Introducing Red Hat Build of Podman Desktop: Enterprise-Ready Local Container Development Environments
Red Hat has announced the general availability of its own build of Podman Desktop, delivering an enterprise‑grade, secure‑by‑design local container development environment. The offering bridges the long‑standing gap between developers’ laptops and hardened OpenShift clusters, leveraging the same trusted RHEL components. With official Red Hat support, SLAs, and regular security updates, organizations can adopt the tool without abandoning existing Docker or Podman workflows. The release aims to eliminate the “works on my machine” risk and streamline the path from code to production.
Marietta Also Affected by BridgePay Ransomware Attack.
The BridgePay Network Solutions ransomware attack disrupted the City of Marietta’s online credit‑card processing, halting business‑license payments on February 6, 2026. BridgePay’s forensic review found no payment‑card data was compromised, and the ransomware group remains unidentified. The city is deploying a temporary,...
The Rise of Credential Stuffing Attacks
Credential stuffing attacks are surging as attackers exploit reused passwords harvested from past breaches. The technique is cheap, highly automated, and blends into normal traffic, making detection difficult. Small‑to‑mid‑size businesses, SaaS platforms, and customer‑facing portals are prime targets because they...
Washington Hotel in Japan Discloses Ransomware Infection Incident
Washington Hotel, a Japanese hospitality chain with 30 properties and 11,000 rooms, disclosed a ransomware breach on February 13, 2026 that compromised business data on its servers. The hotel immediately isolated the affected systems, formed an internal task force and enlisted police,...
MCP Leaves Much to Be Desired when It Comes to Data Privacy and Security
The Model Context Protocol (MCP) was introduced as a universal interface that lets AI agents tap into enterprise data and services. In practice, the protocol has become a lightning rod for privacy breaches: a rogue MCP server harvested WhatsApp chats...
Eurail Says Stolen Traveler Data Now up for Sale on Dark Web
Eurail B.V., the Dutch operator of European rail passes, confirmed that data stolen in a breach earlier this year is now being offered for sale on the dark web. A threat actor also posted a sample of the compromised records...
Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware
A new social‑engineering campaign uses a fake Cloudflare‑style CAPTCHA to trick Windows users into pasting a malicious PowerShell command. The clipboard‑to‑run technique launches the fileless StealC malware, which injects reflective shellcode into svchost.exe and exfiltrates browser credentials, cryptocurrency wallets, Outlook...
BeyondTrust RCE Exploited for Domain Control
Attackers are actively exploiting CVE‑2026‑1731, an unauthenticated OS command injection flaw in self‑hosted BeyondTrust Remote Support and Privileged Remote Access appliances. The vulnerability enables remote code execution, allowing threat actors to run commands as SYSTEM, install the SimpleHelp RMM tool,...
Indian Cyber-Tech Is the Model for European Airports
Indian firms WAISL and GRAMAX have created AeroWise, an AI‑driven airport predictive operation centre that blends digital‑twin technology with embedded cyber‑security. The solution includes miniature physical models of terminals, runways and ancillary systems that can be “war‑gamed” to visualize attack...
Virtual IT Group Crowns Maurice McCarthy as New CEO
Virtual IT Group has appointed Maurice McCarthy, a former Optus customer‑success director, as its new chief executive officer, succeeding founder Christian Pacheco. McCarthy brings 25 years of telecom leadership and will focus on client outcomes, service reliability, and responsible AI integration. Pacheco transitions...
Identity Is the New Perimeter for State Government Cybersecurity
State and local governments are shifting from perimeter‑based defenses to an identity‑first security model, as highlighted in the State CIO Top 10 Priorities for 2026. The article argues that who a user—or nonhuman account—is matters more than where they connect,...
When Is It Time to Upgrade Your Control System?
Control system upgrades are back on plant executives' agendas as new capital budgets roll out for the year. The article highlights three primary risks of aging automation: hardware failure, cybersecurity vulnerabilities, and the erosion of tribal knowledge. It urges decision‑makers...
When Is It Time to Upgrade Your Control System?
Plant managers face pressure to refresh aging control systems as new capital budgets roll out. Older PLCs and DCS platforms expose facilities to hardware failures, heightened cybersecurity vulnerabilities, and loss of tribal knowledge. Experts recommend a ten‑year upgrade cadence to...
Infostealer Malware Found Stealing OpenClaw Secrets for First Time
Hudson Rock reported the first in‑the‑wild incident of an infostealer stealing OpenClaw configuration files. The malware, identified as a Vidar variant, exfiltrated files such as openclaw.json, device.json, and soul.md on February 13, 2026, revealing API tokens, private keys, and personal data. These...
Telefónica Tech Promotes Digital Identity Management in the Insurance Sector in Spain
Telefónica Tech is launching a unified digital identity platform for Spain’s insurance sector, enabling secure, self‑sovereign access to digital services. The initiative builds on a 2023 European trial and integrates cloud, IoT, big‑data and blockchain capabilities. Partnering with the insurance...
The Olympics Are Going Mobile — Your Security Strategy Has to Follow
The Milano Cortina 2026 Winter Olympics will see mobile devices become the primary attack surface, mirroring the digital surge seen at Paris 2024 where billions engaged via apps and streaming. Cybercriminals are already deploying Olympic‑themed phishing, fake ticketing sites, malicious apps and QR‑code...
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
OysterLoader, a C++‑based multi‑stage malware loader also known as Broomstick and CleanUp, has been updated through early 2026 with enhanced command‑and‑control infrastructure and obfuscation techniques. The loader now employs a three‑step HTTP/HTTPS handshake, custom Base64 alphabets, and a modified LZMA...
Cubbit Powers Swiss Cantonal-Level Sovereign Cloud for Ailanto
IT integrator Ailanto announced a sovereign cloud service for Swiss organizations built on Cubbit’s DS3 Composer software‑defined object storage. The offering launches with 1 PB of capacity hosted in Swiss‑based data centres and will expand later in 2026. It provides S3‑compatible,...
Vault Radar 2025 Recap: Expanding Visibility, Deepening Integration, and Simplifying Security
HashiCorp's Vault Radar, launched in 2025, expanded its secret‑sprawl detection across developer tools and cloud services, adding integrations for Jira, VS Code, Amazon S3, Slack, and AWS Secrets Manager. The platform introduced real‑time IDE scanning, direct remediation through Vault, webhook alerts,...
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
Operation DoppelBrand, attributed to the financially motivated GS7 group, launched a large‑scale phishing campaign against Fortune 500 financial and technology firms between December 2025 and January 2026. The attackers registered over 150 look‑alike domains, used automated SSL certificates and rotating registrars, and cloned...
Passwords to Passkeys: Staying ISO 27001 Compliant in a Passwordless Era
Organizations are rapidly replacing passwords with passkey authentication to curb the 49% of security incidents tied to compromised credentials. Passkeys, built on FIDO2 and WebAuthn, satisfy AAL2/AAL3 standards and are already deployed in billions of accounts, including Google’s 800 million users....
What Your Bluetooth Devices Reveal
A developer released Bluehood, an open‑source Bluetooth scanner that passively logs nearby devices and visualises their appearance patterns. The tool runs on a Raspberry Pi or laptop and can identify phones, wearables, vehicles and IoT gadgets without ever connecting. Its release...
Passwork 7.4 Enhances Enterprise Security with Centralized User Vault Restrictions
Passwork has launched version 7.4, adding centralized restrictive settings for User vaults. Administrators can now block adding users, sending passwords, creating links, and shortcuts across all personal vaults. The controls apply automatically to existing and new vaults, tightening data‑leak defenses and...
Microsoft Equips CISOs and AI Risk Leaders with a New Security Tool
Microsoft has launched a public‑preview Security Dashboard for AI, consolidating posture and real‑time risk signals from Microsoft Defender, Entra, and Purview into a single interface. The tool inventories AI assets—including models, agents, and third‑party applications—and surfaces AI‑related security risks in...
5 Reasons Why Detego Case Manager For DFIR Is Ideal For Investigative Teams
Detego Case Manager for DFIR launches as a purpose‑built platform that consolidates digital and physical evidence, audit trails, and chain‑of‑custody logs in a tamper‑proof environment. It offers a unified dashboard delivering real‑time visibility, customizable Kanban‑style workflows, and role‑based permissions for...
260K+ Chrome Users Duped by Fake AI Browser Extensions
Researchers at LayerX uncovered 30 malicious Chrome extensions masquerading as AI assistants, collectively amassing over 260,000 downloads. These extensions embed attacker‑controlled iframes that capture user prompts, emails, and webpage data, then relay them to remote servers while returning plausible AI...
Resecurity Highlights AI-Driven Cybersecurity at AI Everything MEA Egypt 2026
Resecurity, a U.S. cybersecurity firm, showcased its AI‑driven threat detection suite at AI Everything MEA Egypt 2026, an event held under President Abdel‑Fattah El‑Sisi’s patronage and organized by the Ministry of Communications and Information Technology. In partnership with Alkan CIT/Alkan Telecom, the company...
He Tried to Extort the Dutch Police. It Didn’t Work Out Well for Him.
A 40‑year‑old man from Ridderkerk attempted to extort the Dutch police by demanding something in exchange for returning compromised files. Police intercepted the scheme and arrested him on Thursday evening around 7:00 PM. The arrest was reportedly triggered by a procedural...
CISA Gives Feds 3 Days to Patch Actively Exploited BeyondTrust Flaw
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the actively exploited BeyondTrust Remote Support vulnerability (CVE‑2026‑1731) within three days. The flaw, an OS command‑injection that enables unauthenticated remote code execution, affects Remote Support 25.3.1...
Leaky Chrome Extensions with 37M Installs Caught Divulging Your Browsing History
Security researcher Q Continuum identified 287 Chrome extensions that secretly transmit users' browsing histories, affecting an estimated 37 million installations worldwide. The extensions span categories such as VPNs, productivity utilities, and shopping add‑ons, and many request broad host permissions that enable...
Ransomware Gangs Are Using Employee Monitoring Software as a Springboard for Cyber Attacks
Threat actors have weaponized Net Monitor for Employees, a legitimate workforce‑tracking product, as a remote access trojan and paired it with SimpleHelp RMM software to stage ransomware attacks. Huntress identified two separate incidents where the dual‑tool chain was used to...
Cybersecurity Leader Pete Angstadt Joins DTEX’s Advisory Board
DTEX, a leader in risk‑adaptive security, announced that cybersecurity veteran Pete Angstadt has joined its Advisory Board. Angstadt brings decades of go‑to‑market leadership, having scaled revenue at ForgeRock, Ping Identity, Securiti and Oracle’s cloud security unit. His expertise in identity‑focused...
AuthID Announces Out of the Box
authID (Nasdaq: AUID) unveiled an out‑of‑the‑box biometric security platform that conforms to the Personal Identity Verification (PIV) framework for energy, water, gas and other critical utilities. The solution replaces passwords and physical tokens with live‑face verification, protecting SCADA consoles, privileged...
DVSA Seeks £95K Digital Chief to Steer Test Booking System Out of the Ditch
The UK Driver and Vehicle Standards Agency (DVSA) is recruiting a chief digital and information officer with a £95,000 salary to overhaul its 18‑year‑old practical test booking platform, which has been plagued by bots and resale schemes. A National Audit...
ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks
OpenAI has added a Lockdown Mode and Elevated Risk labels to ChatGPT to mitigate prompt‑injection attacks and other security threats. Lockdown Mode restricts tool and network access, allowing admins to create dedicated roles that limit external interactions, initially for Enterprise,...
From Findings to Action: How SecurityBridge Is Bringing Trusted AI Into SAP Security
SecurityBridge has launched the AI Companion, the first AI‑powered security assistant built specifically for SAP environments. Leveraging a proprietary, continuously enriched SAP security knowledge base, the tool transforms thousands of technical findings into context‑aware, actionable recommendations delivered via natural‑language interaction....
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix
Researchers at Moonlock Lab discovered that hackers hijacked verified Google Ads accounts belonging to a children’s charity and a Colombian retailer to promote malicious “ClickFix” links. The ads direct users searching for macOS commands to a counterfeit Claude AI page...
Google Patches First Chrome Zero-Day Exploited in Attacks This Year
Google has issued emergency updates to patch CVE‑2026‑2441, a high‑severity use‑after‑free flaw in Chrome’s CSSFontFeatureValuesMap implementation. The vulnerability, confirmed to be exploited in the wild, can cause crashes, rendering issues, or data corruption. Google back‑ported the fix to stable desktop...
10 Years Later, Bangladesh Bank Cyberheist Still Offers Cyber-Resiliency Lessons
A decade after the Bangladesh Bank heist, the 2016 cyberattack that attempted to steal $951 million via the SWIFT network remains a benchmark for nation‑state hacking. Attackers used spear‑phishing malware to obtain valid SWIFT credentials, executing 35 fraudulent payment orders, of...
.webp?ssl=1)
LockBit 5.0 Emerges: Cross-Platform Ransomware Now Targeting Windows, Linux, and ESXi Systems
LockBit has released version 5.0, a cross‑platform ransomware that encrypts Windows, Linux and VMware ESXi systems with a single code base. The new variant uses XChaCha20 and Curve25519 encryption, while the Windows build adds sophisticated anti‑forensic tricks such as ETW...
Apple Privacy Labels Often Don’t Match What Chinese Smart Home Apps Do
A new study of 49 Chinese smart‑home apps on Apple’s App Store reveals systematic gaps in by‑stander privacy and frequent mismatches between privacy policies, user‑interface controls, and App Store privacy labels. All apps require real‑name phone registration and collect a...
In GitHub’s Advisory Pipeline, some Advisories Move Faster than Others
A new study of 288,604 GitHub Security Advisories from 2019‑2025 shows that only about 8% (23,563) complete GitHub’s formal review process. Advisories created directly in repositories are reviewed far faster—median under one day—than those imported from the National Vulnerability Database,...
Don’t Panic over CISA’s KEV List, Use It Smarter
In a Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains CISA’s Known Exploited Vulnerabilities (KEV) Catalog and clears up common misconceptions. He notes that KEV entries vary in urgency, with some requiring local access and...
Lotus Blossom Hackers Breach Official Notepad++ Hosting Infrastructure
Between June and December 2025, the state‑sponsored Lotus Blossom group compromised the shared hosting provider that delivered Notepad++ updates, turning the popular text editor into a covert espionage conduit. By exploiting weaknesses in the older WinGUp updater, attackers redirected update...
MOS: Open-Source Modular OS for Servers and Homelabs
MOS is an open‑source, modular operating system built on Devuan that targets homelab enthusiasts and small‑scale server operators. It unifies server monitoring, storage pooling, container orchestration, and virtualization behind a browser‑based dashboard and a REST/WebSocket API. The platform leverages mergerfs...
Canada Goose Investigating as Hackers Leak 600K Customer Records
Canada Goose disclosed that a 1.67 GB dataset containing over 600,000 customer records was posted by the ShinyHunters extortion group. The leak includes personal identifiers, shipping details, IP addresses and partial payment‑card information, but the company says it found no evidence...
Firewall Penetration Testing: Definition, Process and Tools
The episode explains firewall penetration testing, detailing its purpose of validating filtering rules and boundary controls to prevent unwanted traffic. It walks through a 14‑step methodology—from discovery and port scanning to firewalking, NAT testing, and rule‑base analysis—highlighting the tools (Nmap,...
Making Sense of AI’s Role in Cyber Security
Executive interest in AI has flooded the cyber‑security market, prompting CISOs to evaluate a surge of AI‑enhanced tools. While some solutions genuinely reduce analyst workload and improve detection, many are marketing‑driven add‑ons lacking proven risk reduction. Experts warn that AI...
Cloud and AI to Ramp up Operational Risk in 2026: Brennan
Brennan’s latest analysis warns that expanding multi‑cloud footprints and rapid AI trials will heighten operational risk in 2026. Seventy‑five percent of surveyed organisations say their attack surface has grown, prompting a move away from pure public‑cloud strategies toward hybrid, repatriated...
Zero-Knowledge Proofs for Verifiable MCP Tool Execution
The episode examines the trust gap in Model Context Protocol (MCP) deployments, where AI models invoke remote tools without verifiable proof of correct execution. It introduces zero‑knowledge proofs (ZKPs), especially Sigma‑Protocols and non‑interactive variants like SNARKs, as a way for...
