Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Cybersecurity Pulse
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
EMAIL DIGESTS
Daily
Every morning
Weekly
Tuesday recap
Ransomware and supply‑chain breaches surge across sectors
The Cyber Express reports a sharp rise in ransomware incidents and supply‑chain compromises. High‑profile attacks include a ransomware intrusion at Hasbro, a malicious package update that hit AI startup Mercor via the LiteLLM project, and a North Korean‑linked attack on the Axios JavaScript library.
Also developing:
Amazon’s EKS Auto Mode and EKS Capabilities automate the infrastructure layer of Kubernetes—node provisioning, scaling, networking and storage—while leaving architecture, add‑on lifecycle, and 24×7 incident response to the customer. Fairwinds Managed Kubernetes‑as‑a‑Service (KaaS) assumes those omitted responsibilities, delivering design, full add‑on management, and round‑the‑clock support. Cost modeling shows Auto Mode adds roughly a 12 % fee on compute but still requires a senior SRE, whereas Fairwinds bundles platform expertise into a subscription that can be cheaper than a single engineer. The comparison highlights a trade‑off between DIY automation and fully managed platform services.
Researchers at Germany's CISPA Helmholtz Center disclosed StackWarp, a new hardware vulnerability that spans AMD Zen 1 through Zen 5 processors. The flaw exploits a synchronization error in the CPU's stack engine, allowing a malicious host to manipulate a guest VM's stack...
A Netherlands‑based activist’s site, ICE List, which published personal details of thousands of Immigration and Customs Enforcement and Border Patrol officers, was knocked offline by a large‑scale distributed denial‑of‑service attack on Tuesday. The site’s founder, Dominick Skinner, believes the assault...
Tenzai evaluated five leading AI coding agents—Anysphere Cursor, Claude Code, OpenAI Codex, Replit, and Cognition Devin—by having them build three identical apps. The 15 generated applications contained 69 vulnerabilities, with no exploitable SQL injection or XSS but universal SSRF issues...
Researchers uncovered a five‑year browser‑extension malware campaign dubbed GhostPoster, which hid malicious code inside a PNG image to evade static analysis. The campaign spanned Chrome, Edge and Firefox, ultimately involving 18 extensions and more than 840,000 installations. Koi Security first...
The NASA Office of Inspector General released its 2025 Top Management and Performance Challenges report, highlighting five critical agency priorities, including returning humans to the Moon and sustaining low‑Earth‑orbit operations. The report flags a heat‑shield venting defect on Orion’s spacecraft...
⏰ Starting in 5 minutes (12pm ET)! Bitcoin is rallying 📈 but the biggest risks may not be priced in yet In today's @Unchained_pod livestream: 🧠 Steven Ehrlich w/ Grayscale's head of research Zach Pandl (@LowBeta_) on markets & regulatory delays then... 🔐 I'll speak...
Cyata is building a unified control plane to manage "agentic identity," the emerging security challenge of AI‑driven agents that act across SaaS, endpoints, and data stores. Unlike traditional employee accounts, these agents operate dynamically, creating "shadow agents" that evade existing...
CloudSEK, the Bengaluru‑based AI‑powered cyber‑threat‑intelligence firm, secured a strategic investment from Connecticut Innovations as part of a $10 million Series B2 round. The funding follows a $19 million Series B1 raise and will fuel the company’s U.S. expansion, including a new regional hub in...
The U.S. Cybersecurity and Infrastructure Security Agency, the U.K. National Cyber Security Centre, and the FBI released a joint set of security principles for operational technology (OT) environments. The guidance addresses the expanding attack surface caused by increased connectivity between...
Researchers at NDSS 2025 introduced SKILLPoV, a tool that automatically generates voice‑based privacy notices for Amazon Alexa skills. By analyzing skill code and leveraging ChatGPT, SKILLPoV creates concise notices delivered at skill launch, achieving 91.3% detection accuracy and 96.4% completeness....
Cyber‑criminals are increasingly abandoning encryption‑based ransomware in favor of pure data‑theft extortion. Symantec and Carbon Black report a jump from 28 incidents in 2024 to nearly 1,500 in 2025, while traditional ransomware remained flat at about 4,700 attacks. The surge...
The National Vulnerability Database recorded a record 48,177 CVE identifiers for 2025, marking the ninth consecutive year of growth. Reporting is now dominated by new CNAs, with Patchstack, Wordfence and WPScan contributing 23% of all entries and MITRE falling to...
Seerist has launched AskAnna, an AI‑powered natural‑language Q&A tool that taps the company’s proprietary event models and Control Risks’ human‑generated analysis to deliver fully sourced intelligence answers. The platform instantly synthesizes thousands of vetted reports, providing line‑item attribution and transparent...
The HHS Office for Civil Rights (OCR) released its 2026 enforcement roadmap, highlighting four priority areas: continuing the HIPAA Privacy Rule Right of Access initiative, expanding the Security Rule Risk Analysis to broader risk management, intensifying hacking and ransomware actions,...
Cybercriminals and hacktivists sharply increased attacks on industrial control systems in 2025, with vulnerability disclosures nearly doubling to 2,451 across 152 vendors. Siemens was the most affected vendor, reporting 1,175 flaws, while Schneider Electric faced a higher proportion of critical...
Security researchers at Wiz uncovered a critical misconfiguration in AWS CodeBuild that let unauthenticated attackers inject malicious code into core AWS open‑source repositories, including the widely used AWS SDK for JavaScript. The flaw stemmed from an unanchored regular‑expression filter on...
The episode highlights AppGuard’s critique of AI‑driven detection, arguing that endless AI‑generated alerts cannot keep pace with AI‑enhanced malware that adapts in real time. CEO Fatih Comlekoglu advocates a shift to a default‑deny, controls‑based endpoint strategy that dramatically reduces the attack...
Feedzai, the AI-native risk‑operations platform, has partnered with Matrix USA to create a global Center of Excellence that accelerates AI‑driven fraud and anti‑money‑laundering (AML) deployments for banks. The collaboration blends Feedzai’s real‑time detection engine with Matrix USA’s advisory and integration...
The article highlights five user‑experience pitfalls of Windows Hello for Business that cause employees to abandon biometric authentication. Environmental variables—lighting, glasses, hats, facial hair, and device positioning—lead to frequent failures, prompting users to fall back on PINs or passwords. This...
A Harmonic Security report analyzing 22.4 million prompts across six generative AI tools reveals an exponential rise in sensitive data exposure, with 71% of incidents tied to ChatGPT. Approximately 579,000 prompts (2.6%) contained company‑sensitive information, especially code, legal discourse, and M&A...
The Promptware Kill Chain introduces a five‑step framework that treats malicious prompts and poisoned content as a distinct class of AI malware. It maps the lifecycle of attacks on large language model applications from initial access through privilege escalation, persistence,...
The 2026 State of the CISO Report shows a structural shift, with 46% of North American CISOs now holding executive titles such as EVP or SVP. Over half of respondents say their role has expanded to cover SecOps, architecture, GRC,...
The latest ThreatsDay bulletin spotlights a wave of high‑severity, unauthenticated remote code execution flaws—from Redis’s XACKDEL buffer overflow affecting roughly 2,900 servers to AI‑ML libraries that execute malicious model metadata. It also flags a Broadcom Wi‑Fi chipset kill‑switch that can...
WitnessAI secured $58 million in strategic funding led by Sound Ventures, aiming to accelerate global expansion and broaden its AI security suite. The platform provides enterprises with real‑time visibility and control over large‑language models and autonomous AI agents, addressing governance gaps...
ETSI has released EN 304 223, the first globally applicable European standard that defines baseline security requirements for AI systems across enterprises. The standard aligns with the EU AI Act and introduces concrete provisions covering deep neural networks, generative AI,...
JPMorgan has filed a federal lawsuit seeking a temporary restraining order against former private‑client advisor Kevin J. Sercia. The bank alleges Sercia accessed roughly 175 client profiles on its Advisor Central system after hours and stole confidential information to solicit...
Cyber‑security firm ANY.RUN has identified a new, more stealthy variant of the CastleLoader malware, now linked to 469 compromised devices across U.S. government agencies and European critical infrastructure. The loader uses a social‑engineering “ClickFix” prompt and Inno Setup/AutoIt to gain...
Delinea announced it will acquire StrongDM, a platform that provides just‑in‑time (JIT) access to IT infrastructure for both human operators and non‑human identities. The deal expands Delinea’s privileged access management suite to cover dynamic, AI‑driven workloads and supports a zero...
The NHIcon 2026 virtual conference, organized by Aembit, will explore the emerging security challenges of agentic AI in enterprises, featuring keynotes from Phil Venables, Misam Abbas, and Anthropic’s deputy CISO Jason Clinton. Sessions will cover practical topics such as LLM...
Wallarm University now offers a free, hands‑on API security certification that lets participants run real attacks and practice defenses. The program is built by seasoned API security experts and covers emerging threats such as AI‑driven and agentic APIs. Recent Wallarm...
Visa just exposed 5 new fraud patterns exploding in 2026 — and they're hitting hard in Asia. • Account takeover up 300% via social engineering • AI-generated deepfakes fooling KYC • Mule networks using instant payments (PIX/UPI) • Synthetic identities surging in Asia • Card-not-present...
ISACA’s State of Privacy 2026 report reveals that median privacy team size dropped to five members, down from eight the previous year, while technical privacy roles face the steepest shortages. Budget pressures persist, with only 36% of respondents feeling adequately...
Security researchers have identified a critical vulnerability in the n8n automation platform (CVE‑2026‑21858) with a CVSS rating of 10.0, allowing attackers to take over locally deployed instances. The flaw potentially impacts around 100,000 servers worldwide and currently has no official...
Classroom device management is essential for K‑12 schools integrating laptops, tablets, and BYOD. The article outlines eight practical strategies, including clear rules, mobile device management tools, app whitelisting, screen monitoring, scheduled access, BYOD integration, activity tracking, and continuous teacher development....
Researchers at KU Leuven uncovered critical Fast Pair flaws in 17 audio accessories from ten manufacturers, enabling a WhisperPair attack that silently hijacks Bluetooth earbuds, headphones, and speakers within 50 feet. The vulnerability lets attackers take control of audio streams, activate...
Security teams are still focusing on protecting AI models, but recent incidents show the real risk lies in the workflows surrounding them. Malicious Chrome extensions harvested chat data from over 900,000 users, and prompt‑injection attacks can coerce AI coding assistants...
Sonatype researchers reported that over 387,000 downloads of Apache Struts 2 occurred in a single week, and 98% of those were for end‑of‑life versions vulnerable to CVE‑2025‑68493. The flaw, a high‑severity (8.8) unsafe XML parsing issue affecting versions 2.0.0 through 6.1.0,...
Many security operations centers still rely on outdated, manual processes that slow incident response. The article highlights four habits—manual sample review, sole reliance on static scans, fragmented toolsets, and excessive alert escalations—that inflate mean time to respond. It shows how...
Researchers from OPSWAT’s Unit 515 uncovered four serious flaws in Delta Electronics’ DVP‑12SE11T programmable logic controller, including three critical CVSS 9+ vulnerabilities. Delta issued a firmware patch just before the 2026 New Year, but many OT environments may delay updates due to...
Any @Zendesk experts out there? We have a gen AI reply out there for @haveibeenpwned which attempts to answer a support question, but has a fallback for if it can’t. How can we automatically close the ticket if a reply...
"For all crypto protocols... solving the quantum threat is the most significant and biggest effort they'll have to undergo." https://t.co/5TvOPraNmP
The U.S. Federal Trade Commission finalized an order against General Motors and its OnStar subsidiary for collecting and selling precise geolocation and driver‑behavior data without consent. The settlement bans GM from sharing such data with consumer reporting agencies for five...
Coming next: What happens to Bitcoin when quantum computers get powerful enough? ⚛️ I'll talk with Alex Pruden of Project Eleven @qdayclock about the post-quantum roadmap 👇 https://t.co/5TvOPraNmP
The episode explores how AI can safeguard Europe’s extensive subsea cables and pipelines, focusing on the EU‑funded VIGIMARE project led by researcher Johanna Karvonen. It details how machine‑learning models will fuse satellite imagery, AIS data, radar and acoustic signals from...
London‑based Cyb3r Operations secured $5.4 million in a financing round led by Octopus Ventures, bringing its total capital to $6.75 million after a follow‑on from Pi Labs. The startup provides continuous, automated third‑party cyber risk visibility across tech stacks, flagging vulnerabilities, sanctions,...
Amazon Web Services launched its European Sovereign Cloud to general availability, promising a fully EU‑located environment that is physically and logically separate from other AWS regions. The offering initially includes 90 services spanning compute, storage, networking, security, and AI, and...
Bitwarden unveiled Access Intelligence, delivering application‑level visibility into weak, reused or exposed credentials and guiding remediation, cutting average resolution time from nine days. The company also expanded passkey support, adding native Windows 11 integration, cross‑platform portability via the FIDO Credential Exchange...
Arcjet has released a Python SDK that brings its application‑layer security platform directly into Python services and APIs. The SDK provides built‑in bot protection, rate limiting, email validation and signup spam prevention, and works with both FastAPI and Flask with...
