News•Feb 19, 2026
Control, Alt, Influence: The Potential for US Cyber Operations in Iran
U.S. policymakers are weighing offensive cyber operations against Iran if diplomatic talks on the nuclear program collapse, positioning cyber as a central element of joint military action rather than a peripheral tool. Recent Senate testimony and statements from US Cyber Command leadership underscore that cyber capabilities will be deployed in a repeatable, sustainable manner alongside kinetic strikes. Potential targets include Iran’s early‑warning radars, command‑and‑control networks, and critical administrative infrastructure to create operational friction and raise IRGC costs. However, limited resources and the need for clear political objectives constrain how broadly these tools can be applied.
By RUSI
News•Feb 19, 2026
Track Vulnerability Remediation with the Updated GitLab Security Dashboard
GitLab’s updated Security Dashboard, now in the 18.9 release, adds advanced filters and visualizations that let teams track vulnerability trends, remediation velocity, and risk scores across projects and groups. The dashboard calculates risk using vulnerability age, EPSS, and KEV data,...
By GitLab Blog
News•Feb 19, 2026
N-Able Inc (NABL) Q4 2025 Earnings Call Transcript
N‑Able reported Q4 2025 revenue of $130 million, a 12% year‑over‑year increase, and ended the year with $540 million in annual recurring revenue, up 12% on a reported basis. Non‑GAAP adjusted EBITDA held steady at a 30% margin, while dollar‑based net revenue retention...
By Motley Fool – Earnings Transcripts
News•Feb 18, 2026
Tech Firms Must Remove ‘Revenge Porn’ in 48 Hours or Risk Being Blocked, Says Starmer
The UK government will amend the Crime and Policing Bill to require tech platforms to delete non‑consensual intimate images, including AI‑generated deepfakes, within 48 hours of notification. Enforcement will be handed to Ofcom, which can levy fines up to 10%...
By The Guardian
News•Feb 18, 2026
Nigerian Man Sentenced to Eight Years in Prison for Computer Intrusion and Theft
A Nigerian national living in Mexico was sentenced to eight years in federal prison and ordered to pay $1.39 million in restitution for a five‑year scheme that compromised Massachusetts tax‑preparation firms. Using phishing emails and Warzone RAT malware, he harvested taxpayer...
By DataBreaches.net
News•Feb 18, 2026
Sumo Logic Moves Into Sovereign Cloud Regions in Europe
Sumo Logic announced the extension of its cloud‑native analytics platform into the AWS European Sovereign Cloud and an AWS data center in Switzerland. The move lets customers keep logs, telemetry, and security data within national borders, satisfying GDPR and other...
By ChannelE2E
News•Feb 18, 2026
AI Agents and How to Govern Them: Tailscale, Sayvint Offer Solutions
AI agents are moving from occasional chat tools to always‑on assistants, prompting enterprises to confront identity‑governance gaps. Tailscale introduced Aperture, an open‑alpha governance layer that ties AI usage to user or workload identities, offering policy controls, audit‑ready session logs, and...
By Biometric Update
News•Feb 18, 2026
Oklahoma Cheyenne and Arapaho Tribes Say Ransomware Disrupted Tribal Systems
The Cheyenne and Arapaho Tribes of Oklahoma were hit by a ransomware attack that forced the shutdown of their computer networks, halting email, phone services and some tribal operations. Tribal Governor Reggie Wassana confirmed the disruption while recovery efforts began....
By DataBreaches.net
News•Feb 18, 2026
EMudhra Self-Certified as MOSIP System Integrator for Digital ID Projects at Scale
Indian digital‑ID specialist eMudhra has completed self‑certification as a Modular Open Source Identity Platform (MOSIP) system integrator, joining the MOSIP Marketplace. The certification confirms its software and hardware meet MOSIP’s rigorous technical, operational and security standards, enabling it to deliver...
By Biometric Update
News•Feb 18, 2026
Dataminr Report: Cyber Risk Shifted in 2025 with Increased Threat Actor Activity and Mega-Loss Events
Dataminr’s 2026 Cyber Threat Landscape Report shows a dramatic shift in cyber risk during 2025, with threat‑actor alerts soaring 225% year‑over‑year. Identity‑based intrusions now account for nearly 30% of attacks, driven by an 84% rise in infostealer malware and AI‑enhanced...
By SC Media
News•Feb 18, 2026
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Security firm Trellix uncovered a new cryptojacking operation that spreads through pirated software installers and installs a customized XMRig miner. The malware uses a controller named Explorer.exe for persistence and a signed driver (WinRing0x64.sys, CVE‑2020‑14979) to gain kernel access, boosting...
By Infosecurity Magazine
News•Feb 18, 2026
Dell Warns of RecoverPoint for VMs Zero-Day (Exploited Since Mid-2024)
Dell has issued an urgent advisory for RecoverPoint for Virtual Machines after discovering CVE‑2026‑22769, a critical 10.0 CVSS flaw that embeds admin credentials in its Tomcat‑based web layer. The vulnerability allows unauthenticated attackers to log in as administrators, upload malicious...
By Guru3D
News•Feb 18, 2026
Why Insider Threats May Make Satellite Hacking Significantly Easier
The article argues that insider threats could dramatically lower the barriers to satellite hacking, as insiders can bypass air‑gap protections and exploit the growing use of off‑the‑shelf Linux hardware. It highlights how complex supply chains, contractor relationships, and recent geopolitical...
By Via Satellite
News•Feb 18, 2026
The 20 Coolest Security Operations, Risk And Threat Intelligence Companies Of 2026: The Security 100
CRN’s Security 100 list spotlights 20 security‑operations, risk and threat‑intelligence vendors that distinguished themselves in 2026. The roundup underscores a rapid shift toward AI‑driven, agentic SOC solutions that automate triage, investigation and response. Companies such as 7AI, Arctic Wolf, Google Cloud and...
By CRN (US)
News•Feb 18, 2026
Microsoft Says Office Bug Exposed Customers’ Confidential Emails to Copilot AI
Microsoft confirmed a bug in its 365 Copilot Chat that allowed the AI to read and summarize customers' confidential emails for weeks, even when data‑loss‑prevention policies were in place. The issue, tracked as CW1226324, affected both draft and sent messages...
By TechCrunch (Cybersecurity)
News•Feb 18, 2026
Poland Bans Chinese-Made Cars From Entering Military Sites
Poland’s senior army commanders have issued a directive barring Chinese‑manufactured cars from entering protected military facilities. The move targets vehicles whose sensors, software or connectivity modules could transmit location and other sensitive data. It aligns Poland with recent U.S. and...
By The Record by Recorded Future
News•Feb 18, 2026
Global Leaders, Executives Exposed in Data Leak
At the Abu Dhabi Finance Week summit, an unsecured cloud server exposed the passports and national ID cards of more than 700 attendees, including former British Prime Minister David Cameron, hedge‑fund billionaire Alan Howard, and former White House communications director...
By Security Magazine (Cybersecurity)
News•Feb 18, 2026
From 2016 Hack to $150M Endowment: The DAO’s Second Act Focuses on Ethereum Security
A decade after the 2016 DAO hack, the DAO Security Fund will stake roughly 75,000 dormant ETH—now worth about $150 million—to generate yield for Ethereum security initiatives. The fund will keep claims open indefinitely for original token holders and shift from...
By CoinDesk
News•Feb 18, 2026
Amazon Fends Off Blowback for Ring’s Search Party Tool
Amazon’s Ring introduced the “Search Party” feature, allowing users to share video clips from their doorbell cameras with friends, family, or law‑enforcement agencies to help locate missing persons. The rollout triggered immediate privacy backlash from civil‑rights groups who argue the...
By Bloomberg – Technology (sitewide)
News•Feb 18, 2026
Safeguarding IoT & Edge Data Pipelines: QA Best Practices
The migration of data processing from centralized servers to edge devices is reshaping QA strategies for IoT pipelines. Unstable networks, fragmented device fleets, and expanded attack surfaces demand testing that goes beyond functional checks. Specialized IoT testing services now employ...
By Datafloq
News•Feb 18, 2026
Pathologists, Vendors Talk LIS-IMS Integration
Pathology labs are accelerating digital transformation, but integrating laboratory information systems (LIS) with imaging management systems (IMS) remains a hurdle. Cybersecurity and image management top the agenda as AI-driven diagnostics expand. Cloud‑based LIS‑IMS solutions promise stronger security controls and scalable...
By CAP Today
News•Feb 18, 2026
3 Ways to Start Your Intelligent Workflow Program
Security, IT and engineering teams face pressure to accelerate outcomes while extracting AI value, yet 88% of AI proofs‑of‑concept never reach production despite 70% of workers seeking time‑saving automation. The Hacker News article outlines three pre‑built intelligent‑workflow use cases—automated phishing response,...
By The Hacker News
News•Feb 18, 2026
ClickFix Exploits Homebrew Workflow to Deploy Cuckoo Stealer for macOS Credential Theft
ClickFix is weaponizing a fake Homebrew installation workflow to deliver Cuckoo Stealer, a macOS credential‑stealing RAT. The campaign uses typosquatted domains such as homabrews.org that mimic brew.sh and inject a malicious curl | bash command into the clipboard, prompting developers to run it....
By GBHackers On Security
News•Feb 18, 2026
Security Metrics That Actually Predict a Breach
The article argues that traditional security dashboards hide the true predictors of a breach, emphasizing metrics that expose process debt, access sprawl, and human behavior. It highlights four high‑impact signals: credential reuse and identity drift, stale access paths, alert‑fatigue ratios,...
By Security Boulevard
News•Feb 18, 2026
A New Approach for GenAI Risk Protection
Generative AI’s rapid consumer adoption has exposed enterprises to data leakage risks, prompting security teams to reassess protection strategies. Traditional DLP solutions are expensive and cumbersome, limiting their use to large organizations. Two viable paths emerge: purchasing enterprise‑grade GenAI licenses...
By CSO Online
News•Feb 18, 2026
AI Likely to Put a Major Strain on Global Networks—Are Enterprises Ready?
Enterprise networks face unprecedented strain as AI workloads surge, generating unpredictable, high‑volume traffic across regions. A recent Broadcom study shows only 49% of organizations believe their networks can meet AI’s bandwidth and latency demands, despite 99% adopting cloud strategies. Retrieval‑augmented...
By Network World (sitewide)
News•Feb 18, 2026
CYBERSPAN Brings AI-Driven, Agentless Network Detection to MSSP Environments
IntelliGenesis launched CYBERSPAN, an AI‑driven network detection and response solution tailored for managed security service providers. The platform offers a multi‑tenant, agentless architecture that can be deployed on‑premises or in the cloud, integrating with existing SIEM, SOAR and ticketing tools...
By Help Net Security
News•Feb 18, 2026
SANS and siberX Introduce NOW // AI to Help Leaders Manage AI Risk, Strengthen Security Controls, and Defend Enterprise Value
SANS Institute and cybersecurity firm siberX have launched NOW // AI, an immersive simulation program built on the SANS AI Blueprint. The curriculum targets executives and security teams, focusing on three pillars—Protect AI, Utilize AI, and Govern AI—to tighten risk...
By AiThority
News•Feb 18, 2026
New SysUpdate Variant Malware Discovered, Decryption Tool for Linux C2 Traffic Released
Researchers at LevelBlue identified a new SysUpdate variant targeting Linux systems, packaged as a packed ELF64 binary that mimics a system service. The malware employs a custom, multi‑layered symmetric cipher to encrypt its command‑and‑control traffic across several protocols. By emulating...
By GBHackers On Security
News•Feb 18, 2026
Lasso’s Intent Deputy Secures AI Agents Through Real-Time Behavioral Intent Analysis
Lasso Security unveiled Intent Deputy, a runtime behavioral‑intent framework that secures autonomous AI agents by interpreting their decision flow and operational context. The solution claims 99.83% threat detection at sub‑50 ms latency and a 570‑fold cost advantage over cloud‑native guardrails. By...
By Help Net Security
News•Feb 18, 2026
Suped Review – Features, User Experience, Pros & Cons (2026)
Suped is a cloud‑based DMARC monitoring platform aimed at small to mid‑size businesses, offering a visual dashboard, guided DNS setup, and an AI Copilot that translates technical errors into plain‑language tasks. Users can onboard in minutes and see initial data...
By Security Boulevard
News•Feb 18, 2026
KnowBe4 Report Reveals U.S. Public Sector Faces Unrelenting Cyber Threats
KnowBe4 released a white paper highlighting the U.S. public sector’s exposure to escalating cyber threats, with ransomware affecting an estimated 43 % of local governments by 2025. The report identifies four core challenges: relentless attacks, chronic staffing shortages, mounting compliance pressures,...
By AI-TechPark
News•Feb 18, 2026
Microsoft Defender Update Lets SOC Teams Manage, Vet Response Tools
Microsoft Defender now includes a Library Management feature that lets security operations centers (SOCs) organize, preview, and control the scripts and tools used in live response. Analysts can upload PowerShell, batch, and other response files ahead of investigations, making them...
By Help Net Security
News•Feb 18, 2026
AWS Coding Agents Gain New Plugin Support Across Development Tools
AWS introduced Agent Plugins, a framework that equips AI coding assistants with native AWS capabilities. The initial "deploy‑to‑AWS" plugin lets developers issue natural‑language prompts to generate architecture recommendations, cost estimates, and infrastructure‑as‑code templates. It currently integrates with Claude Code and...
By Help Net Security
News•Feb 18, 2026
The New Paradigm for Raising up Secure Software Engineers
AI‑assisted coding is set to dominate enterprise development, with Gartner projecting 90% of engineers using AI assistants by 2028. As AI automates line‑level vulnerability detection, security teams face a surge in code volume and reduced review windows. This forces a...
By CSO Online
News•Feb 18, 2026
The Defense Industrial Base Is a Prime Target for Cyber Disruption
Cyber adversaries are moving beyond classic espionage to disrupt the defense industrial base (DIB), aiming to cripple production capacity and supply chains. Attackers now target everything from large primes to niche startups, especially firms with dual‑use technologies, using ransomware and...
By Help Net Security
News•Feb 18, 2026
New Phishing Campaign Exploits Booking.com Partners, Targets Customers in Multi-Stage Fraud Scheme
A coordinated phishing campaign is exploiting Booking.com’s partner platform to steal hotel staff credentials and then target guests with payment‑stealing lures. The operation uses a three‑stage chain: email phishing to hotel inboxes, a bespoke partner login kit to harvest credentials,...
By GBHackers On Security
News•Feb 18, 2026
Everyone Uses Open Source, but Patching Still Moves Too Slowly
Enterprise security teams now rely on open source for core infrastructure, development pipelines, and production applications, yet patching cycles remain sluggish. TuxCare’s 2026 Open Source Landscape Report shows that 60% of recent incidents involved known vulnerabilities that were not patched...
By Help Net Security
News•Feb 18, 2026
Regtech SlowMist Exposes Supply Chain Threats in ClawHub’s AI Plugin Ecosystem
SlowMist has uncovered a wave of supply‑chain attacks targeting ClawHub, the official plugin repository for the OpenClaw AI agent framework. Over 340 malicious plugins were identified among roughly 3,000 listings, many embedding Base64‑encoded commands in the SKILL.md documentation that download...
By Crowdfund Insider
News•Feb 18, 2026
Understanding the U.S. Coast Guard’s Maritime Cybersecurity Framework
The U.S. Coast Guard’s Cybersecurity in the Marine Transportation System rule took effect in July 2025, imposing mandatory cybersecurity and incident‑response plans for U.S.-flagged vessels, OCS facilities and MTSA‑covered sites. Owners must appoint a Cybersecurity Officer, enforce account lockouts, maintain...
By The Maritime Executive
News•Feb 18, 2026
Government Explores Unified ID and Verification System for Businesses
The UK Department for Business and Trade has signed a 10‑week, £300,000 contract with Deloitte to explore a unified digital business ID that would provide a single login and a cross‑government business entity directory. The discovery phase will assess existing...
By PublicTechnology.net (UK)
News•Feb 18, 2026
GDS Public Sector Monitoring ‘Finding and Fixing over 100 Critical Vulnerabilities a Month’
The Government Digital Service’s Vulnerability Monitoring Service (VMS), launched in summer 2024, now has over 700 public‑sector organisations signed up and is detecting more than 100 critical vulnerabilities each month. Offered free through the National Cyber Security Centre, the service...
By PublicTechnology.net (UK)
News•Feb 18, 2026
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
Singapore’s Cyber Security Agency and the nation’s four major telcos (M1, Simba Telecom, Singtel, StarHub) launched the "Cyber Guardian" operation, expelling the China‑linked threat actor UNC3886 after an 11‑month campaign. The attackers breached critical network segments but did not steal...
By Dark Reading
News•Feb 18, 2026
Fortanix and NTT DATA Partner to Solve Challenges Around Data Sovereignty and Security for AI Factories With NVIDIA
Fortanix, NTT DATA and NVIDIA have launched a joint service that lets Indian enterprises run AI Factories within hardware‑based secure enclaves. The offering combines Fortanix’s Confidential Computing platform, NVIDIA’s secure GPUs and NTT DATA’s full‑lifecycle managed services to protect data and models...
By Business Wire — Executive Appointments
News•Feb 18, 2026
Smart Contracts Auditing Process
Smart contract auditing is a critical pre‑deployment step that safeguards blockchain applications by uncovering coding errors and security vulnerabilities. The process follows a structured workflow—from specification gathering and automated scanning to manual line‑by‑line analysis, functional testing, and iterative remediation—culminating in...
By Financial Crime Academy – Blog
News•Feb 18, 2026
Intellexa’s Predator Spyware Used to Hack iPhone of Journalist in Angola, Research Says
Amnesty International reported that a government client of sanctioned spyware firm Intellexa used its Predator tool to compromise the iPhone of Angolan journalist Teixeira Cândido in 2024. The intrusion was delivered through a malicious WhatsApp link, exploiting an outdated iOS...
By TechCrunch (Cybersecurity)
News•Feb 18, 2026
Simplify Red Hat Enterprise Linux Provisioning in Image Builder with New Red Hat Lightspeed Security and Management Integrations
Red Hat has rebranded its Insights service as Red Hat Lightspeed, keeping core advisor, vulnerability and compliance capabilities while emphasizing AI‑driven speed. New Image Builder integrations now auto‑register RHEL images to Red Hat Satellite and Ansible Automation Platform, and allow compliance profiles...
By Red Hat – DevOps (Category)
News•Feb 17, 2026
Hong Kong Fortifies Cybersecurity Training in the AI Era
Hong Kong released its Cybersecurity Outlook 2026, revealing that nearly 30% of local firms lack dedicated security staff and only 26% of SMEs have such roles compared with 59% of large enterprises. To address the talent gap, the government, HKPC...
By OpenGov Asia
News•Feb 17, 2026
Texas AG Sues Wi-Fi Company over Links to China
Texas Attorney General Ken Paxton sued TP‑Link Systems Inc., alleging the Wi‑Fi maker deceived consumers by marketing its routers as "Made in Vietnam" while sourcing most components in China. The complaint cites longstanding firmware vulnerabilities that Chinese state‑backed hackers have...
By Courthouse News Service
News•Feb 17, 2026
CompTIA Launches SecAI+ Certification
CompTIA unveiled SecAI+, its first Expansion Series certification, aimed at securing AI systems and leveraging AI tools within cybersecurity operations. The credential builds on foundational certifications such as Security+, CySA+ and PenTest+, requiring three to four years of IT experience...
By Network World (sitewide)