Taming the Threat Beast: Building a Threat-Led Cybersecurity Program
A threat‑led cybersecurity program shifts focus from sheer data volume to relevance, enabling organizations to prioritize the threats that truly affect their business. The piece cites a Google Cloud study showing 61 % of security professionals feel overwhelmed by threat feeds and then outlines concrete steps—defining intelligence requirements, aligning with business goals, operationalizing threat modeling, and balancing automation with oversight—to turn intelligence into actionable risk reduction. Real‑world cases from financial services, manufacturing, healthcare, and retail illustrate outcomes such as a 70 % reduction in false positives and dramatically faster detection‑to‑remediation cycles. The core message is that disciplined, context‑rich threat intelligence drives better decisions, stronger risk posture, and increased executive support.
Global Cybercrime Crackdown: Over 373,000 Dark Web Sites Shut Down
Operation Alice, a March 2026 Europol‑led initiative, dismantled the largest known network of fraudulent dark‑web platforms, shutting down over 373,000 sites that hosted child sexual abuse material and cyber‑crime‑as‑a‑service tools. German authorities identified the platform’s operator and, together with 22...
University College of Dublin Staff Member Due in Court over Accessing Student Data
A University College Dublin employee in his 50s has been arrested and charged for unlawfully accessing student records, appearing in court today. The investigation, led by Ireland's Garda Síochána, uncovered unauthorized database queries that exposed personal information of dozens of...
Jaguar Land Rover's Cyber Bailout Sets Worrying Precedent, Watchdog Warns
The UK government provided Jaguar Land Rover with a £1.5 billion loan guarantee after a ransomware attack that the Cyber Monitoring Centre estimates cost up to £1.9 billion to the British economy. The cyber watchdog warned that rescuing a single firm without clear criteria...
5 Best Password Managers for Teams (Free & Paid) in 2026
The updated 2026 guide ranks the five best password managers for teams, naming Dashlane as the overall leader, Keeper for enterprise, 1Password for small teams, Bitwarden as the top open‑source option, and Enpass for third‑party cloud storage. It highlights that...
Fake Interactive Zoom Call Leads to Malicious ScreenConnect Download
Security researchers discovered a novel phishing campaign that uses a fake, interactive Zoom call to trick users into downloading a malicious update. The lure relies on AI‑generated JavaScript to mimic a glitchy Zoom meeting, directing victims to a counterfeit Microsoft...
UK Cyber Monitoring Centre Plans Expansion in US Amid Risk of Category 5 Attack
The UK Cyber Monitoring Centre (CMC) is preparing a US‑based operation to quantify the financial fallout of cyber incidents, targeting a 2027 launch after proving its model in Britain. In its first year, the CMC rated two 2025 attacks –...
Oracle Pushes Emergency Fusion Middleware Patch
Oracle released an out‑of‑band emergency patch for a critical pre‑authentication remote code execution vulnerability (CVE‑2026‑21992) affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw, located in the Fusion Middleware REST and security components, is easily exploitable and resembles...
Linux Kernel Scale Is Swamping an Already-Flawed CVE System
The Linux kernel became a CVE Numbering Authority in 2024, prompting a policy shift that assigns identifiers to virtually every defect. In 2025 the kernel topped vulnerability lists with over 48,000 CVEs, flooding security feeds with low‑impact and theoretical issues...
Rapid7 Enhances Exposure Command with Runtime Validation and DSPM for Risk Analysis
Rapid7 has added runtime validation and Data Security Posture Management (DSPM) to its Exposure Command platform, turning continuous assessment into continuous validation. The new features use eBPF‑based sensors and AI to identify which cloud vulnerabilities and misconfigurations are actively exploitable...
Listed Firms Risk 30% Share Plunge Amid Rising Cyber Attacks
JSE‑listed companies face the risk of a 30% share‑price plunge after a cyber‑attack, as weekly cyber incidents in South Africa jumped 36% year‑on‑year to 2,145. Response speed dramatically influences losses: incidents contained within hours limit share erosion to 4%, while...
Thousands of Magento Sites Hit in Ongoing Defacement Campaign
A coordinated defacement campaign has compromised over 7,500 Magento sites in just three weeks, leveraging an unauthenticated file‑upload flaw across Open Source, Enterprise and B2B deployments. Threat actors are posting plaintext files, often bearing the handle “Typical Idiot Security,” to...
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Artificial intelligence is empowering cybercriminals to craft hyper‑personalized phishing, automate credential abuse, and generate adaptive malware that mimics legitimate user behavior. Traditional rule‑based and signature‑based defenses struggle because AI‑driven attacks operate within normal activity thresholds and continuously evolve their code....
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
Langflow, a widely used open‑source AI workflow builder, disclosed a critical remote code execution flaw (CVE‑2026‑33017) with a CVSS score of 9.3. The vulnerability affects an unauthenticated POST endpoint that processes a ‘data’ parameter, allowing attackers to inject Python code...
Android Malware Campaign Targets Indian Users via Fake eChallan Alerts
CERT-In has warned of a coordinated Android malware campaign that lures Indian vehicle owners with fake eChallan and RTO challan SMS alerts. The messages direct users to download malicious APKs such as "RTO Challan.apk," which act as droppers for multi‑stage...
Semgrep Multimodal Brings AI Reasoning and Rule-Based Analysis to Code Security
Semgrep unveiled Multimodal, a hybrid system that merges its deterministic Pro engine with large‑language‑model reasoning to boost code‑security detection. The solution claims up to eight times more true positives and a 50% reduction in noise compared with LLM‑only scans, already...
ConductorOne Unveils AI Access Management to Accelerate Secure, Compliant AI Adoption
ConductorOne launched AI Access Management, a unified control plane that governs access to AI tools, agents, and managed connectivity points across enterprises. The solution lets employees request AI services and be provisioned in under 60 seconds while IT retains full...
Clean up Your Digital Clutter or Face the Risks, Firms Warn
South African firms are warned that unchecked digital clutter—dubbed “data toxicity”—is costing millions and exposing them to security breaches. Experts from Integrity360 and KnowBe4 Africa argue that redundant, obsolete (ROT) data inflates cloud storage fees, increases cognitive load, and creates...
Bonfy ACS 2.0 Helps Organizations Control Data Use in AI Environments
Bonfy.AI unveiled Bonfy Adaptive Content Security (ACS) 2.0, a platform that extends enterprise data protection to AI agents, copilots, and generative applications across cloud, SaaS, and on‑premises environments. The solution adds real‑time, context‑aware controls—including a data‑in‑use guardrail, browser extension for...
U.S. Shuts Down Websites Behind Iran-Linked Cyber Attacks and Death Threats
The U.S. Justice Department seized four domains—Justicehomeland.org, Handala‑Hack.to, Karmabelow80.org and Handala‑Redwanted.to—allegedly operated by Iran’s Ministry of Intelligence and Security. Investigators say the sites acted as fake hacktivist fronts that claimed cyberattacks, published stolen data and issued death threats against journalists,...
Everything You Need to Know About Online Fraud
Online fraud, encompassing financial scams and identity theft, surged as pandemic‑driven digital adoption expanded across banking, retail, and services. In South Africa, criminal syndicates generated between R200 billion and R300 billion in annual losses, with banking fraud alone exceeding R3.3 billion in 2023....
Perseus Android Malware Targets Mobile Banking Users via Fake IPTV Apps
Researchers at ThreatFabric have uncovered a new Perseus Android malware variant that masquerades as IPTV streaming apps to infiltrate smartphones. The strain builds on Cerberus and Phoenix code, leveraging Accessibility Services to stealthily control devices, scan note‑taking apps, and overlay...
Exabeam Adds MSSP Commercial Framework to APEX Partner Program
Exabeam has introduced a dedicated commercial framework for managed security service providers within its APEX partner program. The new structure replaces fragmented licensing with a single pooled licence for high‑volume, multi‑tenant deployments and a federated subscription model for region‑specific isolation....
Cyble Partners with Optiv to Bring Digital Risk Protection Into MSSP Operations
Cyble has partnered with Optiv to embed its digital risk protection services into Optiv’s managed security service provider operations. The integration feeds Cyble’s open, deep, and dark‑web threat intelligence directly into Optiv’s fusion center, giving analysts a unified view of...
Canada’s Supreme Court Scrutinizes Facebook’s Role in Cambridge Analytica Privacy Scandal
Canada’s Supreme Court is hearing a challenge to Facebook over the Cambridge Analytica scandal. The Privacy Commissioner alleges Facebook violated PIPEDA by lacking meaningful consent and failing safeguards. Facebook argues users consented via terms and that data isn’t sensitive. Justices...
North Carolina Tech Worker Found Guilty of Insider Attack Netting $2.5M Ransom
A 27‑year‑old North Carolina contractor, Cameron Nicholas Curry, was convicted of six extortion counts after stealing sensitive employee and compensation data from a D.C.‑based tech firm and demanding a $2.5 million ransom. Curry accessed the data between August and December 2023,...
My Personal Data Has Been Leaked Several Times - This Service Helped Clean It All Up
DeleteMe is a subscription‑based data‑removal service that scans the web for personal information and files opt‑out requests on behalf of users. In a ZDNET test, the platform examined 371 listings and successfully removed 44 within five days, with additional takedowns...
Leap Strategies Sees Rise in Sovereignty Queries From Mid-Market
Leap Strategies reports a surge in data sovereignty questions from Australian mid‑market firms as compliance mandates intensify. The company notes that governance, risk and compliance discussions have moved from purely legal concerns to deep technical involvement, prompting customers to consider...
Why Disabling the SQL Server Sa Account Still Matters in 2026
Even with SQL Server’s 2026 security enhancements, the built‑in sa account remains a critical attack vector. Attack tools still assume sa exists and brute‑force its password, giving adversaries immediate sysadmin control. Because sa bypasses many modern access controls, compromising it...
Singapore, Japan Align IoT Security Frameworks for Digital Resilience
Singapore and Japan have signed a Memorandum of Cooperation to mutually recognise each other’s IoT cybersecurity labelling schemes. The agreement lets devices certified in one country obtain the other’s Level 1 label through a streamlined process, cutting duplicate testing. It also...
OpenWebUI Servers Targeted for Extensive Cryptomining
OpenWebUI, a widely used open‑source AI interface, is being exploited through CVE‑2025‑63391, a flaw that allows unauthenticated script uploads. Attackers have compromised roughly 12,000 internet‑exposed instances, injecting Python backdoors that run cryptocurrency miners and steal credentials. About half of the...
Justice Department Disrupts Iranian Cyber Enabled Psychological Operations
The U.S. Justice Department seized four domains used by Iran’s Ministry of Intelligence and Security for cyber‑enabled psychological operations and transnational repression. The sites—Justicehomeland.org, Handala‑Hack.to, Karmabelow80.org, and Handala‑Redwanted.to—were employed to claim hack credit, publish stolen data, and issue death threats...
Scoop: Anthropic Meets with House Homeland Security Behind Closed Doors
Anthropic co‑founder Jack Clark met privately with the bipartisan House Homeland Security Committee, discussing AI model distillation and export‑control challenges. The Pentagon dispute over Anthropic’s supply‑chain risk designation was only briefly mentioned. The session was described as friendly, reflecting Anthropic’s...
AI Conundrum: Why MCP Security Can't Be Patched Away
Enterprises are rapidly wiring large language models to external services through the Model Context Protocol (MCP), unlocking powerful automation but also exposing a novel attack surface. Because MCP turns LLMs from passive responders into autonomous agents, they can execute actions...
Can Zero Trust Survive the AI Era?
Federal agencies are confronting a dual challenge: AI‑enabled attackers are slashing attack timelines to roughly 11 minutes and dramatically lowering malware development costs, while defenders must integrate AI into their security stacks. Zero Trust principles—continuous verification, least‑privilege access, and micro‑segmentation—remain...
Agents and Quantum: Cybersecurity World Confronts AI Vulnerabilities and Data Risks Amid an Expanding Threat Landscape
Enterprise adoption of AI agents is exposing new security gaps, with tests showing agents can leak confidential data and 60% of AI‑related incidents resulting in data loss. Vendors are responding: F5 introduced NGINX Agentic Observability to monitor agent‑to‑agent traffic, while...
Navia Discloses Data Breach Impacting 2.7 Million People
Navia Benefit Solutions disclosed a breach that affected nearly 2.7 million individuals, exposing personal identifiers such as names, dates of birth, Social Security numbers, and contact details. The unauthorized actors accessed Navia’s systems from December 22, 2025, to January 15, 2026, with the breach discovered...
Lack of CISA Leadership Amid DHS Shutdown Raises Risks, Cyber Pros Say
The U.S. Cybersecurity and Infrastructure Security Agency is operating with roughly one‑third of its staff as the DHS shutdown sidelines 1,500 employees and leaves the agency without a permanent director. Despite the staffing squeeze, CISA continues to issue critical alerts—such...
Post-Quantum Web Could Be Safer, Faster
The IETF’s draft Merkle tree certificates (MTCs) promise a quantum‑resistant web that is both smaller and faster than existing post‑quantum solutions. By compressing certificate data to roughly 840 bytes, MTCs cut bandwidth and latency compared with ML‑DSA signatures that can exceed...
Vibhor Kumar: PostgreSQL HA Without SSH: Why Open Source Efm_extension Matters in a Zero-Trust World
The open‑source efm_extension brings EDB Failover Manager operations into PostgreSQL via SQL, removing the need for SSH‑based control. It adds functions such as efm_cluster_status, efm_failover, efm_switchover, efm_allow_node and efm_disallow_node, with JSON output for programmatic consumption. The extension runs under a...
Campus Networks Have a Security Problem. Huawei's New Solution Can Fix It.
Huawei introduced its Xinghe AI Full‑Scope Security Campus Solution at MWC26, aiming to transform campus Wi‑Fi from a connectivity utility into a comprehensive defense platform. The solution bundles four AI‑driven layers—connectivity, asset, spatial, and privacy security—featuring post‑quantum encrypted Wi‑Fi Shield,...
How We’re Helping You Avoid Scams This Tax Season
Google is rolling out five security features to shield consumers from a 67% surge in tax‑season scams, including fraudulent calls, texts, and fake websites. Pixel phones now offer Call Screen and on‑device AI scam detection, cutting spam calls by 70%....
Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation
An affiliate known as ‘hastalamuerte’ disclosed internal details of the emerging ransomware‑as‑a‑service group The Gentlemen, revealing its dual‑extortion tactics, multi‑platform targets, and sophisticated evasion methods. Group‑IB’s March 19 report shows the group exploits FortiGate VPN devices, uses PowerShell, BYOVD drivers, and...
Latest White House Cybersecurity Strategy Talks Crypto, AI, Quantum
The White House released President Trump’s Cyber Strategy for America in mid‑March, outlining six policy pillars that target critical‑infrastructure protection, emerging‑technology superiority, and a broadened offensive cyber posture. Notably, the strategy calls for securing supply‑chain integrity, promoting U.S.‑made hardware, and...
UMMC Continues Investigating Cyberattack and Recovering From Impact.
University of Mississippi Medical Center (UMMC) shut dozens of clinics for nine days after a ransomware attack crippled its Epic EMR system. The Medusa ransomware gang later posted the breach on its leak site, claiming to have stolen more than...
SpiderOak Wins New UAS Systems Contract
SpiderOak has been awarded a contract by the U.S. Army Unmanned Aircraft Systems PMO to conduct supply‑chain analysis and cybersecurity assessments for vendors in the Drone Dominance Program. The company will apply its Advanced Cyber Threat & Resilience Assessments (ACTRA)...
The Compliance and Security Risks of Uncontrolled Hotel Communication
Hotel staff increasingly rely on personal messaging apps, creating fragmented communication channels that jeopardize guest data and operational efficiency. This lack of centralized control makes it difficult to track conversations, enforce access policies, and meet regulatory standards such as GDPR...
Threat Groups Target Cyber-Physical Systems to Disrupt Critical Infrastructure Providers
Claroty's latest report reveals a surge in attacks on cyber‑physical systems that control critical infrastructure. State‑sponsored, hacktivist and other threat groups are exploiting internet‑exposed devices, default credentials and insecure protocols to compromise SCADA and HMI platforms, often without needing software...
Water Utilities Need Hands-On Cybersecurity Help, Not Just Free Guidance, Pilot Program Finds
Microsoft, the Cyber Readiness Institute and CCTI ran a 2023‑2025 pilot to boost cybersecurity at small and medium water utilities. Of 113 utilities that expressed interest, 72 enrolled and only 43 completed the program, but utilities that received a dedicated...
Secure File Transfer Services: Types, Tools and Selection Tips
Secure file transfer services replace legacy protocols with encrypted, access‑controlled solutions that meet modern compliance demands. The market spans simple SCP tools to sophisticated Managed File Transfer platforms offering AI‑driven threat detection, audit logging, and integration with identity providers. Leading...
