ISACs Confront AI’s Promise and Peril for Threat Intelligence-Sharing
Information Sharing and Analysis Centers (ISACs) are grappling with how to integrate artificial intelligence into threat‑intelligence workflows while preserving the trust that underpins member collaboration. Leaders from Retail & Hospitality, Health, and Financial Services ISACs highlighted AI’s potential to speed alert distribution but warned that automated analysis could dilute message quality and break data chain‑of‑custody. Some groups, like Health‑ISAC, are piloting AI to filter noise and accelerate reporting, and the National Council of ISACs is considering a cross‑sector AI working group. The sector’s challenge is to balance speed with reliability.
Mazda Discloses Security Breach Exposing Employee and Partner Data
Mazda Motor Corp disclosed a security incident that exposed personal data of employees and business partners. The breach, discovered in December, involved 692 records and originated from a vulnerability in a warehouse‑management system used for parts sourced from Thailand. No...
10 Hacks Every Ring User Should Know
Ring’s suite of privacy and notification settings lets users tighten security while reducing nuisance alerts. Features such as Global and Device‑specific snooze, custom motion zones, and Smart Alerts let homeowners filter out irrelevant motion. Additional controls—including disabling Amazon Sidewalk, turning...
DHS CISO Departs After Driving AI, Risk-Based Security
Hemant Baidwan stepped down as the Department of Homeland Security’s CISO after a two‑year tenure focused on scaling secure artificial intelligence and accelerating zero‑trust adoption. Under his leadership, DHS transitioned from a compliance‑driven posture to a risk‑based cybersecurity model anchored...
Tycoon2FA Phishing Platform Returns After Recent Police Disruption
The Tycoon2FA phishing‑as‑a‑service platform, disrupted by Microsoft and Europol in early March, has rebounded to pre‑disruption activity levels within days. Law‑enforcement seized 330 domains that hosted its control panels and phishing pages, but the takedown proved temporary. CrowdStrike observed daily...
What to Look for in a Managed Security Service Provider (MSSP)
The article offers a HIMSS‑sponsored checklist to help healthcare organizations evaluate Managed Security Service Providers (MSSPs). It stresses that MSSP selection directly affects patient safety, requiring seamless integration with existing IT and robust visibility and incident‑response capabilities. The guide outlines...
After Hackers Hit an Iowa Company, Cars Around the Country Failed to Start
Intoxalock, a leading provider of ignition interlock devices, suffered a cyberattack on March 14 that crippled its calibration and installation systems. The outage prevented monthly calibrations, putting an estimated 7‑10% of Connecticut users and thousands nationwide at risk of vehicle lockouts....
Washington Establishes Bureau of Emerging Threats
The U.S. State Department has launched the Bureau of Emerging Threats to centralize efforts against cyber attacks, space‑domain risks, and military uses of AI and quantum tech. Led by former China chargé d’affaires Anny Vu, the bureau will employ diplomatic...
TeamPCP Deploys Iran-Targeted Wiper in Kubernetes Attacks
TeamPCP, the group behind the recent Trivy supply‑chain breach and the CanisterWorm campaign, has rolled out a new destructive payload that targets Kubernetes clusters configured for Iran. The malware deploys a privileged DaemonSet called "Host‑provisioner‑iran" to wipe host files and...
Charlotte-Mecklenburg Students Targeted by Phishing Scam
A phishing email promising fraudulent job opportunities was sent to students at Ardrey Kell High School in the Charlotte-Mecklenburg school district, requesting banking information. The district quickly removed the unauthorized message, secured the affected student accounts, and issued a Canvas...
Jmem Tek Joins GlobalFoundries Ecosystem to Expand Post-Quantum Security Solutions
Jmem Tek has joined GlobalFoundries’ GlobalSolutions™ Ecosystem as an official IP Network Partner, bringing its proprietary Physical Unclonable Function (PUF) and post‑quantum cryptography (PQC) IP to GlobalFoundries customers worldwide. The partnership gives semiconductor designers access to silicon‑proven hardware root‑of‑trust, secure...
Taceo Network Enables ‘Private Shared State’ for Hosting Sensitive Parts of Workflow
Austrian startup Taceo has opened public access to its Taceo Network, a private execution layer that lets organizations run sensitive identity, biometric and payment logic on shared digital infrastructure without exposing raw data. The platform uses coSNARKs, a cryptographic tool...
How to Address Shadow AI in Healthcare
Healthcare organizations are confronting a new wave of shadow IT, now termed shadow AI, where staff adopt generative AI tools without oversight. The article outlines three mitigation strategies: establishing robust AI governance, deploying technical guardrails such as monitoring and sandbox...
An AI-Powered Phishing Campaign Has Compromised Hundreds of Organizations
Huntress uncovered an AI‑driven phishing campaign that leveraged Railway’s PaaS to spin up credential‑harvesting infrastructure, compromising hundreds of organizations across sectors. The attackers used generative AI to craft unique email lures and exploited Microsoft’s device authentication flow, stealing OAuth tokens...
DeFi Has Seen Resolv's $25M USR Exploit Many Times Before
Resolv Labs suffered a $25 million USR stablecoin exploit after an attacker compromised its AWS‑managed service key, minting 80 million USR from roughly $100,000 of USDC. The depegged USR and its wrapped version were still priced at $1 by oracles, causing cascading...
SWISSPORT’S MATCHBOX PLATFORM ACHIEVES ISO 27001, 27017 AND 27018 CERTIFICATIONS
Swissport’s Matchbox, a cloud‑based travel document validation platform, has earned ISO 27001, ISO 27017 and ISO 27018 certifications, confirming its information‑security, cloud‑security and privacy controls. The platform already validates more than four million passengers with 100% accuracy on inadmissible traveler...
SandboxAQ Launches New AQtive Guard Capabilities
SandboxAQ unveiled major upgrades to its AQtive Guard platform, expanding AI Security Posture Management (AI‑SPM) ahead of RSA Conference 2026. The new suite adds real‑time guardrails for inbound prompts and outbound responses, autonomous risk analysis for Model Context Protocol (MCP)...
Cybersecurity as a Team Sport
Cybersecurity is shifting from isolated defenses to a collaborative model, especially in the hospitality sector where data breaches can damage brand trust and revenue. Attackers now operate in coordinated groups, sharing tools and tactics, prompting defenders to form trusted information‑sharing...
_Wavebreakmedia_Ltd_IFE-210813_Alamy%5B1%5D.png?width=1280&auto=webp&quality=80&disable=upscale)
Attackers Hide Infostealer in Copyright-Infringement Notices
Attackers are disguising a fileless phishing campaign as copyright‑infringement notices to deliver PureLog Stealer, a low‑cost infostealer. The operation targets critical sectors—including healthcare, government, hospitality and education—in Germany, Canada, the United States and Australia. Victims receive a seemingly legal PDF...
Cato Networks Unveils GPU-Powered SASE Platform with Native AI Security
Cato Networks announced two major upgrades to its SASE platform: Cato Neural Edge, which embeds NVIDIA GPUs across its global private backbone to accelerate AI‑driven traffic inspection, and Cato AI Security, a suite that merges AI governance and runtime protection...
Iran Built a Camera Network to Control Dissent, Israel Made It a Targeting Tool
Israel exploited Iran’s extensive street‑camera network to pinpoint Supreme Leader Ayatollah Ali Khamenei, turning the regime’s own surveillance into a targeting tool. The operation, confirmed by leaked data and AP reporting, relied on dozens of unsecured cameras and AI‑driven video analysis...
Dell Technologies Integrates Quantum-Ready Security and AI Resilience Across Portfolio
Dell Technologies announced a portfolio‑wide security upgrade that embeds quantum‑resistant cryptography into firmware and BIOS across its commercial PCs and data‑center products. The company also introduced AI‑driven recovery tools in its PowerProtect line, delivering up to twice the backup speed...
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
A North Korean hacker answered a generic help‑wanted ad, passed standard background checks, and was hired for a remote IT role handling sensitive Salesforce data on August 15, 2025. Ten days later, a login from an unmanaged device in St. Louis,...
FBI Says Iranian Hackers Are Using Telegram to Steal Data in Malware Attacks
The FBI warned that Iranian Ministry of Intelligence and Security (MOIS) hackers are leveraging Telegram bots as a command‑and‑control channel to exfiltrate data from dissidents, opposition groups, and journalists. Attackers first send phishing links masquerading as Telegram or WhatsApp apps,...
Attackers Keep Spinning up VMs to Hide From EDR. What's the Answer?
Hackers are increasingly launching QEMU virtual machines at system startup to conceal malicious activity from endpoint detection and response (EDR) tools. Microsoft observed this method in recent attacks on exposed SolarWinds Web Help Desk instances, where a scheduled task creates...
Top Vulnerability Scanning Tools for Security Teams
Vulnerability scanning tools have matured from simple network probes to sophisticated platforms that assess hosts, applications, cloud environments, and code. Leading solutions such as Burp Suite, Intruder, Nessus, OpenVAS, and Snyk now embed AI features to prioritize findings and reduce...
The M-Trends 2026 Report Shows How to Strengthen Business Cybersecurity.
Mandiant’s M‑Trends 2026 report reveals a pivotal shift in cyber‑criminal tactics, moving from pure data theft to actively disrupting business operations. The research shows attackers increasingly embed themselves within the very technologies that power enterprises, creating hidden attack vectors. By mapping...
The Phone Call Is the New Phishing Email
Voice‑based phishing surged in 2025, representing 11% of the incidents Mandiant investigated, while email phishing dropped to just 6% of initial‑access vectors. Exploited software vulnerabilities remained the dominant entry point, featuring in 32% of attacks. The rise reflects attackers’ willingness...
QuSecure Deployment Cited as Real-World Precedent in SEC Post-Quantum Framework
The SEC’s Post‑Quantum Financial Infrastructure Framework (PQFIF) has highlighted the four‑month deployment of QuSecure’s QuProtect platform at Banco Sabadell, executed with Accenture, as the first real‑world implementation precedent for post‑quantum cryptography in banking. The case study demonstrates that large financial...
If Threat Actors Gave You a Chance to Redact the Patient Data They Hacked Before They Leak It, Would You...
Woundtech, a Florida‑based mobile wound‑care provider, suffered a breach in early December 2025 when attackers accessed its AWS environment and exfiltrated 335 GB of data from a 6.7 TB S3 bucket. The leak includes over 928,000 patient IDs, 86,000 fully identified records,...
Russia-Linked Malware Operation Collapses After Security Failures, Developer’s Arrest
A Russian‑linked Android spyware called ClayRat collapsed after security flaws and the arrest of its suspected developer. The malware could intercept SMS, calls, contacts, photos, and execute remote commands, and was marketed via Telegram subscriptions costing $90 per week or...
Rootly | Introducing Rootly Academy: Hands-On Incident Response Training
Rootly announced the launch of Rootly Academy, an AI‑powered incident response training platform that delivers realistic, 15‑30 minute simulations for engineers. The program includes two certification tracks—Incident Handler and Incident Commander—and provides post‑drill debriefs and skill‑analytics dashboards. Rootly partnered with...
RapidFort Nutanix Collaboration Speeds Compliant Kubernetes for AI Workloads
RapidFort and Nutanix announced a joint solution that embeds RapidFort’s near‑zero CVE container images into the Nutanix Kubernetes Platform (NKP). The integration automates vulnerability remediation and provides hardened, compliance‑ready workloads across on‑prem, edge, and public‑cloud environments. Available to all NKP...
Teleport Launches Beams to Provide Trusted Runtimes for AI Agents in Production Infrastructure
Teleport unveiled Beams, a trusted runtime that isolates AI agents in lightweight Firecracker VMs and embeds delegated identity for secure, secret‑free access to production resources. The platform enforces policy‑controlled networking, logs every action, and integrates with Teleport’s existing audit and...
Gomboc Expands Beyond IaC with ORL to Deliver Deterministic Remediation Cloud and Code
Gomboc AI announced the general availability of its Open Remediation Language (ORL), extending its deterministic remediation platform from Infrastructure-as-Code to cloud configurations, application code, and dependencies. ORL is a domain‑specific language that translates security and compliance policies into repeatable code...
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
The open‑source Trivy vulnerability scanner was backdoored, injecting credential‑stealing malware that spread a self‑propagating worm through thousands of CI/CD pipelines. A coordinated DOJ operation dismantled four Mirai‑derived IoT botnets, removing control of more than three million compromised devices. Critical flaws...
Palo Alto Networks Debuts Secure Browser For SMBs: 5 Key Features
Cybersecurity leader Palo Alto Networks launched Prisma Browser for Business, a secure web browser tailored for small‑ and medium‑size businesses. The browser embeds built‑in protection against phishing, ransomware, fraud, and AI‑driven threats, while offering data‑leakage controls and enterprise‑grade policies. Designed...
US Chip Testing Firm Shrugged Off Ransomware Hit as Minor - Then Came the Data Leak
Trio-Tech International, a California‑based semiconductor testing firm, disclosed a ransomware attack on its Singapore subsidiary that began on March 11. The breach initially seemed immaterial, but on March 18 the attackers exfiltrated data, prompting the company to label the event potentially material....
5 Big CrowdStrike Launches For Next-Gen SIEM, AI Security
CrowdStrike announced major upgrades to its Falcon Next‑Gen SIEM, adding native support for Microsoft Defender for Endpoint and new data‑pipeline features from the Onum acquisition. The company also expanded its Falcon AI Detection and Response (AIDR) suite to protect desktop...
Opinion: Student Data Has Changed. Privacy Rules Haven’t. It’s Time for That to Change
The Family Educational Rights and Privacy Act (FERPA), enacted in 1974, still governs student data under paper‑based assumptions despite schools now operating in a fully digital environment. Recent high‑profile ed‑tech breaches have highlighted the law’s inability to address modern data‑security...
Xage Security Drives Growth with Zero Trust for AI Infrastructure
Xage Security announced an 81% year‑over‑year revenue increase and a 102% rise in customers, driven by rapid adoption of its Zero Trust platform and the new Zero Trust for AI solution. The company closed a $15 million equity round and expanded...
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
XM Cyber identified eight distinct attack vectors within Amazon Bedrock, the AI service that links foundation models to enterprise data. The vectors span log manipulation, knowledge‑base credential theft, agent hijacking, flow injection, guardrail degradation, and prompt poisoning, each triggered by over‑privileged...
BigID Achieves FedRAMP Certification Partnering with Knox Systems
BigID has earned FedRAMP authorization through a partnership with Knox Systems, allowing U.S. federal agencies to deploy its data discovery, classification, and AI‑governance platform under federal security standards. The certification validates BigID’s ability to protect CUI, PII, PHI and support...
Irish Government Launches CNI Resilience Plan
The Irish government unveiled a National Strategy on the Resilience of Critical Entities to meet the EU’s Critical Entities Resilience (CER) Directive, with implementation required by October 2026. The plan targets essential services such as digital infrastructure, water, energy, transport and...
Kusari and CNCF: Advancing Software Supply Chain Security for Cloud Native Projects
Kusari announced a partnership with the Cloud Native Computing Foundation (CNCF) to give CNCF projects free access to its AI‑powered security tool, Kusari Inspector. The platform embeds code‑review and dependency‑management checks directly into pull‑request workflows, offering visualized dependency graphs, risk...
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft’s threat intel team warned that a tax‑season phishing campaign compromised 29,000 users in 10,000 organizations, primarily in the United States. The attacks impersonated the IRS and used QR‑code, CPA, and cryptocurrency lures to deliver malicious links and attachments. Many...
Open Source Maintainers Are Drowning in AI-Generated Security Noise - $12.5 Million Is Being Deployed to Throw Them a Lifeline
The Linux Foundation announced a $12.5 million grant from Anthropic, AWS, GitHub, Google, Microsoft and OpenAI to bolster open‑source security through Alpha‑Omega and the OpenSSF. The funding targets the flood of AI‑generated vulnerability reports that are overwhelming project maintainers with low‑context...
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
Tycoon 2FA, a subscription‑based phishing‑as‑a‑service platform, continued operating at full capacity despite an international takedown effort. The service was responsible for 62 % of Microsoft‑blocked phishing attempts in 2025 and generated over 30 million malicious emails each month, affecting roughly half a million...
Vanta Introduces Automation Tools to Streamline Enterprise Compliance
Vanta unveiled a new suite of automation tools aimed at streamlining enterprise compliance and privacy management. The offering introduces three context‑aware agents—Compliance, Third‑party Risk Management, and Customer Trust—that continuously monitor evidence, assess vendor risk, and automate security query responses. New...
ZachXBT Says Fake X Accounts Used Viral War Content to Drive Crypto Scams
Blockchain analyst ZachXBT exposed a coordinated network of more than ten X accounts that used AI‑generated war and geopolitical posts to lure users into crypto scams. The fake profiles impersonated influencers, posted sensational "doomposts," and then promoted fraudulent token giveaways,...