyber Express reports a sharp rise in ransomware incidents and supply‑chain compromises across multiple industries. Notable breaches include a ransomware intrusion at Hasbro, a malicious package update that hit AI startup Mercor via the LiteLLM project, and a North Korean‑linked attack on the Axios JavaScript library.
Microsoft is investigating Windows 11 boot failures marked by the UNMOUNTABLE_BOOT_VOLUME stop code after the January 2026 Patch Tuesday cumulative update (KB5074109). The problem impacts Windows 11 version 25H2 and all editions of version 24H2 on physical devices, displaying a black crash screen and requiring manual recovery. Microsoft has asked affected users to submit feedback through the Feedback Hub while it determines whether the issue is a regression. In parallel, the company released an emergency out‑of‑band update to address Outlook PST freezes in cloud‑linked environments.
Coinbase announced the creation of an Independent Advisory Board on Quantum Computing and Blockchain, staffed by leading researchers from Stanford University and the University of Texas at Austin, including Scott Aaronson and Dan Boneh. The board will develop position papers...
Government CISOs are being urged to reframe cybersecurity discussions around financial fraud and AI‑generated scams rather than traditional technical jargon. Pandemic‑relief programs alone saw over $300 billion in fraudulent payments, while consumer fraud hit $12.5 billion in 2024, underscoring the fiscal stakes....
Security Affairs’ Malware Newsletter Round 81 curates the latest threats and research across the malware landscape. Highlights include the emergence of AI‑generated malware frameworks such as VoidLink, sophisticated evasion tactics like PDFSIDER’s DLL side‑loading, and supply‑chain abuse via a malicious...
Carahsoft Technology Corp. has signed a Master Government Aggregator partnership with Cyber Intell Solution to distribute the patented CISEN‑SDN‑PQC quantum‑resistant platform to U.S. federal, state and local agencies. The collaboration leverages the ITES‑SW2 contract (W52P1J‑20‑D‑0042) and additional procurement vehicles to...
Microsoft issued emergency out‑of‑band (OOB) updates on Saturday to address a critical Outlook freeze affecting PST files stored in cloud services such as OneDrive and Dropbox. The problem, introduced by the January 2026 Patch Tuesday roll‑out, caused Outlook to become...
Google reported a widespread Gmail outage on January 24, 2026, affecting spam filtering and email classification. The issue began around 5 a.m. Pacific, causing promotional and social messages to appear in the Primary inbox and legitimate emails to trigger spam warnings....
Non‑Human Identities (NHIs), or machine identities, are becoming the backbone of AI‑driven cybersecurity operations. By pairing encrypted secrets with server‑granted permissions, NHIs function like digital passports that enable secure automated interactions. AI enhances NHI management through real‑time threat analytics, lifecycle...
AI security is shifting focus toward Non‑Human Identities (NHIs), the machine credentials that underpin modern cloud and AI workloads. Organizations confront challenges in discovering, classifying, and governing these identities, which lack the natural lifecycle of human users. Emerging solutions integrate...
Non‑Human Identities (NHIs) are machine credentials that now underpin most cloud‑native environments. Effective NHI management couples secret rotation, permission controls, and continuous monitoring to reduce breach risk and streamline compliance. Organizations that automate discovery, classification, and remediation see faster incident...
Non‑human identities (NHIs) or machine identities are becoming central to digital secrets management, especially as enterprises expand across hybrid cloud environments. Effective NHI platforms automate discovery, lifecycle handling of secrets, and real‑time monitoring, reducing breach risk and compliance burdens. AI...
Ilya Grigorik explains that over half of web traffic now comes from bots, dividing them into good (search), grey (AI training/fetchers) and bad (malicious scrapers) and urging e‑commerce teams to treat this "post‑human" reality as a core business concern. He...
The article evaluates enterprise‑grade cybersecurity platforms, outlining key criteria such as AI/ML capabilities, coverage breadth, autonomous response, total cost of ownership, and scalability. It reviews five leading solutions—Darktrace, CrowdStrike, SentinelOne, Palo Alto Networks, and Microsoft Defender—detailing each vendor’s strengths and...
Plaid reported a 55% increase in new European customers and a 53% annual rise in UK open‑banking payments as it expands its footprint across the continent. The fintech data‑connectivity provider added virtual‑account processing for over half of its European transactions...
Tech and AI lead the global risk landscape as they increasingly expand the attack surface. The good news? The same tools can help us move faster, see more clearly, and respond at scale. Our Risk & Security Outlook explores what's...
Metriport, a YC‑backed open‑source platform that moves patient data for over 300 million individuals, is hiring a senior security engineer in San Francisco. The role will harden its HIPAA‑compliant infrastructure, building audit‑logging, RBAC, and security policies. The company reports multi‑million ARR,...
Given how aggressively the government has pursued Hannah Natanson and the Washington Post, it would not surprise me if Google and Proton also received subpoenas for access to her accounts.
The article contrasts two CISO archetypes—the Watchmaker, who builds tightly controlled, auditable security frameworks, and the Gardener, who cultivates an adaptive, culture‑driven security ecosystem. Each style offers distinct strengths: predictability and strong foundations versus flexibility and empowerment. However, both suffer...
Researchers at NDSS 2025 introduced Laputa, a framework that adds fine‑grained policy enforcement to Apache Spark by inspecting physical execution plans. The system isolates Spark workloads using confidential computing compartments, protecting data from malicious users and compromised cloud managers. Laputa’s...
Institutional perception of self‑custody is shifting from a retail‑only risk to core crypto infrastructure. New hardware wallets, multi‑party authorization, and non‑custodial delegation let firms retain direct asset control while satisfying compliance requirements. Proof‑of‑Stake networks now support staking without transferring ownership,...
North Korean hacker group Konni, linked to APT37, is deploying AI‑generated PowerShell malware to infiltrate blockchain developers. The campaign uses Discord‑hosted links that deliver a ZIP file containing a PDF lure and a malicious LNK shortcut. The shortcut triggers a...
The article contrasts modern Dynamic Application Security Testing (DAST) with traditional and AI‑driven penetration testing, highlighting how AI‑powered tools are built on advanced DAST architectures. Modern DAST now offers CI/CD integration, business‑logic testing, and a graph‑based knowledge model that feeds...
Telehealth platform Call‑On‑Doc is accused of a data breach that may have exposed more than 1.1 million patient records, according to a listing on a hacking forum. The alleged leak includes personal identifiers, contact details, medical conditions and payment amounts, with...
The Department of Justice disclosed that operatives from the Department of Government Efficiency (DOGE) may have improperly accessed and shared Social Security Administration (SSA) data. Internal emails show a password‑protected file containing roughly 1,000 individuals’ names and addresses was transmitted...
Global Board Advisors Corp and BoardroomEducation.com introduced the Quantum Strategic Intelligence (QSI) framework at the World Economic Forum in Davos, positioning it as an open Sovereignty Standard for quantum‑computing and agentic‑AI risks. QSI extends existing ERM models such as COSO,...
Founder oversight transforms security from a static checklist into a living, strategic asset. By staying involved in access controls, audits, and vendor management, leaders spot hidden vulnerabilities before they become costly incidents. This hands‑on approach reinforces compliance, reduces downtime, and...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the critical VMware vCenter Server flaw CVE-2024-37079 to its Known Exploited Vulnerabilities (KEV) catalog. The heap‑overflow bug in the DCERPC implementation carries a CVSS score of 9.8 and enables remote...
ISO 27001:2022 supersedes the 2013 version, introducing a streamlined set of 93 controls organized into four thematic categories—Organizational, People, Physical, and Technological. The update adds 11 new controls targeting cloud security, threat intelligence, secure coding, and data protection, while tightening requirements...
Businesses now view protection as safeguarding decisions, trust, continuity, and reputation rather than physical assets. The rise of AI intensifies risk, as models trained on sensitive data can be compromised, leading to regulatory, reputational, and financial fallout. Companies are turning...
The Ethereum Foundation announced a dedicated Post‑Quantum team, elevating quantum‑resistant security to a top strategic priority. Led by Thomas Coratger and supported by Emile, the group will accelerate wallet safety upgrades, research prizes and test networks. A bi‑weekly developer session...
Equifax unveiled Synthetic Identity Risk, an AI‑driven solution that flags synthetic identity fraud using machine‑learning analysis of identity data, credit histories, and behavioral signals. The tool can be deployed at account opening or continuously for ongoing monitoring, enabling lenders to...
Researchers at Université Paris‑Saclay and Université Côte d’Azur have demonstrated a device‑independent quantum key distribution (DIQKD) protocol using a photonic circuit identified through machine learning. By introducing a block‑hierarchy semidefinite programming method and a finite‑size security analysis, they show that...
CertiK co‑founder and CEO Ronghui Gu told reporters at Davos that the blockchain security firm is still weighing a public listing, with a current valuation of roughly $2 billion. While no concrete IPO timeline exists, Gu said the company would need additional...
Digital wallets are software platforms that store payment credentials and enable instant, encrypted transactions via smartphones or computers. They combine convenience, security features like biometrics and tokenization, and financial organization tools such as spending categorization. For merchants, offering wallet payments...
OpenAI announced that upcoming updates to its Codex code‑generation model will push it into the “High” cybersecurity risk tier in the company’s internal risk framework, the first time a model has reached that level. The “High” designation means Codex could...
Researchers from Southern University of Science and Technology and ByteDance presented WAVEN, a WebAssembly memory virtualization layer designed for trusted execution environments (TEEs). WAVEN enables cross‑module memory sharing and page‑level access control, addressing the linear memory model’s limitations in Wasm‑based...
Agentic AI is moving fast and most teams lack visibility into what’s actually happening. Meet our sponsor for this weeks newsletter: @harmonicsec ! Harmonic's Security’s MCP Gateway is a lightweight, developer-friendly gateway that gives security teams real visibility...
Blockchain security firm CertiK dissected a sophisticated exploit on the MakinaFi DeFi protocol that drained approximately 1,299 ETH, valued at $4.13 million. The attacker leveraged massive flash loans to manipulate Curve pool valuations, inflating the protocol’s share price and extracting USDC from...
NETSCOUT has been named a leader in network detection and response (NDR) by Quadrant Knowledge Solutions’ 2025 SPARK Matrix. The company’s Omnis Cyber Intelligence platform leverages Adaptive Service Intelligence to inspect packets at up to 100 Gbps, delivering deep, context‑rich metadata...
NETSCOUT introduced Arbor Edge Defense (AED), a selective decryption solution that inspects only suspicious encrypted traffic to mitigate DDoS attacks hidden in TLS 1.3 sessions. Traditional full‑traffic decryption is resource‑intensive, creating blind spots for security teams. AED combines known‑source blocking,...
French prosecutors and the National Cyber Unit have opened a preliminary investigation into a data breach at Waltio, a cryptocurrency tax platform that exposed personal information of roughly 50,000 users, most of them in France. The hacker group Shiny Hunters...
Two Venezuelan nationals were convicted of a multi‑state ATM jackpotting scheme that hit banks in South Carolina, Georgia, North Carolina and Virginia. Using laptops and custom malware, they opened older ATMs at night, forcing the machines to dispense cash until...
At the end of December, a wiper‑type malware dubbed DynoWiper attempted to compromise Poland’s power generation and distribution systems. European security firm ESET traced the code to the Russian Sandworm group with medium confidence, noting similarities to previous attacks on...
Shift‑left QA repositions testing to the earliest stages of AI development, targeting data selection, prompt design, and model behavior before any user interface exists. Traditional software QA, which validates deterministic code after UI creation, misses the probabilistic failures that AI...
A self‑styled hacker known as “John” publicly displayed control over roughly $23 million in cryptocurrency during a live “band for band” showdown on X. Blockchain analyst ZachXBT later traced the wallet to a chain of addresses that include funds seized by...
Corr-Serve has expanded its seven‑year partnership with global cyber‑security firm Seceon, becoming the exclusive distributor for Seceon's AI‑driven Open Threat Management platform across the Southern African Development Community. The deal positions South Africa as the operational hub, delivering real‑time threat...
The browser has evolved from a simple web gateway into the primary enterprise endpoint, handling over 70% of global traffic. Generative AI agents that can act autonomously inside browsers are turning them into intelligent workspaces, prompting incumbents and startups to...
Ransomware attacks now cost $156 million daily, prompting firms to rush system restoration. However, without forensic recovery, organizations lack the evidence needed to confirm breach eradication and understand attacker tactics. Modern forensic solutions capture and analyze digital artifacts in real time,...
Intruder used an AI model to draft a honeypot prototype, but the generated code mistakenly trusted client‑supplied IP headers, allowing attackers to inject payloads via spoofed headers. The flaw went unnoticed by static analysis tools like Semgrep and Gosec, highlighting...
A “chronic lack of cooperation from the Israeli authorities” has forced Spain’s highest criminal court to shelve its investigation into use of Pegasus against Spanish ministers, inc. the prime minister. Cases uncovered by @citizenlab go back to 2021. https://t.co/GUEJ1Mq02R
