Sumsub’s AI Agent Verification Binds Automation to Verified Human Identity
Sumsub has introduced AI Agent Verification, a new layer that ties AI‑driven automation to a verified human identity through its Know Your Agent framework. The solution detects automated activity, evaluates its risk, and triggers targeted liveness checks when needed, ensuring that every automated action can be traced back to a real person. By treating automation as a manageable risk rather than an automatic threat, Sumsub aims to curb AI‑enabled fraud while preserving frictionless user experiences. The launch responds to a 180% YoY rise in coordinated AI fraud attacks reported in its 2025‑2026 Identity Fraud Report.
Cside VPN Detection Enables Control of VPN Traffic to Prevent Fraud and Legal Exposure
cside has launched VPN Detection, a solution that identifies and manages traffic routed through virtual private networks. Unlike traditional IP‑list methods, it analyzes network behavior, browser fingerprints, and packet timing across OSI layers three to seven. The tool aims to...
3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026
Enterprises face escalating operational downtime risk, prompting CISOs to prioritize three strategic decisions. First, adopt STIX/TAXII‑compatible threat intelligence feeds that deliver fresh, high‑quality indicators, boosting detection rates by up to 58 %. Second, eliminate noisy false positives to protect analysts from...
Google Agrees to Pay $135 Million over Android Data Harvesting Claims
Google has agreed to a $135 million settlement to resolve a class action alleging Android devices transmitted system‑service data over cellular networks without user consent. The lawsuit, spanning over five years, claimed background data transfers drained users’ plans starting in November...
Stablecoin Bank Kontigo Suffers Cyber Attack
US neobank Kontigo, a stablecoin bank serving Latin America, suffered a cyber attack that impacted 1,005 users and resulted in the loss of 340,905.28 USDT. The breach exploited a flaw in the Auth provider’s Apple OIDC authentication flow, allowing attackers...
Number of Cybersecurity Pros Surges 194% in Four Years
The UK cybersecurity workforce has exploded, rising 194% between December 2021 and June 2025 to reach 83,700 professionals. This makes cyber the fifth‑fastest‑growing occupation and the most rapidly expanding IT role, outpacing the sector’s average 9.6% growth. Despite the surge, a talent...
EU’s Answer to CVE Solves Dependency Issue, Adds Fragmentation Risks
The European Union has launched the Global Cybersecurity Vulnerability Enumeration (GCVE.eu) database, aggregating advisories from over 25 public sources into a single, searchable platform hosted by Luxembourg’s CIRCL and co‑funded by the EU’s FETTA project. The initiative aims to mitigate...
Why Protecting Your Phone Number Matters for Online Security
Phone numbers are increasingly used as digital identifiers for account recovery, two‑factor authentication, and user verification, making them a prime target for attackers. The article outlines how numbers become publicly accessible through social profiles, directories, data breaches, and app permissions....
Real-Time Blackhole List – How to Remove an IP From It?
Email senders increasingly encounter DNS‑based Real‑Time Blackhole Lists that block IPs suspected of spam, phishing, or compromised servers. When an IP lands on a blacklist, major ESPs reject or filter messages, causing bounce errors, silent drops, and plummeting engagement metrics....
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks
A coordinated cyber‑attack wave hit Bumble, Panera Bread, Match Group and CrunchBase, with the hacker group ShinyHunters claiming responsibility. The intrusions stemmed from phishing and vishing tactics that compromised contractor or employee credentials, granting brief, limited access to internal networks....
Python-Based PyRAT Emerges as Cross-Platform Threat With Advanced Remote Access Capabilities
A new Python‑based Remote Access Trojan, dubbed PyRAT, has been identified as a cross‑platform threat capable of compromising both Windows and Linux systems. The malware leverages Python’s portability, compiling into ELF and PE binaries, and employs lightweight persistence mechanisms—XDG autostart...
NIST’s AI Guidance Pushes Cybersecurity Boundaries
NIST’s Center for AI Standards and Innovation released a formal Request for Information targeting secure practices for autonomous AI agents, signaling a shift from broad, principle‑based AI risk guidance to concrete, operational controls. The agency highlighted the limits of treating...
Matanbuchus Malware Evolves to Bypass AV Defenses by Swapping Core Components
Matanbuchus, a C++‑based downloader sold as Malware‑as‑a‑Service since 2020, has evolved into a modular backdoor platform with its latest 3.0 release featuring heavy obfuscation, ChaCha20‑encrypted strings, and Protobuf‑encoded C2 traffic. The malware leverages DLL sideloading through a malicious HRUpdate.exe MSI...
A Practical Take on Cyber Resilience for CISOs
Standard Chartered CISO Shebani Baweja explains cyber resilience as an extension of information security focused on recovery, trust, and continuity during severe incidents. She highlights three priority areas: managing third‑party risk, preparing for emerging threats like AI‑driven attacks, and embedding...
Enterprise API Security: Protecting Your Digital Ecosystem From Modern Threats
APIs have become the backbone of digital business, but they also represent the most frequent attack vector for enterprise web applications, according to Gartner. The guide outlines common vulnerabilities such as broken authentication, excessive data exposure, and rate‑limiting gaps, and...
ImmuniWeb Reports Double-Digit Growth and Platform Advances
ImmuniWeb reported an all‑time sales record for 2025, maintaining double‑digit year‑over‑year growth while staying profitable. The company rolled out four major AI Platform updates, adding AI‑specific testing for web, mobile, API, LLM vulnerabilities and post‑quantum encryption readiness. Independent ISO 9001 and...
NSFOCUS Unveils Enhanced AI LLM Risk Threat Matrix for Holistic AI Security Governance
NSFOCUS announced an upgraded AI LLM Risk Threat Matrix, adding 14 new threat categories that focus on AI agent, multimodal, and Multi‑Agent Communication Protocol (MCP) vulnerabilities. The matrix expands coverage across identity, application, model, data, and infrastructure security throughout the...
AI-Enabled Scams Rose 500% in 2025 as Crypto Theft Goes ‘Industrial’
TRM Labs reports a five‑fold surge in large language model‑powered scams in 2025, propelling AI‑generated deepfakes, voice clones and synthetic images into mainstream fraud. Crypto theft amounted to $35 billion, a slight dip from 2024, while illicit crypto wallet inflows jumped...
Regtech Prove Highlights Transformation of Identity Verification and Digital Onboarding Processes
Regtech firm Prove says identity verification is evolving from a single, static check to a continuous, adaptive process. The shift is driven by deepfake threats, AI‑powered fraud, real‑time payment demands, and multi‑device interactions. Prove argues that dynamic verification can maintain...
UK Plans Sweeping Overhaul of Policing Amid Surge in Online Crimes
The UK government announced a sweeping reform of policing that will create a new National Police Service, modeled after the FBI, to lead the fight against cybercrime, fraud and other internet‑enabled offenses. The proposal consolidates responsibilities currently spread across dozens...
OPNsense 26.1 Brings Updates to Open-Source Firewall Management
OPNsense released version 26.1, code‑named Witty Woodpecker, enhancing firewall management, traffic visibility, and automation interfaces. The update revamps the live firewall log, redesigns the firewall rules UI, and expands API coverage to include Source NAT tagging and Destination NAT port...
Silicon Valley Wades Into a Trade Spat with South Korea
Coupang, South Korea’s e‑commerce powerhouse with $35 bn in sales, suffered a massive data breach that has escalated into a diplomatic dispute. U.S. officials, backed by allies in the Trump administration, are pressing for tighter security controls on the firm’s handling...
Open Banking Continues to Outperform on Fraud
Open Banking’s latest financial‑crime report shows fraud rates of just 0.013 % of transactions, far below the 0.045 % industry average, and an improved performance versus 2024. While overall fraud remains low, Authorised Push Payment (APP) scams now represent 74 % of Open...
NDSS 2025 – Recurrent Private Set Intersection For Unbalanced Databases With Cuckoo Hashing
Researchers from NYU Abu Dhabi introduced a recurrent Private Set Intersection (PSI) protocol tailored for unbalanced databases. The solution combines leveled Fully Homomorphic Encryption with cuckoo hashing, delivering real‑time performance for repeated small‑set queries against a large set. Benchmarks using...
Survey Surfaces Lots of Room for DevSecOps Improvement
A new UserEvidence survey of 506 security leaders reveals that while 80% of organizations have security and DevOps teams sharing observability tools, only 45% feel the teams are very aligned on tooling and workflows. Most respondents (93%) use three or...
SSO Vs. Federated Identity Management: A Guide
Modern enterprises face escalating identity challenges as employees and automated workloads proliferate across SaaS, micro‑services, and multi‑cloud environments. Single Sign‑On (SSO) centralizes human authentication, reducing password fatigue and providing a unified audit trail, while federated identity extends access across organizational...
.jpg?height=635&t=1769625646&width=1200)
2026 Enterprise Security Trends: What Leaders Must Prepare For In An Interconnected Risk Landscape
Enterprise security in 2026 is defined by the merging of cyber and physical domains, the rise of AI as both an attack accelerator and defense multiplier, and the recognition that cloud outages are now security incidents. Recent incidents like the...
Student Data at Risk: What the Victoria Education Breach Exposes About Public Sector Security
The Victoria Department of Education suffered a data breach that exposed personal information of current and former students, prompting a privacy investigation. The breach highlighted longstanding issues in public‑sector access governance, such as dormant accounts and overly broad permissions. Attackers...
Fortinet Confirms CVE-2026-24858 SSO Flaw Under Active Attack
Fortinet has confirmed that the FortiCloud Single Sign‑On (SSO) authentication bypass vulnerability (CVE‑2026‑24858) is being actively exploited in the wild. The flaw, rated 9.4 on the CVSS scale, affects FortiOS, FortiManager, FortiAnalyzer and FortiProxy, allowing attackers with a valid FortiCloud...
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Moltbot, an open‑source AI coding assistant with over 85,000 GitHub stars, has no official Visual Studio Code extension, yet a counterfeit "ClawdBot Agent – AI Coding Assistant" appeared on the Marketplace. Published on January 27 2026, the malicious extension automatically runs on IDE launch...
What Are Service Accounts and Why Are They a Security Risk?
Service accounts are non‑human identities that power cloud, container and CI/CD workloads, but they often rely on static, long‑lived credentials. Over‑privileged and poorly managed accounts generate a majority of cloud security alerts and have been leveraged in high‑profile breaches such...
Outtake Raises $40M Series B
Outtake, a digital‑trust platform that safeguards organizations from AI‑driven impersonation, closed a $40 million Series B round. The financing was led by ICONIQ with participation from CRV, S32, and a roster of high‑profile tech and security executives, including Microsoft CEO Satya Nadella and...
Why Your Security Team Needs to Hire Non-Traditional Professionals
Security leaders are urged to consider candidates with non‑traditional backgrounds, as highlighted in a recent Security Magazine podcast with threat analyst Aaron Walton. Examples like CISO Holly Drake, who transitioned from Russian literature and social work, illustrate how diverse education...
Russian Cybercrime Platform RAMP Forum Seized by FBI
U.S. FBI seized the clearnet and dark‑web domains of the Russian‑language cybercrime forum RAMP, known for ransomware and access‑broker services. The operation, coordinated with the DOJ’s Computer Crime and Intellectual Property Section and the Southern District of Florida, redirected both...
CVE-2025-56005: Python PLY Flaw Enables Remote Code Execution
A critical vulnerability (CVE‑2025‑56005) has been disclosed in the Python PLY library version 3.11, allowing attackers to execute arbitrary code by loading a crafted pickle file via the undocumented *picklefile* parameter. The flaw triggers during parser initialization, meaning code runs before...
Great Refractor Initiative Looks to AI to Harden Critical Code
The Great Refactor initiative proposes using AI to automatically translate vulnerable C and C++ open‑source code into Rust, targeting 100 million lines by 2030 with a $100 million investment. Rust’s memory‑safety design could eliminate roughly 70 % of software vulnerabilities that stem from...
Critical and High Severity N8n Sandbox Flaws Allow RCE
Two critical sandbox bypasses were discovered in the n8n workflow automation platform, affecting its JavaScript expression engine (CVE‑2026‑1470, CVSS 9.9) and Python Code node (CVE‑2026‑0863, CVSS 8.5). Both flaws let authenticated users escape the sandbox and execute arbitrary commands on the host...
NDSS 2025 – Iris: Dynamic Privacy Preserving Search In Authenticated Chord Peer-To-Peer Networks
The NDSS 2025 paper introduces Iris, a scheme that enables privacy‑preserving searches in authenticated Chord peer‑to‑peer networks while remaining compatible with the existing protocol. Iris defines a new alpha‑delta privacy notion, extending k‑anonymity to protect query information across iterative hops....
Veracode’s Platform Enhancements Help Prevent Software Supply Chain Attacks
Veracode unveiled a suite of platform enhancements for the second half of 2025, highlighted by the launch of Package Firewall, a preventive control that blocks malicious third‑party packages before they enter development environments. The feature integrates with major package managers...
SolarWinds Warns of Critical Web Help Desk RCE, Auth Bypass Flaws
SolarWinds issued emergency patches for its Web Help Desk platform, fixing four critical vulnerabilities—two authentication bypass flaws (CVE‑2025‑40552, CVE‑2025‑40554), two remote code execution bugs (CVE‑2025‑40553, CVE‑2025‑40551), and a hard‑coded credentials issue (CVE‑2025‑40537). The flaws can be exploited remotely without authentication,...
Bedrock Data Extends DSPM to Atlassian Confluence, Mapping SaaS Data to AI Inference Risk
Bedrock Data announced native Data Security Posture Management (DSPM) support for Atlassian Confluence, enabling automatic discovery of spaces, pages and blogs. The platform classifies unstructured content for PII, secrets and intellectual property, resolves inherited permissions, and maps that data to...
EPC Issues RFI for Fraud Information Sharing Platform
The European Payments Council (EPC) has issued a Request for Information (RFI) to find operators for a central fraud‑information sharing platform under its Frida scheme. The initiative anticipates the EU Payment Services Regulation (PSR) that will take effect in early...
Show HN: Sandbox Agent SDK – Unified API for Automating Coding Agents
The Sandbox Agent SDK introduces a Rust‑based server and TypeScript client that let developers run AI coding agents—Claude Code, Codex, OpenCode, and Amp—inside isolated sandboxes while controlling them over a unified HTTP/SSE API. By normalizing disparate agent interfaces into a single...
Abstract Security Partners with Netskope to Bring Real-Time Detection Into Security Data Streams
Abstract Security announced a partnership with cloud‑security leader Netskope to embed real‑time detection directly into Netskope One telemetry streams. The integration streams high‑fidelity Secure Service Edge data into Abstract’s adaptive pipeline, allowing on‑the‑fly enrichment, filtering and routing to SIEMs, data...
Apiiro Introduces Guardian Agent to Secure AI-Driven Software Development
Apiiro Ltd. launched Guardian Agent, an AI‑driven application security agent that prevents vulnerable and non‑compliant code generation. The solution continuously monitors software architecture, attack surface, runtime exposure, and policy compliance, rewriting prompts to secure AI coding assistants in real time....
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics
Point Wild’s Lat61 Threat Intelligence team has identified the GoTo Resolve remote‑administration tool, specifically the HEURRemoteAdmin.GoToResolve.gen component, as a Potentially Unwanted Application that can install silently and maintain a hidden, persistent presence on Windows machines. The tool bundles a hidden “32000~”...
Cal.com Broken Access Controls Lead to Account Takeover and Data Exposure
Cal.com, an open‑source scheduling platform, patched critical broken‑access‑control vulnerabilities that allowed attackers to hijack accounts and expose booking data. The flaws included an authentication bypass in the organization signup flow that let attackers take over any user by using an...
Hackers Hijack Exposed LLM Endpoints in Bizarre Bazaar Operation
Researchers at Pillar Security uncovered a large‑scale cyber‑crime operation dubbed “Bizarre Bazaar” that hijacks exposed LLM endpoints. Over 40 days they logged 35,000 attack sessions, showing attackers exploit misconfigured AI APIs to mine cryptocurrency, resell access, exfiltrate data, and pivot...
ESkimming Attacks Surge with Evolving Tactics and Ongoing Recovery Challenges
Source Defense’s year‑long study of 550 e‑commerce sites shows e‑skimming remains a chronic problem, with 18 % of sites still infected after twelve months. Over half of the persistent infections (57 %) have evolved into new script variants, indicating attackers adapt once...
Slovakian Man Pleads Guilty to Operating Darknet Marketplace
A Slovakian national, Alan Bill, pleaded guilty to operating the Kingdom Market darknet platform, which sold drugs, forged IDs, stolen data and cyber‑crime tools from March 2021 to December 2023. The marketplace listed about 42,000 illicit items and processed payments in privacy‑focused cryptocurrencies....
