Steakhouse Financial Warns Users of Phishing Attack
Steakhouse Financial, a Zug‑based DeFi platform, warned users on March 30 to stop using its website and app after detecting a phishing attack that duplicated its front‑end. The compromise, traced to code from the Angelferno wallet‑drainer operation, primarily targets new users who may sign malicious transactions. The firm emphasized that no deposits or contracts are at risk and existing depositors remain safe. Restoration timelines were not provided, underscoring ongoing vulnerability in DeFi interfaces.
6 Biggest Cybersecurity Mistakes CEOs Make
A 2025 EY study found 84 % of organizations faced a cyber incident in the past three years, many of which were preventable with stronger leadership. CEOs often treat cybersecurity as a technical checkbox rather than a strategic priority, leading to...
AI-Driven Code Surge Is Forcing a Rethink of AppSec
AI‑driven code generation is causing organizations to produce ten to twenty times more software than a year ago, overwhelming traditional application‑security tools. The surge expands the attack surface, making vulnerabilities easier for adversaries to exploit. Black Duck’s CEO Jason Schmitt...
Italian Regulator Fines Financial Giant $36 Million for Data Protection Failures
Italian Data Protection Authority fined Intesa Sanpaolo €31.8 million ($36 million) for unauthorized access to over 3,500 customers' data between February 2022 and April 2024. The regulator cited serious shortcomings in technical and organizational safeguards, noting that internal controls failed to detect the breach....
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
A fifteen‑year‑old integer underflow bug (CVE‑2026‑25075) in strongSwan’s EAP‑TTLS plugin can crash VPN services by requesting an impossible 18 exabyte memory allocation. The flaw affects versions 4.5.0 through 6.0.4 and triggers a two‑phase “ghost” attack that only crashes the charon daemon...
OKCupid Gave User Photos To Facial Recognition Company, FTC Charges
The Federal Trade Commission alleges that OKCupid supplied photos and demographic data of roughly three million users to facial‑recognition startup Clarifai in 2014, contrary to its privacy policy. The FTC complaint says OKCupid and its owners concealed the transfer and...
Huskeys Raises $8m Seed to Modernise Legacy Web Security
Edge security startup Huskeys announced its emergence from stealth after closing an $8 million seed round led by investors such as 10D, SV Angel and a roster of athlete angels. The company launched its Edge Security Management platform, which sits atop...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Researchers at ReliaQuest uncovered DeepLoad, a new malware loader delivered through a ClickFix social‑engineering lure that tricks users into running obfuscated PowerShell commands. The loader employs AI‑generated code obfuscation, APC injection, and dynamic C# compilation to avoid static and behavioral...
Percona and Chainguard Partner to Deliver Secure Open Source Software
Percona has teamed up with Chainguard to offer secure, production‑ready container images for its open‑source database portfolio, including MySQL, PostgreSQL, MongoDB and others. Chainguard builds minimal, provenance‑verified images that aim for near‑zero CVE exposure, while Percona provides enterprise‑grade support and...
Beyond Static Checks: Designing CI/CD Pipelines That Respond to Live Security Signals
Traditional CI/CD pipelines rely on pre‑deployment tests and static scans, but they miss real‑time security signals. Modern distributed systems can become vulnerable after a build due to compromised hosts or newly discovered exploits. The article proposes augmenting pipelines with runtime...
Scamnetic and VanishID Partner to Deliver an Integrated Approach to Identity Protection and Scam Prevention for Enterprises
Scamnetic and VanishID announced a partnership that combines Scamnetic’s real‑time scam and deep‑fake detection with VanishID’s identity exposure reduction platform. The integrated offering lets enterprises automatically block fraudulent communications and lower the amount of publicly exposed executive data. By addressing...
Almost €19 Million Lost by SMEs to Email Related Scams over the Past 2 Years
Irish small and medium enterprises have lost almost €19 million (≈ $20.5 million) to email‑based scams over the past two years, according to FraudSMART data. The average loss per incident exceeds €22,000 (≈ $23,800). A new FraudSMART awareness campaign, launched by Tánaiste Simon Harris...
Nanocosmos Targets Rising Stream Misuse with New Security Solution
German video‑delivery specialist nanocosmos launched nanoStream Control, a security and monitoring layer for its ultra‑low latency streaming platform. The solution lets operators revoke access tokens, block unauthorized joins, and enforce referrer allow‑lists in real time. Continuous anomaly detection, forensic watermarking...
Apple Adds macOS Terminal Warning to Block ClickFix Attacks
Apple’s macOS Tahoe 26.4 introduces a built‑in warning that intercepts potentially malicious commands pasted into Terminal. The feature specifically targets ClickFix attacks, where scammers trick users into executing harmful code under the guise of a fix. When a risky paste is...
How Small Medical Practices Can Build HIPAA-Aligned DevSecOps Without Enterprise Budgets
Small medical practices handle protected health information but often lack the security resources of large hospitals. The article outlines how adopting a HIPAA‑aligned DevSecOps approach—using AWS native tools, strict access controls, secret management, and automated CI/CD pipelines—can close common gaps...
McAfee Review 2026: Solid Protection, Mediocre Performance
McAfee’s 2026 review awards the suite an 8.1‑out of‑10 rating, highlighting strong real‑time protection and a robust identity‑theft insurance offering. The standout feature is unlimited‑device coverage on Plus plans, priced between $50 and $200 for the first year. However, the...
Sri Lanka Building Data Minimization Into Digital ID to Protect Privacy
Sri Lanka is set to launch its first digital ID, SL‑UDI, later this year, embedding data minimization and purpose limitation at the core of the system. The platform uses role‑based access controls, encryption, immutable audit logs, and secure API integrations...
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
The week’s cyber‑threat landscape was dominated by a critical Citrix NetScaler flaw (CVE‑2026‑3055) that is now being actively exploited, a confirmed breach of FBI Director Kash Patel’s personal email with a $10 million bounty offered, and the emergence of Red Menshen’s BPFDoor...
Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600M
Hackers on the dark‑web marketplace Threat Market claim to have obtained 375 TB of Lockheed Martin data and are offering it for a $600 million buy‑out. The alleged sale, posted via a Telegram account linked to the market and attributed to an APT...
3 SOC Process Fixes That Unlock Tier 1 Productivity
The article outlines three SOC process fixes that boost Tier 1 productivity: a unified cross‑platform investigation workflow, a behavior‑first triage model powered by automation and interactivity, and standardized escalation with response‑ready evidence. Leveraging ANY.RUN’s sandbox, analysts can analyze Windows, macOS, Linux...
YouTube TV Subscribers Are Being Targeted By Scammers
Cybercriminals are sending phishing emails that falsely claim YouTube TV subscriptions have been cancelled due to payment problems. The messages contain counterfeit links that mimic the official YouTube TV portal, prompting victims to enter credit‑card numbers and personal data. Google’s...
Estonian Hospital Sends Patient Home with Other Peoples’ Health Data
West Tallinn Central Hospital gave a patient a USB drive that, instead of containing only their X‑ray images, also held the personal health records of several other patients. The hospital claims the drive was newly purchased from its own shop,...
Container Security Now Central to Government Martech Stacks
Government marketing‑technology platforms are increasingly built on containerized infrastructure, making container security a core concern for public‑sector digital services. Over‑provisioned images and ineffective runtime scans expose agencies to heightened cyber risk, especially as sensitive citizen data flows through these systems....
LLMs on Kubernetes Part 1: Understanding the Threat Model
Running large‑language models (LLMs) on Kubernetes provides familiar scheduling and isolation, but the platform cannot assess the safety of natural‑language prompts or the confidentiality of generated output. The article highlights the OWASP Top 10 for LLM applications and focuses on four...
AI-Fueled Cyberattacks Surge in UAE Amid Rising Regional Tensions
The United Arab Emirates is confronting an unprecedented wave of cyberattacks, with the Cyber Security Council estimating 500,000 to 700,000 incidents each day. Threat actors, including state‑linked groups from Iran, are exploiting artificial‑intelligence tools such as ChatGPT to automate reconnaissance,...
Kantara Initiative to Collaborate with the OIDF on the Role of Authorised Auditor
The OpenID Foundation announced a Memorandum of Understanding with the Kantara Initiative, appointing Kantara as an Authorized Auditor for its independent conformance testing program. In this role, Kantara will evaluate organizations seeking Approved Testing Service Provider status, ensuring they meet...
Foster City Cyberattack, Jury Finds Meta and Google Negligent, and Can SF’s Small Clubs Survive?
A ransomware breach forced Foster City to declare a state of emergency, temporarily disabling municipal phone and email services before restoration within a week. A federal jury found Meta and Google negligent for contributing to a youth mental‑health crisis, marking...
Cybersecurity Is a Calling, Not Just a Career — Dr. Priyanka Sunder (PD) on Women Leading the Charge
Dr. Priyanka Sunder, a two‑decade cybersecurity strategist and award‑winning leader, discusses how women are reshaping governance, risk and compliance (GRC) in the industry. She highlights the shift from compliance check‑boxes to continuous resilience, emphasizing cloud security controls, data localization, and...
Why Kubernetes Controllers Are the Perfect Backdoor
Kubernetes controllers, the engine behind cluster self‑healing, are being weaponized as stealthy backdoors. Threat actors register rogue MutatingAdmissionWebhooks or custom controllers that watch for pod creation events and inject malicious sidecars, as seen in the Siloscape and Hildegard campaigns. Because...
Why User Behavior Is the Primary Entry Point for Cyberattacks
Cybercriminals are increasingly exploiting human behavior as the primary gateway into enterprises, with credential theft now eclipsing traditional technical exploits. Although perimeter defenses have hardened, 60% of data breaches still stem from user error, amplified by AI‑driven social engineering and...
How OpenClaw’s Agent Skills Become an Attack Surface
OpenClaw, an AI‑agent gateway, gives users deep access to local files, browsers and long‑term memory, but it stores that data in plain‑text files on predictable disk locations. This design creates a low‑effort attack surface: if the host is compromised, an...
6 Trends Redefining Organizations’ Future with IAM
Inductive Automation’s CISO Jason Waits highlights six emerging IAM trends as the company scales, including a 71% surge in session hijacking and expanding identity sprawl across five systems on average. The firm has responded by deepening its use of Cisco...
'The Missing Piece' For Automating Patching Containers at Scale
Container security teams are grappling with the complexity of patching container images at scale, often stalled by tangled dependency trees and coordination across multiple teams. A new automation framework, dubbed the "missing piece," integrates vulnerability scanning, dependency resolution, and rollout...
Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks
Ukrainian cyber‑defense agency CERT‑UA was spoofed with an AI‑generated website and phishing emails that distributed a password‑protected ZIP containing the AGEWHEEZE remote‑access Trojan. The Go‑based RAT offered full screen, input and system control and communicated with a command‑and‑control server on...
“Sleeper Cells” In Telcos Seen Using Novel New BPFdoor Malware
Researchers have identified a novel malware called BPFdoor that exploits the Linux kernel’s eBPF subsystem to filter packets at kernel level, evading firewalls, IDS and deep packet inspection. The threat has been observed operating as “sleeper cells” within telecommunications networks,...
Pondurance Launches Pondurance Kanati(™): The Industry’s First Agentic AI SOC Designed for Autonomous Operations in a Next-Generation Managed Detection and...
Pondurance announced the general availability of Kanati, the industry’s first agentic AI‑driven Security Operations Center that powers its managed detection and response (MDR) service. The platform autonomously handles high‑confidence threats, delivering 90% faster threat analysis, sub‑two‑minute investigation times and an...
Thailand’s Cybersecurity Boom Has a Weak Core
Thailand’s cybersecurity market has expanded rapidly through 2025, driven by aggressive digital transformation, cloud adoption and new data‑infrastructure initiatives. However, operational depth has lagged, with ransomware employing double‑extortion tactics and APT groups targeting financial firms more frequently. A chronic talent...
Global Threat Landscape Report Shows Exploited High and Critical Severity Vulnerabilities Surged 105% as Attack Timelines Collapsed
Rapid7’s 2026 Global Threat Landscape report reveals a dramatic acceleration in cyber‑attack cycles, with exploited high‑ and critical‑severity vulnerabilities more than doubling year‑over‑year, up 105% from 71 in 2024 to 146 in 2025. The median time from vulnerability disclosure to...
Critical Fortinet Forticlient EMS Flaw Now Exploited in Attacks
Threat‑intelligence firm Defused reports active exploitation of Fortinet’s FortiClient EMS vulnerability CVE‑2026‑21643. The SQL‑injection flaw lets unauthenticated attackers execute arbitrary code via crafted HTTP requests to the EMS web GUI. Shodan and Shadowserver data show roughly 1,000‑2,000 publicly exposed instances,...
Continuous Control Monitoring and the Power of Live Cloud Inventories
Traditional cloud inventories rely on periodic scans and manual CMDB updates, leaving dynamic, short‑lived resources invisible. Continuous controls monitoring (CCM) replaces these static methods with near‑real‑time data ingestion, creating a graph‑based, live inventory that covers every asset. By continuously applying...
SystemRescue 13 Updates Its Kernel to Linux 6.18 LTS, Adds New Recovery Tools
SystemRescue released version 13.00, upgrading its core to the Linux 6.18.20 long‑term support kernel. The update also refreshes storage utilities, including Bcachefs 1.37.3 and GParted 1.8.1, and adds new command‑line tools such as yq and the C‑based iotop‑c. HiDPI display...
The EU CRA – Treating Cybersecurity as Product Liability
The EU’s Cyber Resilience Act (CRA) moves cybersecurity from post‑incident tort claims to product‑level liability, obligating manufacturers, importers and distributors to ensure devices are secure by design, supported and able to report vulnerabilities. The regulation, which entered force on Dec 10 2024,...
Stats SA Confirms Data Breach as Hackers Demand R1.7m Ransom
Stats SA confirmed that hacker group XP95 accessed its HR recruitment database, stealing roughly 154 GB of personal data and demanding a $100,000 (R1.7 million) ransom. The agency rejected the demand, citing compliance with South Africa’s Public Finance Management Act and plans...
Government Likely to Extend SIM-Binding Deadline for WhatsApp, Telegram and Other Messaging Platforms: Report
India's Department of Telecommunications will push the SIM‑binding compliance deadline for messaging apps to the end of December 2026, after companies cited technical hurdles. The rule, introduced in November 2025, requires apps like WhatsApp, Telegram and Signal to link accounts...
Why Risk Alone Doesn’t Get You to Yes
Security leaders often present technically sound risk briefings, yet executives delay action because risk data alone doesn’t compel decisions. The gap lies in translating exposure into business‑focused consequences that align with revenue, compliance, and operational goals. Executives need clear, stakeholder‑specific...
ShipSec Studio Brings Open-Source Workflow Orchestration to Security Operations
ShipSec AI has launched ShipSec Studio, an open‑source security workflow automation platform that replaces ad‑hoc scripts with a dedicated orchestration layer. The visual, no‑code builder lets operators chain tools like Subfinder, Nuclei and TruffleHog into automated pipelines, compiling them into...
FIFA World Cup 2026: A Match Between Fans and Scammers
As the FIFA World Cup 2026 approaches, a NordVPN survey reveals that 11% of American internet users have already encountered soccer‑related scams. Betting fraud (46%) and counterfeit ticket offers (44%) are the most common schemes, proliferating on platforms such as...
Stop Scams Steps up to Online Fraud Challenge
Stop Scams UK, a not‑for‑profit founded in 2020, is scaling its data‑sharing platform to combat online fraud across banks, telecoms and tech firms. In the first half of 2025, UK scams cost roughly $800 million, with two‑thirds originating online. The organisation...
Telstra Business Launches Managed IT Service for SMB Market
Telstra Business announced a new managed IT service aimed at small‑ to medium‑sized enterprises with up to 500 staff. The offering bundles IT support, security and maintenance into Basic, Standard and Premium tiers, each featuring a 24/7 service desk and...
Don’t Count on Government Guidance After a Smart Home Breach
Researchers examined government cybersecurity guidance across 11 countries for smart homes and found that most advice concentrates on prevention—such as regular updates and changing default credentials—while post‑breach support is minimal. Reporting mechanisms exist but are generic and not tailored to...
