RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India
A newly released Aryaka report details a Pakistan‑attributed APT36 campaign that has launched a three‑pronged cyber assault on Indian government and defense entities. The operation employs three distinct Remote Access Trojans—GETA (a .NET Windows RAT), ARES (a Python‑based Linux RAT), and Desk (a Go‑based PowerPoint add‑in). All three rely on phishing‑borne payloads, living‑off‑the‑land binaries, and encrypted C2 channels to maintain stealthy, long‑term persistence for intelligence gathering.
Vega Raises $120M Series B to Rethink How Enterprises Detect Cyber Threats
Vega Security announced a $120 million Series B round, lifting its valuation to $700 million. The Boston‑based startup aims to overturn the traditional SIEM model by analyzing security data where it already resides—in cloud services, data lakes, and existing storage—using an AI‑native platform....
Microsoft 365 Outage Takes Down Admin Center in North America
Microsoft confirmed a service outage affecting the Microsoft 365 admin center for some business and enterprise administrators in North America. The disruption also extends to the M365 app, with users experiencing degraded functionality and inability to raise support tickets. Thousands...
Safer Internet Day – How the VPN Industry Is Reacting to the Rising Risks of AI
Safer Internet Day 2026 spotlighted the safe, responsible use of AI, prompting VPN leaders to embed privacy into generative tools. Proton introduced Lumo, an open‑source chatbot that encrypts every conversation and refuses to train on user data. ExpressVPN announced ExpressAI,...
How to Automate AWS Incident Investigation with Tines and AI
The article details a pre‑built Tines workflow that automates AWS incident investigation by running CLI commands through secure Tines agents. Instead of analysts manually logging into the AWS console and crafting commands, the workflow pulls the required data directly into...
Flash Freezing Flash Boys: Per-Transaction Encryption to Fight Malicious MEV
Malicious MEV, especially sandwich attacks, still extracts over $2 million monthly from Ethereum traders. Researchers propose Flash Freezing Flash Boys (F3B), a per‑transaction threshold encryption scheme that keeps transaction data hidden until finality. The protocol can be built with TDH2 or...
Imprivata Delivers Passwordless Access to Improve Security, Compliance, and Productivity
Imprivata has expanded its Enterprise Access Management platform with context‑aware passwordless authentication, AI‑powered risk signaling, and behavioral analytics. The new suite supports FIDO passkeys, facial recognition, and zero‑trust VPN‑less remote access, aiming to streamline access for frontline staff and knowledge...
58% of Brits Faced Significant Online Risk in 2025 – Increased AI Usage Is Reducing Digital Trust
Microsoft’s 2026 Global Online Safety Survey reveals that 58% of UK residents encountered a major online risk in 2025, with fraud and cyberbullying topping the list. Generative AI usage has surged to 28% weekly, up from 9% three years earlier,...
Portnox Expands ZTNA with Passwordless Access for RDP, SSH, and Enterprise Consoles
Portnox has broadened its zero‑trust network access (ZTNA) platform to include passwordless connectivity for console‑based protocols such as RDP, SSH, VNC and Telnet. The expansion removes credential‑based authentication, a vector behind roughly 80 % of data breaches, while preserving a frictionless...
Closing the Security Gap in AI-Driven Telco Operations
Communications service providers are deploying AI in billing, service configuration and revenue recognition faster than they are building governance structures. McKinsey reports that while eight‑in‑ten firms use generative AI, only one percent consider their AI strategy mature, highlighting a gap...
BloodHound Scentry Helps Organizations Reduce Identity Risk and Close Attack Paths
SpecterOps has launched BloodHound Scentry, a managed service that pairs the BloodHound Enterprise platform with seasoned security practitioners to fast‑track identity attack‑path management (APM). The offering delivers tailored remediation, monthly threat analysis, privilege‑zone design, OpenGraph extensions, and custom reporting, promising...
Trojanized 7-Zip Downloads Turn Home Computers Into Proxy Nodes
Malwarebytes discovered a trojanized version of the popular 7‑Zip installer that silently adds proxyware payloads, turning compromised home computers into residential proxy nodes. The malicious installer is hosted on a look‑alike domain (7zip.com) and is often reached through erroneous links...
Armis Centrix Brings Unified, AI-Driven Application Security to the SDLC
Armis introduced Centrix for Application Security, an AI‑driven platform that unifies vulnerability detection across the entire software development lifecycle. The solution scans source code, dependencies, container images and configuration files in unlimited languages, delivering context‑aware insights tied to the CI/CD...
What CFOs Can Do to Close the Cyber-ERM Integration Gap
A new APQC study shows only 41% of firms integrate cybersecurity into enterprise risk management (ERM), leaving a critical visibility gap. The report highlights that merely 23% apply unified risk structures to suppliers, despite third‑party breaches rising. CFOs can close...
Capitol AI Names Chester Leung as Vice President of Engineering to Advance Enterprise Trust, Security, and Governance
Capitol AI announced Chester Leung as Vice President of Engineering, bolstering its leadership as the firm pushes AI tools deeper into workflows handling sensitive data. Leung brings a risk‑first mindset and extensive experience building secure, governance‑focused AI platforms, most recently...
Google Can Now Monitor Search For Your Government IDs via @Sejournal, @MattGSouthern
Google expanded its “Results about you” tool to let users monitor and request removal of search results containing government‑issued IDs such as passports, driver’s licenses, and Social Security numbers. The feature builds on existing monitoring for phone numbers and home...
Versa SASE Platform Now Prevents Sensitive Data From Being Shared With AI
Versa has upgraded its Universal SASE Platform (v23.1.1) with advanced text‑analysis and OCR capabilities that can spot sensitive data hidden in documents and images, cutting false‑positive DLP alerts. The release also embeds a Model Context Protocol server, letting the Verbo...
Most Engagement Data Is Compromised and That’s a Major Security Problem
Most digital engagement metrics are being polluted by bots, synthetic traffic, and identity spoofing, turning them from reliable signals into attack surfaces. Datavault AI is addressing this by building a verification‑first platform that authenticates human actions at the point of...
“Digital Parasite” Warning as Attackers Favor Stealth for Extortion
Picus Security’s Red Report 2026, based on analysis of over 1.1 million malicious files and 15.5 million actions, shows threat actors now favor stealthy persistence and silent data exfiltration for extortion. Process injection remains the top technique for the third consecutive year, accounting...
ANYbotics Achieves ISO 27001 Certification
ANYbotics earned ISO/IEC 27001 certification after a multi‑stage audit, achieving zero non‑conformities on its first attempt. The certification validates the company’s world‑class Information Security Management System and signals maturity in security governance. It directly addresses the compliance concerns of energy and...
ID Dataweb Achieves SOC 2 Type II Attestation, Strengthening Transparency and Confidence in Security Controls
ID Dataweb announced it has again earned SOC 2 Type II attestation for its platform, confirming that its security, availability and confidentiality controls operate effectively over time. The audit, performed by an independent third party, validates continuous compliance with the AICPA...
Phantom Chat Under Scrutiny After $264K Address Poisoning Loss
Phantom wallet’s new chat feature has come under fire after an investor lost roughly $264,000 worth of wrapped Bitcoin in an address‑poisoning scam. Researchers traced the theft to a 3.5 wBTC transfer that leveraged a small‑value transaction in the victim’s history,...
Microsoft Announces New Mobile-Style Windows Security Controls
Microsoft announced that Windows 11 will adopt smartphone‑style permission prompts, requiring user consent before apps can access files, cameras, microphones or install software. The rollout introduces a Baseline Security Mode that enforces runtime integrity by allowing only signed code to run,...
New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices
ZeroDayRAT, a commercial mobile spyware kit, provides full remote control of iOS and Android devices. Available through Telegram, the toolkit includes live camera streaming, keylogging, GPS tracking, and modules for bank credential harvesting and clipboard‑based crypto theft. Researchers at iVerify...
New ‘SSHStalker’ Linux Botnet Uses Old Techniques
Security firm Flare has uncovered a new Linux botnet named SSHStalker that relies on a suite of decade‑old exploits and IRC‑based control mechanisms. The malware chain deploys multiple C‑based and Perl IRC bots, leverages 19 Linux kernel vulnerabilities from 2009,...
Pride Month Phishing Targets Employees via Trusted Email Services
Scammers have launched a Pride‑themed phishing campaign weeks before June, exploiting diversity messaging to steal employee credentials. The operation leverages compromised SendGrid accounts to send seemingly internal emails that either promise Pride branding or an opt‑out link, driving engagement regardless...
Show HN: Pipelock – All-in-One Security Harness for AI Coding Agents
Pipelock is a single‑binary, zero‑dependency security harness designed for AI coding agents that need shell access and API keys. It isolates the agent process from unrestricted internet by routing all web traffic through a fetch‑proxy that applies a seven‑layer scanning...
Windows Shortcut Weaponized in Phorpiex-Linked Ransomware Campaign
Forcepoint X‑Labs uncovered a Phorpiex‑driven phishing campaign that weaponizes Windows shortcut (LNK) files to deliver Global Group ransomware. The emails use a double‑extension lure such as "Document.doc.lnk" and hide the true file type behind Windows’ default extension hiding. Once opened,...
NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
The UK National Cyber Security Centre (NCSC) has issued an urgent alert to critical national infrastructure (CNI) providers, warning of "severe" cyber‑attacks that could disrupt essential services. The warning follows a coordinated malware strike on Poland’s energy grid in December,...
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
ZAST.AI announced a $6 million Pre‑Series A round led by Hillhouse Capital, bringing total funding near $10 million. The Seattle‑based startup claims its AI‑driven platform delivers “zero false‑positive” code security by automatically generating and validating proof‑of‑concept exploits. In 2025 the company uncovered...
Single Prompt Breaks AI Safety in 15 Major Language Models
Microsoft researchers uncovered a novel attack called GRP‑Obliteration that uses a single benign‑sounding prompt to strip safety guardrails from 15 major language and image models. By hijacking the Group Relative Policy Optimization training loop, the method rewards harmful completions, driving...
Why Law Firms Are Increasingly Investing in Managed IT Support
Law firms are turning to managed IT support to counter escalating cyber threats, meet strict compliance mandates, and sustain uninterrupted client service. Subscription‑based models replace ad‑hoc repairs, delivering predictable budgeting and scalable resources. Proactive monitoring curtails downtime, while secure remote‑work...
Cisco Donates Project CodeGuard to Coalition for Secure AI
Cisco has donated its Project CodeGuard framework to the OASIS Open‑run Coalition for Secure AI (CoSAI). The model‑agnostic security coding agent embeds best‑practice rules across the entire software development lifecycle, from design through AI‑generated code to post‑generation review. CodeGuard integrates...
Ask an Expert: Should Merchants Block AI Bots?
E‑commerce veteran Scot Wingo argues that merchants must decide whether to block or welcome AI bots that now crawl retail sites. Four major agents—ChatGPT, Google Gemini, Microsoft Copilot and Perplexity—collectively command roughly one billion monthly active users, and Google’s shift to AI...
Secure Mobile Communications Market Set for Rapid Growth Amid Rising Cybersecurity Threats
The global secure mobile communications market is projected to expand from $28.5 bn in 2026 to $100.9 bn by 2033, reflecting a 19.8% compound annual growth rate. Growth is fueled by escalating cyber‑threats, stricter data‑privacy regulations, and the shift toward remote, mobile‑first...
Taxing Times: Top IRS Scams to Look Out for in 2026
Tax season in 2026 is seeing a surge in sophisticated IRS‑related scams, with fraudsters leveraging AI, phishing, and fake W‑2 schemes to steal personal data and refunds. Scammers impersonate the agency via email, text, or phone, demanding payment through gift...
DuckDuckGo Enables AI Voice Chat without Saving Voice Data
DuckDuckGo has integrated AI-powered voice chat into its Duck.ai assistant, allowing users to converse with the model using spoken input. The company emphasizes that audio streams are processed in real time and are not stored after the session, with encryption...
SailPoint Sees Rising Demand for Adaptive Identity Security
SailPoint reports growing demand for adaptive identity security as enterprises grapple with an influx of non‑human identities such as AI agents, machines, and service accounts. The company unveiled its Agent Identity Security feature, enabling discovery, classification, and governance of these...
AlgoSec Study Finds Enterprises Seek More Control in Network Security
AlgoSec’s State of Network Security Report, based on over 500 global respondents, reveals enterprises are shifting toward unified policy control amid rapid cloud growth, AI‑driven traffic, and hybrid workloads. Sixty‑five percent of organizations have already adjusted to AI‑powered threats, with...
FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures
Australian fixed‑income firm FIIG Securities was hit with a AU$2.5 million civil penalty after the Federal Court found it failed to protect client data for over four years. A 2023 ransomware attack exfiltrated roughly 385 GB of personal and financial information belonging...
The New Gemini-Based Google Translate Can Be Hacked with Simple Words
Google Translate switched to Gemini models in December 2025, and researchers have uncovered a prompt‑injection flaw that lets users bypass the translation engine entirely. By appending an English instruction after foreign‑language input, the system answers the instruction instead of translating....
ENISA Updates Its International Strategy to Strengthen EU’s Cybersecurity Cooperation
The European Union Agency for Cybersecurity (ENISA) has published an updated International Strategy aimed at reinforcing the EU’s cyber‑defence ecosystem through selective global cooperation. The revision aligns partnerships with the EU’s policy objectives, highlighting collaborations with Ukraine, the United States,...
Navigating MiCA: A Practical Compliance Guide for European CASPs
The EU’s Markets in Crypto‑Assets Regulation (MiCA) replaces disparate national rules with a single, EU‑wide framework for Crypto‑Asset Service Providers (CASPs). It mandates incorporation in an EU member state, a national licence, and capital thresholds ranging from €50,000 to €150,000...
Understanding Breaches Before and After They Happen: What Every Organization Should Know
The article highlights that most cyber breaches stem from basic hygiene failures—human error, unpatched software, weak authentication, and poor segmentation—rather than sophisticated exploits. Multi‑factor authentication (MFA) blocks the majority of automated attacks but remains vulnerable to fatigue and social‑engineering tricks....
How AI Is Reshaping Attack Path Analysis
Cybersecurity teams are drowning in disparate findings, while adversaries leverage AI to craft rapid attack chains. By integrating AI with the MITRE ATT&CK framework, organizations can generate dynamic heat maps that surface coverage gaps and model realistic attack paths. Platforms...
Fugitive Behind $73M 'Pig Butchering' Scheme Gets 20 Years in Prison
A dual Chinese‑St. Kitts and Nevis national, Daren Li, was sentenced in absentia to 20 years in prison for his role in an international cryptocurrency pig‑butchering scheme that stole over $73 million from U.S. victims. The fraud operated through a network of 74...
EnforceAuth Launches First AI-Native Security Fabric to Govern Autonomous Software Decisions
EnforceAuth unveiled its AI Security Fabric, the first authorization platform built specifically to govern decisions made by AI agents, automated workflows, and machine identities in real time. The solution shifts security focus from static identity checks to contextual, decision‑centric controls,...
Senegal Confirms Cyberattack on Agency Managing National ID and Biometric Data
Senegal’s Directorate of File Automation (DAF) confirmed a cyberattack that forced a shutdown of national ID card, passport and biometric services. Ransomware group The Green Blood Group claims to have exfiltrated 139 TB of citizen records and posted samples on the...
Securing Horological Assets: The Evolution of Smart Technology in Modern Watch Safes
Luxury watches are now treated as high‑value alternative assets, prompting collectors to seek institutional‑grade protection. WatchMatic has introduced the Watch Winder Safe Box, combining biometric fingerprint access, encrypted digital locks, and active humidity control to safeguard both security and watch...
What Happens when Cybersecurity Knowledge Walks Out the Door
Andrew Northern, Principal Security Researcher at Censys, argues that mentorship is vital for preserving institutional memory and judgment under pressure in cybersecurity teams. He warns that when senior defenders disengage, the tacit knowledge needed to protect legacy‑heavy environments evaporates quickly....
