Ransomware Attack Disrupts Operation at Major Spanish Fishing Port
A ransomware attack on Spain’s Port of Vigo forced the isolation of critical cargo‑management servers, compelling the port to run operations manually. The breach was detected on Tuesday, and officials have refused to reconnect the systems until they can guarantee they are clean. Physical ship movements continue, but digital coordination and paperwork have been severely disrupted. The incident adds to a growing list of ransomware strikes on maritime hubs worldwide, highlighting the sector’s escalating cyber risk.
Cloud Phones Linked to Rising Financial Fraud Threat
A Group‑IB report released on March 25 reveals that cloud phones—remote‑access Android devices hosted in data centres—are being weaponized for financial fraud. Because they replicate genuine smartphones, they bypass conventional device‑fingerprinting tools, allowing fraudsters to create and operate dropper accounts...
NetApp Seals Elastio and Commvault Deals for More Resilience and Less Ransomware
NetApp announced partnerships with Elastio and Commvault to bolster its Ransomware Resilience Service. Elastio’s agent‑less detection and Provable Recovery controls will be embedded in ONTAP snapshots to spot zero‑day ransomware and provide immutable recovery points. Together with Commvault, NetApp will...
Why Strong Authentication Beyond the Browser Will Define the Future of Connected Devices
The rise of connected cars, smart homes, wearables and industrial IoT is stretching authentication beyond the traditional web browser. Regulators such as UNECE WP.29 and the U.S. IoT labeling program are imposing baseline security requirements for vehicle software and consumer...
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
SentinelOne’s 2026 Annual Threat Report warns that identity‑based attacks have escalated to an industrial scale, with threat actors exploiting legitimate enterprise credentials to bypass traditional defenses. Attackers are using social‑engineering, MFA‑bypass kits, and brute‑force tactics to hijack high‑privilege accounts, even...
Puerto Rico Government Agency Cancels Driver’s License Appointments After Cyberattack
Puerto Rico’s Department of Transportation halted all driver‑license and registration appointments after a cyberattack forced the agency to disconnect its networks on Monday. The Puerto Rico Innovation and Technology Service (PRITS) is working with the DOT to assess the breach,...
.png?width=1200&auto=webp&crop=3%3A2)
The Online Security Features You Need While Travelling or Working Abroad
Surfshark One is an all‑in‑one cybersecurity suite designed for travelers and remote workers. It combines VPN, antivirus, price‑masking, and identity‑protection tools to secure connections on public Wi‑Fi, bypass regional blocks, and prevent price discrimination. The platform also offers breach alerts...
US Clouds Cast Long Shadow over EU Data Sovereignty, Says Osmium
Osmium Data Group warns that using US‑owned cloud providers for backups undermines European data‑sovereignty, even when the physical datacenter sits in the EU. The firm evaluated four source‑and‑destination scenarios, ranking a Europe‑owned source and datacenter as highest compliance, while a...
Deploy Best-Practice Security Policies Instantly with Transaction Security Policy Accelerator
Salesforce Labs has launched the Transaction Security Policy Accelerator, a free AppExchange app that lets administrators install a library of pre‑configured, best‑practice Transaction Security Policies with a single click. The policies are aligned with Salesforce’s Essential Transaction Security documentation and...
_Panther_Media_GmbH_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
Unit 42 at Palo Alto Networks has uncovered a seven‑month phishing campaign in which attackers impersonated the company’s recruiters to target senior professionals. The scammers harvest LinkedIn data to craft highly personalized emails that claim a candidate’s résumé failed an...
Deepfakes Vulnerable to AI Fingerprint Hacks, Study Finds
Researchers at the University of Edinburgh demonstrated that AI fingerprints used to identify deepfake images can be easily removed or forged. Their evaluation of 12 generators and 14 fingerprinting methods showed removal success rates above 80% for attackers with full...
Marlink Reports 50% Surge in GNSS Interference Impacting Global Shipping
Marlink’s March 25 technical bulletin reports a 50% jump in GNSS interference incidents across its maritime fleet, driven by jamming and spoofing in the Middle East and other high‑traffic corridors. The disruptions threaten vessel navigation, satellite antenna tracking, and broadband connectivity....
Why a 'Near Miss' Database Is Key to Improving Information Sharing
At RSAC 2026, security leaders Wendy Nather and Bob Lord urged the cybersecurity community to treat near‑miss incidents with the same transparency as full breaches. They defined a near miss as an event that almost succeeded, highlighting that many organizations lack...
Paid AI Accounts Are Now a Hot Underground Commodity
Cybercriminals are building a thriving underground market for premium AI platform access, reselling accounts for tools like ChatGPT, Claude, and Microsoft Copilot. Flare’s analysis of fraud‑oriented forums shows recurring listings that bundle subscriptions, claim reduced restrictions, and target buyers seeking...
BlueFinity Evoke Offers Enhanced Two-Factor Security
BlueFinity has rolled out two‑factor authentication (2FA) as a standard feature in Release 3 of its Evoke low‑code platform. The update adds native Active Directory integration and OAuth‑compatible email handling for Exchange, Gmail and other services. Users can enable 2FA with...
Cyera Closes Major Gaps in Securing Enterprise AI
Cyera unveiled three new AI‑security tools—Browser Shield, Data Lineage, and the Cyera MCP platform—to plug critical gaps in enterprise AI adoption. Browser Shield monitors and blocks sensitive data at the prompt level for public AI models like ChatGPT, while Data...
Endpoint Security USA Launches New Site, Expands Endpoint Protection Services
Endpoint Security USA, a managed security services provider, has unveiled a redesigned website that showcases its expanded portfolio of endpoint protection solutions. The platform highlights services such as endpoint detection and response, cloud and IoT endpoint security, 24/7 SOC monitoring,...
Vorlon Adds Forensics and Response to Secure AI Agents
Vorlon introduced two new products—the AI Agent Flight Recorder and the AI Agent Action Center—to give enterprises forensic visibility and coordinated response for AI‑driven workloads. A 2026 Vorlon survey found 99.4% of U.S. organizations suffered at least one SaaS or...
Platformisation or Platform Theatre? Navigating Cyber Consolidation
Enterprise security consolidation is accelerating, with a 2025 IBM‑Palo Alto report showing firms juggle an average of 83 tools from 29 vendors. While unified platforms promise streamlined operations, many deliver only superficial integration, creating a hidden single point of failure....
SentinelOne Expands Strategic Collaboration with Google Cloud to Deliver Autonomous, AI-Powered Security at Global Scale
SentinelOne announced a multi‑year strategic collaboration with Google Cloud to fuse its AI‑native Singularity platform with Google’s global infrastructure and threat intelligence. The partnership expands SentinelOne’s autonomous EDR availability to three Google Cloud regions—North America, Frankfurt, and Saudi Arabia—addressing data‑sovereignty...
DigiCert Document Trust Manager Enhancements Improve Document Security and Compliance
DigiCert has upgraded its Document Trust Manager to counter AI‑driven document fraud by centralising signing key management and workflow visibility. The enhancements add unified monitoring, a secure certificate repository with MFA, and pre‑integrated support for DocuSign, Adobe Sign and other...
NY Army Guard's Cyber Protection Team 173 Fights Computer Battle During Kingston Armory Exercise
From February 23‑26, 2026, the New York Army National Guard’s Cyber Protection Team 173 conducted a four‑day simulated ransomware attack against an electrical utility at the Kingston Armory, using the U.S. Cyber Command’s Persistent Cyber Training Environment. Thirty‑four soldiers, many...
Drata Unveils Agentic AI to Transform Enterprise Trust Workflows
Drata announced a suite of agentic AI tools—including Agentic TPRM Assessment, Agentic Questionnaire Response (beta), and AI Trust Center Setup—to automate third‑party risk reviews, security questionnaire handling, and trust‑center creation. The new capabilities promise to cut manual effort, accelerate procurement...
Solink Upgrades VerifEye Platform to Streamline Global Security Operations Centers
Solink Corp. announced a major upgrade to its VerifEye platform, adding vision‑language AI to cut alert fatigue and speed incident response. The new system filters false positives, prioritizes genuine threats, and can shrink response times to as little as three...
Gemini Picks up Criminal Activity Buried in Dark Web Noise
Google has launched a dark‑web intelligence feature within Google Threat Intelligence, powered by its Gemini AI model. The service scans millions of dark‑web events daily and automatically builds a profile of an organization’s operations, adjusting as business parameters change. By...
How to Detect and Remove Malware From an iPhone
iPhones, despite strong security, can still be compromised by malware, phishing, and other mobile threats. The article outlines six warning signs such as unfamiliar apps, excessive data usage, and battery drain, and provides a step‑by‑step removal process that includes checking...
NetSTAR and Varist Announce Alliance to Combat AI-Driven Cyber Threats
NetSTAR Global and Varist have formed a strategic alliance to bolster defenses against generative AI‑driven cyber threats. The partnership merges NetSTAR’s telemetry from over 1.8 billion endpoints and categorization of 48 billion URLs with Varist’s hybrid detection engine that safeguards more than...
Infinite Campus Security Incident Awareness: No Impact to Student Data According to Infinite Campus
Infinite Campus disclosed that a ShinyHunters actor accessed an employee's Salesforce account, exposing only staff directory information and not any student or employee databases. The breach was detected quickly, the compromised account was disabled, and services lacking IP restrictions were...
How ERP Systems Are Integrating Physical and Digital Security
Enterprises are turning to modern ERP platforms to merge physical access control, surveillance, and cybersecurity into a single, observable framework. By centralizing data streams, ERP systems enable real‑time monitoring, faster incident response, and unified compliance reporting. AI‑driven analytics further compress...
I Turned on One Windows 11 Setting and My Browsing Got Faster and More Private
The author discovered that enabling Windows 11’s system‑wide DNS‑over‑HTTPS (DoH) setting dramatically speeds up web browsing while encrypting all DNS queries, not just those from a single browser. Unlike browser‑only DoH, the OS‑level option routes every application’s DNS traffic through an...
Ex-NSA Directors Discuss 'Red Line' For Offensive Cyberattacks
At RSAC 2026, four former NSA directors and Cyber Command leaders debated the “red line” that would trigger a kinetic response to a cyberattack. The panel, held shortly after President Trump released a new offensive cyber strategy, emphasized that the...
Akamai Brand Guardian Detects and Removes AI-Driven Brand Impersonation
Akamai launched Brand Guardian, an AI‑driven evolution of its Brand Protector service, to automatically detect and remove fraudulent websites that impersonate brands. Scammers now use generative AI to create convincing fake digital assets in seconds, outpacing manual detection methods. Brand...
TP-Link Warns Users to Patch Critical Router Auth Bypass Flaw
TP‑Link released firmware updates fixing multiple critical flaws in its Archer NX series, including CVE‑2025‑15517, an authentication bypass that lets unauthenticated attackers upload firmware. The patch also removes a hard‑coded cryptographic key (CVE‑2025‑15605) and resolves two admin‑level command‑injection bugs (CVE‑2025‑15518, CVE‑2025‑15519)....
Njordium AI Blocks Fake Invoices and Fraudulent Payments
Njordium Cyber Group unveiled an AI‑driven Fraud Detection Module integrated into its new Vendor Management System, instantly flagging fake invoices, phantom services and abnormal pricing. The self‑learning engine extracts data from PDFs, OCR scans, Excel, XML and email, routing high‑confidence...
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Security firm Expel reported a surge in malicious Chrome extensions that silently capture users’ AI conversations, a practice dubbed “prompt poaching.” The extensions monitor open tabs, intercept API calls or scrape the DOM, then transmit prompts and responses to external...
Microsoft Hands Entra ID Users New Option for MFA
Microsoft has made External MFA for Entra ID generally available, leveraging the OpenID Connect standard to let organizations integrate third‑party MFA solutions while retaining Conditional Access controls. The feature appears as an external authentication method that admins can assign to...
Virtual Machines, Virtually Everywhere – and with Real Security Gaps
Virtual machines have become ubiquitous in multi‑cloud and hybrid environments, but their ease of provisioning has led to unchecked growth, known as VM sprawl. Organizations often leave idle or over‑privileged VMs running without updates or proper monitoring, creating blind spots...
Check Point Launches AI Defense Plane to Secure the Agentic Enterprise at Scale
Check Point unveiled its AI Defense Plane, a unified security control layer that safeguards the emerging agentic enterprise. The platform extends protection beyond model safety to runtime governance of AI applications, employee tools, and autonomous agents. Built on the company’s...
Codenotary Introduces AgentX for Autonomous Linux Infrastructure Security
Codenotary unveiled AgentX, an autonomous platform that uses coordinated AI agents to manage, secure, and protect large‑scale Linux infrastructure across cloud and on‑premises environments. The solution automates configuration reviews, policy enforcement, and remediation while preserving full administrator control through zero‑trust...
Saviynt Unveils Identity Security for AI Agents
Saviynt launched Saviynt Identity Security for AI, a platform that extends enterprise‑grade identity controls to autonomous AI agents. The solution addresses a reported 91% of enterprises facing blind risk from unmanaged agents by delivering continuous discovery, lifecycle governance, and real‑time...
Persistent Systems & Global Defense Leaders Advance Secure Multinational Networking
Persistent Systems hosted its third Technical Exchange Meeting, gathering over 400 Wave Relay MANET users from more than 20 nations to tackle secure multinational networking for defense. The two‑day event in Brooklyn emphasized a data‑centric architecture that enables allied forces...
Dutch Finance Ministry Investigates Data Breach in Internal Systems
On March 19, the Dutch Ministry of Finance detected unauthorized access to internal policy‑department systems after a third‑party flagged suspicious activity. The ministry quickly blocked the intrusion and took affected systems offline, while core citizen services such as tax, customs...
Agentic AI and the Future of Threat Intelligence Operations - Sachin Jade - RSAC26 #2
At RSA 2026, Cyware’s Chief Product Officer Sachin Jade unveiled the company’s Agentic Fabric, an AI‑driven platform that embeds specialized agents into threat‑intelligence, detection‑engineering, and response workflows. The discussion highlighted how raw threat data can be transformed into actionable insights through STIX/TAXII...
Manage Vulnerability Noise at Scale with Auto-Dismiss Policies
GitLab has launched auto‑dismiss vulnerability policies that let security teams codify triage rules and apply them automatically on every default‑branch pipeline. By matching on file paths, directories or vulnerability identifiers (CVE/CWE), the system can dismiss up to 1,000 findings per...
Autonomous Cyberattacks Have Arrived, Defense Executives Say
Black‑hat groups have fully automated cyber‑attack capabilities using frontier AI models, a shift that outpaces current defense architectures, according to executives at the RSA Conference. These models can identify and weaponize unpatched software flaws, with a new wave expected within...
PTC Warns of Imminent Threat From Critical Windchill, FlexPLM RCE Bug
PTC has disclosed a critical remote‑code‑execution vulnerability (CVE‑2026‑4681) affecting its Windchill and FlexPLM product‑lifecycle‑management platforms. The flaw stems from unsafe deserialization of trusted data and impacts all supported versions, including every critical patch set. German federal police (BKA) have sent...
_imageBROKER.com_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
CSA Launches CSAI Foundation for AI Security
The Cloud Security Alliance unveiled CSAI, a new 501(c)3 nonprofit dedicated to AI security and safety, with a focus on governing the emerging "agentic control plane" that manages identity, authorization, and trust for autonomous AI agents. CSAI will run six...
CTEM for Healthcare: A Guide to Continuous Threat Exposure Management
Continuous Threat Exposure Management (CTEM) is a Gartner‑originated framework that shifts healthcare cybersecurity from periodic, patch‑centric vulnerability programs to real‑time, threat‑informed risk mitigation. CrowdStrike’s field CTO Cristian Rodriguez highlights that CTEM correlates exposures with exploitability, adversary behavior, and business impact,...
US Mortgage Sued over Ransomware Attack
Former US Mortgage employee Richard Bernich filed a federal negligence lawsuit after the lender suffered a ransomware attack in May 2025 that compromised Social Security numbers, financial details and limited medical data of consumers and staff. US Mortgage, which originated...
Australia's Critical Infrastructure Security Laws "Toothless"
An independent review has labelled Australia’s Security of Critical Infrastructure (SoCI) Act “toothless,” arguing that its penalties are treated as a routine cost rather than a deterrent. The review urges a shift from paperwork‑centric compliance to a penalty‑based risk‑management regime...