SKADI and HelloGard Robotics Partner to Embed Autonomous Cybersecurity in Robotics
SKADI Cyber Defense and HelloGard Robotics announced a strategic partnership to embed autonomous cybersecurity directly into AI‑powered robots and connected automation systems. The collaboration will co‑develop cross‑platform security solutions for Windows, Android and Linux that protect robotic operating systems, AI decision workflows, and networked devices. SKADI contributes Frostbow, its ontological‑AI autonomous threat‑protection platform that learns attack behavior in real time. HelloGard will integrate this technology across its fleet‑scale robotics deployments in healthcare, senior living, hospitality and enterprise environments.
Critical IDIS IP Camera Vulnerability Allows Full Computer Compromise with One-Click Exploit
IDIS Cloud Manager’s Windows viewer contains a critical flaw (CVE‑2025‑12556) that lets attackers trigger remote code execution with a single click. The vulnerability stems from CWGService.exe accepting unsanitized command‑line arguments via a local WebSocket, which are passed to the Chromium...
Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign
Researchers at Symantec and Carbon Black have uncovered a PureRAT trojan campaign that is being authored with artificial‑intelligence tools. The malware is distributed through phishing emails masquerading as job offers and contains code comments and emojis typical of AI‑generated scripts....
Rein Security Launches with a Focus on Real-Time Production Application Security
Rein Security launched a platform that delivers real‑time production visibility for applications, targeting blind spots in API, AI‑generated code, and Model Context Protocol security. The solution uses an agentless architecture to capture runtime behavior, validate vulnerabilities, and enforce protections without...
From Triage to Threat Hunts: How AI Accelerates SecOps
AI‑driven SOC agents are moving from hype to practical augmentation, handling every alert with human‑level accuracy. By automatically correlating telemetry from EDR, identity, cloud and network sources, they eliminate the triage bottleneck and achieve near‑zero dwell time. The continuous investigation...
AI Security Threats Loom as Enterprise Usage Jumps 91%
Zscaler’s ThreatLabz 2026 AI Security Report reveals a 91% surge in enterprise AI usage, encompassing 989.3 billion transactions across more than 3,400 applications in 2025. Despite this rapid adoption, every AI system examined harbored critical vulnerabilities, with 90% compromised within 90...
Sicarii Ransomware Locks Your Data and Throws Away the Keys
Sicarii ransomware generates a fresh RSA key pair on each victim system and discards the private key, making encrypted data unrecoverable even after ransom payment. This defect breaks the standard ransomware‑as‑a‑service model that relies on attacker‑held private keys for decryption....
Best IT Managed Services for Large Enterprises
Large enterprises are shifting IT from a support function to a strategic growth engine, and the article outlines the criteria that define the best managed services for this scale. It highlights five enterprise‑tier attributes—strategic partnership, transparent governance, proactive operations, comprehensive...
MIND Launches DLP for Agentic AI to Secure Data Used by Autonomous Systems
Data security firm MIND Security launched DLP for Agentic AI, a data‑centric solution that safeguards sensitive information used by autonomous AI agents across enterprise applications. The service provides visibility into active AI agents, real‑time risk detection, and automated remediation, shifting...
Researchers Uncover 454,000+ Malicious Open Source Packages
Security vendor Sonatype reported that developers downloaded 9.8 trillion open‑source components in 2025, yet 454,648 of the packages were newly identified as malicious. The report describes a shift from opportunistic spam to industrialized, often state‑sponsored campaigns that use typosquatting, namespace confusion,...
Almost 9 in 10 Firms Remain Vulnerable to Cyber Risks
KYND’s analysis of over 2,000 firms—including FTSE 350 and S&P 500 companies—found that 88 % of organizations with identified cyber‑risk exposures remain vulnerable for six months or longer. While 11 % of the sample faced actively exploited vulnerabilities, remote code execution (RCE)...
N8n Adds Chat Hub to Centralize AI Access Inside Automation Workflows
n8n launched Chat Hub, a built‑in chat interface that lets users query large language models and trigger workflow agents without exposing workflow logic or credentials. The feature introduces a dedicated Chat role, centralizes model and credential management, and supports both...
Cybercriminals Exploit Canadians’ Dependence on Digital Services in Widespread Attacks
Canadian cybercriminals are running a large‑scale phishing campaign that impersonates government agencies, Air Canada and Canada Post, using the PayTool phishing‑as‑a‑service platform. The operation distributes SMS alerts and malicious ads that direct victims to spoofed portals hosted on shared IP...
Why “Platform Consolidation” Often Increases Risk Instead of Reducing It
Enterprises chase security‑stack consolidation to cut costs and simplify management, but most vendor‑driven platforms are built from acquired point solutions rather than unified architectures. This commercial consolidation delivers single contracts yet leaves fragmented data stores, disparate analytics, and multiple agents,...
Love? Actually: Fake Dating App Used as Lure in Targeted Spyware Campaign in Pakistan
ESET has uncovered a sophisticated Android spyware campaign that uses a fake dating app, GhostChat, to lure Pakistani users through romance‑scam tactics. The app presents locked female profiles with hard‑coded unlock codes, creating an illusion of exclusive access before installing...
AHA Releases New Guides to Strengthen Hospital Emergency and Cyber Preparedness
The American Hospital Association unveiled two new guides—Strategies for Medical Surge Management During Public Emergencies and Strategies for Cyber Preparedness in Health Care—to help hospitals navigate both public health crises and cyber threats. Both resources adopt the “four S’s” framework—staffing,...
Chinese National Sentenced to 46 Months for Laundering Millions Stolen From U.S. Investors
A Chinese national, Jingliang Su, received a 46‑month federal prison sentence for laundering roughly $36.9 million stolen from U.S. investors in a cryptocurrency fraud scheme run from Cambodia. The court ordered him to pay nearly $27 million in restitution and highlighted a...
Wallet Linked to Alleged US Seizure Theft Launches Memecoin, Crashes 97%
A Solana‑based memecoin called John Daghita (LICK) was launched on the Pump.fun launchpad by a wallet investigators link to an alleged theft of US government‑controlled crypto. Within its first day the token lost roughly 97% of its value, dropping from...
McAfee Upgrades Scam Detector to Spot QR Code Scams and Suspicious Messages
McAfee has upgraded its Scam Detector tool to include instant QR‑code safety checks and enhanced detection of suspicious direct messages, even when they contain no links. The update comes as QR‑code scams affect 68 % of recent scanners, with 18 % encountering...
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
Researchers uncovered two malicious PyPI packages, spellcheckerpy and spellcheckpy, that pretended to be spell‑checking tools but delivered a Python‑based remote‑access trojan. The packages were downloaded just over 1,000 times before being removed, with version 1.2.0 adding an execution trigger that runs...
Always-On Privileged Access Is Pervasive — and Fraught with Risks
Enterprises are plagued by pervasive always‑on privileged access, with 91 % of users remaining logged in at their highest privilege level. Legacy governance, mergers, cloud migrations and rapid fixes have left dormant privileged accounts embedded in critical workflows, creating a massive...
Cloudbrink Adds AI Innovations to Its Platform to Protect Agents, Apps, and Data
Cloudbrink announced new AI‑focused security features that extend its secure connectivity platform to protect AI agents, browser‑based AI services, and custom large language models. The enhancements include a Safe AI BrinkAgent that detects data leaks, a continuously updated definitions database...
Fortinet Expands FortiCNAPP with Network, Data, and Runtime-Aware Risk Prioritization
Fortinet has upgraded its FortiCNAPP platform to incorporate network enforcement, data security posture management, and runtime validation into a single risk‑prioritization workflow. The enhancements enable network‑aware risk scoring, in‑place data sensitivity analysis, and runtime‑informed prioritization, reducing alert fatigue and focusing...
Yubico Extends Hardware Passkey Deployment Options
Yubico has broadened its YubiKey as a Service offering by adding self‑service ordering and a revamped Customer Portal. The new workflow lets employees and partners select YubiKey models, enter shipping details, and receive keys directly in the U.S., Canada or...
Volante’s Multi-Cloud Resiliency Service Keeps Payments Running During Cloud Outages
Volante Technologies has introduced a Multi‑cloud Resiliency Service designed to keep payment processing operational when a primary cloud provider experiences an outage. The solution offers rapid, zero‑data‑loss failover to a secondary cloud environment, eliminating single‑provider dependency for banks and other...
Digital Element Announces NAT Detector — Industry’s New Standard for Accurate IP Geolocation and Risk Intelligence
Digital Element launched NAT Detector, a new feature in its NetAcuity IP intelligence platform that identifies Network Address Translation (NAT) and Carrier‑Grade NAT connections. The tool flags shared‑IP environments, helping advertisers, security teams, DRM providers, and fintech firms interpret IP...
Pondurance RansomSnare Blocks File Encryption and Data Exfiltration
Pondurance has added RansomSnare, a new module to its Managed Detection and Response (MDR) service that halts ransomware the moment it tries to encrypt a file. The capability terminates the malicious process instantly, blocking both encryption and data exfiltration without...
Pallma AI Closes $1.6M Pre-Seed Round for AI Agent Security
London‑based Pallma AI announced a $1.6 million pre‑seed round led by Marathon Venture Capital, with participation from tech leaders at AWS, Meta, and Google. The startup offers an AI‑native security platform that monitors, detects, and mitigates risks such as prompt injection...
SelfAudit Launches Partner Program to Speed CMMC Readiness
SelfAudit AI introduced a Partner Program aimed at MSPs, MSSPs, and compliance professionals to accelerate Cybersecurity Maturity Model Certification (CMMC) readiness. The initiative offers a standardized, AI‑driven workflow that streamlines gap analysis, remediation, and audit‑ready documentation. By integrating partners into...
Delegation Is a Risk Decision Every Leader Makes, Not an Ops Choice
Leaders increasingly delegate decision‑making authority to software, turning routine operational choices into enterprise‑level risk decisions. When systems automatically issue credits, payments, or pricing adjustments, the underlying authority often lacks explicit ownership, exposing organizations to financial, legal, and reputational fallout. Security...
US Charges 87 in Major ATM Jackpotting Scheme Linked to Tren De Aragua
A Nebraska federal grand jury has indicted a total of 87 defendants in a sprawling ATM jackpotting conspiracy tied to the Venezuelan gang Tren de Aragua. The scheme used a variant of the Ploutus malware to hack ATMs nationwide, stealing...
Opportify Gains Early Adoption for Email Insights to Stop Sign-Up Fraud
Opportify has launched its Email Insights solution, a risk‑based intelligence platform designed to stop fraudulent sign‑ups at the point of entry. Unlike traditional validators that rely on simple syntax or MX checks, Email Insights scores each address on domain stability,...
High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
A total of twelve vulnerabilities in OpenSSL have been patched, including a high‑severity remote code execution (RCE) flaw. All issues were identified by a single cybersecurity research firm and disclosed through coordinated channels. The fixes address weaknesses that could allow...
Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide
A critical insecure‑deserialization flaw in React Server Components, identified as CVE‑2025‑55182 or “React2Shell,” is being actively exploited worldwide. The vulnerability affects react‑server‑dom‑webpack, –parcel and –turbopack versions 19.0‑19.2, allowing attackers to execute arbitrary code and deploy a range of malware, including...
CERT UEFI Parser: Open-Source Tool Exposes UEFI Architecture to Uncover Vulnerabilities
The Software Engineering Institute at Carnegie Mellon University released the CERT UEFI Parser, an open‑source utility that statically parses UEFI firmware binaries and source code into a structured, machine‑readable model. By extracting modules, execution phases, protocols and dependencies, the tool gives...
Why Prevention-First Secrets Security Will Define Enterprise Scale: Learnings From a Leading Telecom
Orange Business discovered that traditional secret detection tools generate massive false positives, leading developers to ignore alerts. By implementing mandatory GitLab pre‑receive hooks and a three‑layer defense, they reduced new secret leaks by 80% while keeping false positives below 5%....
Major Cyberattack Cripples Russia’s Alarm and Vehicle Security Provider Delta
Russian security firm Delta suffered a large‑scale external cyberattack on Jan 26, crippling its alarm, home, and vehicle security platforms. The breach disabled online services, phone lines, and the mobile app, leaving thousands of customers unable to control alarms or unlock...
Grammarly and QuillBot Are Among Widely Used Chrome Extensions Facing Serious Privacy Questions
Incogni’s 2026 privacy risk report examined 442 AI‑powered Chrome extensions and found that over half collect user data, often with deep‑level permissions. The study highlighted that scripting and activeTab permissions let extensions read and modify any web page, exposing emails,...
Audits for AI Systems that Keep Changing
ETSI released TS 104 008, a continuous‑auditing based conformity assessment (CABCA) specification for AI systems. It shifts assurance from periodic reviews to ongoing cycles that automatically collect evidence from logs, model parameters, and data samples. The framework operationalizes regulatory requirements into machine‑readable...
CISO Salaries Continue to Rise Despite Economic Uncertainty
The IANS and Artico Search CISO Compensation Benchmark Report shows that chief information security officer pay grew 6.7% in 2025, outpacing the modest 4% rise in security budgets. Equity‑based compensation expanded faster than cash, reflecting confidence in the role’s strategic...
Lumana's Vision for Agentic AI: When Cameras Stop Recording and Start Acting
Lumana is redefining video surveillance with an agentic AI platform that moves cameras from passive recorders to active decision‑makers. Its VIA‑1 system learns locally from each camera’s environment, delivering over 90% reduction in false alerts for customers such as Salesforce...
Customer Identity Management for Cruise Customer Experience
Cruise operators are shifting focus from flashy onboard attractions to the invisible infrastructure that links every guest interaction. By deploying consumer identity and access management (CIAM), brands can maintain a single, secure passenger profile from discovery through post‑cruise loyalty. This...
Citizen Engagement Strategies Powered by CIAM
Citizen engagement is now driven by digital experiences, and fragmented login processes are the primary barrier. The article argues that Customer Identity and Access Management (CIAM) is essential for municipalities to centralize services, provide a single digital identity, and build...
Blockchain Investigator Identifies Crypto Theft Network Linked to US Government Seizure Funds
TRM Labs disclosed a sophisticated crypto‑theft operation that has siphoned over $90 million, including $24.9 million tied to the U.S. Strategic Bitcoin Reserve, after a Telegram “band‑for‑band” challenge inadvertently revealed wallet addresses. The network employed advanced laundering tactics—cross‑chain bridges, mixers, and both...
F5 Shares Jump After Revenue and Earnings Beat in Fiscal First Quarter
F5 Inc. posted fiscal Q1 2026 revenue of $822 million, up 7% YoY, and adjusted earnings per share of $4.45, surpassing analyst expectations of $756 million and $3.65 EPS. Systems revenue surged 37% while software revenue fell 8%, and global services grew...
Chinese Mustang Panda Hackers Deploy Infostealers via CoolClient Backdoor
Chinese espionage group Mustang Panda has upgraded its CoolClient backdoor with new infostealer capabilities, including browser credential theft, clipboard monitoring, and active window tracking. The variant has been observed targeting government entities in Myanmar, Mongolia, Malaysia, Russia and Pakistan, delivered via...
Capture-the-Flag in Space: D-Orbit Shares Lessons From Cyber Competition
D‑Orbit hosted the first in‑orbit capture‑the‑flag (CTF) cybersecurity competition on its ION Satellite Carrier, partnering with ESA and Mhackeroni. Five finalist teams tackled live telemetry, command sequencing and onboard software exploits in a controlled environment. The event exposed the distinct...
When Hospitals Go Dark and Browsers Turn Rogue
Recent incidents across healthcare, finance, and infrastructure reveal attackers exploiting lateral movement to maintain long‑term footholds. In Belgium a hospital shut down its servers after an undetected breach, while U.S. health providers endured weeks‑long unauthorized access. Phishing and malicious browser...
NDSS 2025 – On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
The NDSS 2025 paper investigates how local differential privacy (LDP) protocols for numerical attributes can be subverted by data‑poisoning attacks, where a small set of malicious clients manipulates server estimates. Researchers evaluate state‑of‑the‑art categorical frequency oracles, binning, consistency, and distribution‑reconstruction...
Memcyco Receives $37M Series A Financing
Memcyco announced a $37 million Series A round, bringing its total funding to $47 million. The oversubscribed round was led by NAventures, E. León Jimenes, and PagsGroup, with existing backers Capri Ventures and Venture Guides participating. Memcyco’s real‑time, agentless platform protects enterprises from phishing,...
