SEALSQ and Parrot Expand Partnership to Secure Drones with PQC
SEALSQ Corp and Parrot SA are expanding their partnership to embed post‑quantum cryptography (PQC) into Parrot’s next‑generation professional drones. The collaboration will integrate NIST‑approved CRYSTALS‑Kyber and CRYSTALS‑Dilithium algorithms at the semiconductor level, building on existing SEALSQ secure elements in the ANAFI UKR and CHUCK 3.0 platforms. This move targets protection against harvest‑now, decrypt‑later attacks and aligns with emerging CNSA 2.0, NATO and EU quantum‑security regulations. The initiative positions Parrot’s UAVs for high‑value defense and public‑safety contracts as the drone market surges toward $40 billion.
Police Sinkholes 45,000 IP Addresses in Cybercrime Crackdown
Operation Synergia III, an Interpol‑led crackdown from July 2025 to January 2026, sinkholed roughly 45,000 malicious IP addresses and seized 212 servers across 72 countries. The operation resulted in 94 arrests, with another 110 suspects under investigation, and uncovered over 33,000 phishing and fraudulent...
How AI Is Transforming the Modern Firewall for State and Local Government
State and local governments are adopting a hybrid‑mesh firewall model that spreads enforcement across branch offices, cloud workloads, data centers and remote users. AI is being embedded directly into these firewalls to govern generative‑AI usage, enforce data‑loss‑prevention, and automate rule‑set...
Corvex Announced the Launch of Secure Model Weights
Corvex announced early availability of Secure Model Weights, a patent‑pending solution that encrypts AI model weights end‑to‑end and decrypts them only inside NVIDIA Hopper/Blackwell GPUs operating in Confidential Computing mode. The architecture combines GPU TEEs, Intel TDX, remote attestation, and...
Sebi Imposes Rs 10 Lakh Fine on Anand Rathi for Violation of Stock Brokers' Norms
India’s securities regulator SEBI imposed a ₹10 lakh fine on Anand Rathi Share and Stock Brokers Ltd for multiple breaches of stock‑broker norms. The investigation covering April 2023 to August 2024 found the firm failed to promptly report a May 2024 technical glitch and delayed...
Tomorrow's Fraud Techniques
Fraudsters are leveraging AI, deepfakes and synthetic identities to turn once‑rare, highly coordinated attacks into routine events. Financial institutions now face daily sophisticated scams, from voice‑cloned phishing calls to long‑standing fake personas that suddenly cash out. Experian’s chief product officer...
What to Do if You’re a Data Breach Victim (and You Probably Are)
Data breach notifications have become routine, with 80% of Americans receiving at least one notice in the past year and many seeing three to five letters. Federal and state laws compel companies to alert consumers promptly, yet complex investigations can...
Accertify’s Attack State Targets Credential Stuffing and ATO Attacks
Accertify introduced Attack State, a new module within its Account Protection suite that continuously monitors login activity to spot coordinated credential‑stuffing and account‑takeover attacks. By benchmarking real‑time behavior against an organization’s typical traffic patterns, the tool flags anomalies across web,...
Interpol Teams up with Tech Firms to Seize 45,000 Malicious IPs, Servers in Global Cyber Crime Crackdown
Interpol’s Operation Synergia III, conducted with law‑enforcement agencies from 72 countries, dismantled more than 45,000 malicious IP addresses and seized 212 servers and electronic devices. The crackdown resulted in 94 arrests and 110 ongoing investigations, targeting phishing, malware and ransomware campaigns, including...
CBN Mandates Liveness Checks and Device Limits to Fight Digital Banking Fraud
The Central Bank of Nigeria has issued a new regulatory framework requiring real‑time liveness verification and BVN/NIN validation for all account openings and reactivations. Mobile banking apps must be bound to a single device, with additional multi‑factor authentication for any...
ATM Jackpotting Suspect Added to FBI’s Ten Most Wanted List
The FBI has placed Anibal Alexander Canelon Aguirre, alleged leader of a nationwide ATM jackpotting ring, on its Ten Most Wanted Fugitives list, marking the first cyber‑crime suspect to receive that designation. Investigators say the operation installed malware on ATMs...
![LastPass Vs. 1Password: Which Password Manager Should You Use? [2026]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://images.ctfassets.net/lzny33ho1g45/6n85uv2G0G1Cr1M2VSE22F/bd6206145d3a774055839ab72a421ee0/lastpass-vs-1password-hero.jpeg)
LastPass Vs. 1Password: Which Password Manager Should You Use? [2026]
The article pits LastPass against 1Password, highlighting LastPass’s 2022 data breach, a $24.5 million settlement, and lingering security criticisms. In contrast, 1Password boasts a breach‑free record, full‑field encryption and a dual‑factor master key. Feature parity is high—both offer cross‑platform autofill, password...
Veeam Fixes RCE Bugs in Critical Backup & Replication Platform
Veeam released a critical security patch (version 12.3.2.4465) on March 12, 2026, fixing seven vulnerabilities in its Backup & Replication platform, including the high‑severity CVE‑2026‑21666 and CVE‑2026‑21667 which both score 9.9 on the CVSS scale. The update also resolves additional...
The FBI Is Looking for Victimized Steam Users Who Downloaded Games with Hidden Malware — Investigation Underway Into Multiple Infected...
The FBI has opened an investigation into malware‑laden fake games on Steam released between 2024 and 2026, urging affected users to come forward. Titles such as Chemia, Dashverse, Lampy, Lunara, PirateFi, Tokenova and BlockBasters were identified as carriers of crypto‑draining...
Enterprise AI Security Firm Bold Raises $40m
Enterprise AI security startup Bold emerged from stealth after closing a $40 million Series A round led by Bessemer Venture Partners, Picture Capital and Red Dot Capital Partners. The company’s edge‑AI platform runs lightweight models on each endpoint to monitor user behavior,...
Stryker Says Cyberattack Disrupted Processing, Manufacturing and Shipping
Stryker, the U.S. MedTech leader, confirmed a cyberattack by the Iran‑linked Handala group disrupted its order processing, manufacturing and shipping operations. The breach originated in Stryker’s Microsoft environment but was contained to internal systems, leaving connected medical devices unaffected. The...
The Cyber Resilience Act and Cloud Native: Understanding the Impact
The EU’s Cyber Resilience Act (CRA) will become fully enforceable in 2027, extending mandatory cybersecurity requirements to any product with digital elements sold in the EU, including container images, Helm charts and Kubernetes operators. It codifies three core obligations: security‑by‑design...
Shaping Europe’s Cybersecurity Standards: Highlights From the 10th Cybersecurity Standardisation Conference
The 10th Cybersecurity Standardisation Conference, co‑hosted by CEN, CENELEC, ETSI and ENISA in Brussels, highlighted Europe’s coordinated push for faster yet high‑quality cyber standards. Delegates examined the role of standards in supporting the Cyber Resilience Act, NIS2 and DORA, and...
Face Value: What It Takes to Fool Facial Recognition
ESET security advisor Jake Moore demonstrated how consumer‑grade smart glasses, deep‑fake tools, and face‑swap software can defeat widely deployed facial recognition systems. He captured strangers’ faces in real time, created AI‑generated identities to open a bank account, and bypassed a...
Markets/Coverages: Coalition Provides Expended Cyber Protection in Canada
Coalition, a San Francisco‑based cyber insurer, launched its Active Cyber Policy in Canada, expanding coverage to address ransomware, AI‑enabled fraud and heightened regulatory scrutiny. The policy bundles popular endorsements, offers optional separate limits for breach response, and introduces financial incentives for...
Fintech Company & ADCB Launch Egypt’s First Transactional Fraud Solution Powered by AI
Network International and ADCB Egypt have launched Egypt’s first AI‑powered transactional fraud solution, FICO Falcon Fraud Manager. The system leverages machine‑learning to build behavioral profiles and analyze millions of transactions in real time, instantly flagging suspicious activity. Deployment marks a milestone in...
AI-HealthTech Innovator Humata Health Partners with AccuKnox for Zero Trust CNAPP
AI‑HealthTech firm Humata Health announced a partnership with security specialist AccuKnox to embed Zero‑Trust CNAPP and Application Security Posture Management into its SaaS platform. The solution, deployed on‑premises, satisfies HIPAA requirements and integrates with Azure DevOps and GitLab for automated...
Hybrid Resilience: Designing Incident Response Across On-Prem, Cloud and SaaS without Losing Your Mind
Hybrid incident response demands more than tool consolidation; a shared incident language and unified command structure are essential. The author proposes a contract that standardizes severity, hypothesis, timeline, and communication cadence across on‑prem, cloud, and SaaS teams. Portable telemetry—user‑journey metrics,...
Storm-2561 Targets Enterprise VPN Users with SEO Poisoning, Fake Clients
Microsoft warned that the cyber‑crime group Storm‑2561 is hijacking search‑engine results to distribute trojanized VPN clients, stealing corporate credentials and covering its tracks. The campaign uses SEO poisoning to push spoofed download pages for popular VPN solutions, delivering digitally signed...
Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet
Law enforcement agencies in the United States and Europe have dismantled SocksEscort, a malicious proxy service powered by the AVrecon botnet that leveraged compromised routers and IoT devices. The operation uncovered roughly 363,000 IP addresses across 163 countries and about...
Starbucks Discloses Data Breach Affecting Hundreds of Employees
Starbucks announced a data breach that compromised 889 of its Partner Central employee accounts, exposing names, Social Security numbers, dates of birth, and banking details. The intrusion, traced to credential theft via spoofed login sites, occurred between Jan 19 and Feb 11,...
Red Access Firewall-Native SSE Adds GenAI Security and Browser Protection to Existing Firewalls
Red Access unveiled a firewall‑native Security Service Edge (SSE) that sits atop any existing firewall without agents, instantly delivering GenAI‑driven security, data loss prevention, CASB, and browser isolation. The solution is vendor‑agnostic, supporting Palo Alto Networks, Fortinet, Cisco and Check...
The Cyber Perimeter Was Never Dead. We Just Abandoned It.
The article argues that the network perimeter is not dead, but has been neglected as organizations focus on cloud‑native identities. Federal actions—FBI’s Winter SHIELD operation and CISA’s BOD 26‑02 directive—force a hard look at weak authentication, excessive privileges, and unsupported edge...
Google Fixes Two New Chrome Zero-Days Exploited in Attacks
Google issued emergency updates on March 13 2026 to fix two high‑severity Chrome zero‑day flaws—CVE‑2026‑3909 in the Skia graphics library and CVE‑2026‑3910 in the V8 JavaScript/WebAssembly engine. Both vulnerabilities were confirmed to be exploited in the wild, prompting rapid patches for the...
AI Coding Agents Keep Repeating Decade-Old Security Mistakes
Researchers evaluated three leading AI coding agents—Claude Code, OpenAI Codex, and Google Gemini—by tasking them with building two real‑world applications from scratch. Across 30 pull requests and 38 security scans, 143 vulnerabilities were found, with 87 % of PRs containing at...
Passwords, MFA, and Why neither Is Enough
The article argues that traditional passwords and even multi‑factor authentication (MFA) no longer provide sufficient protection against modern credential attacks. It highlights how SMS codes can be intercepted via SIM swapping, authenticator apps are prone to replay and push‑bombing attacks,...
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
International law‑enforcement agencies dismantled the SocksEscort proxy botnet, which compromised roughly 369,000 residential routers in 163 countries. The operation, dubbed Operation Lightning, seized 34 domains, 23 servers and froze $3.5 million in cryptocurrency. SocksEscort sold proxy access to criminals, enabling fraud...
Ransomware Data Breaches Soar in the U.S., Affecting K12 and Higher Ed Privacy
Ransomware attacks on educational institutions reached 251 incidents in 2025, with the United States accounting for 130 of those events. American schools and universities suffered 3.89 million compromised records, representing over 98% of all stolen data in the sector, while global...
From Legacy Architecture to Cloudflare One
Cloudflare and CDW have teamed up to simplify Zero Trust migrations for large enterprises, offering a structured, risk‑aware pathway from fragmented VPNs to the Cloudflare One SASE platform. Their tiered methodology categorizes applications by complexity, moving simple SaaS first and...
Formidable Forms Flaw Lets Attackers Pay Less For Expensive Purchases via @Sejournal, @Martinibuster
A critical vulnerability (CVE‑2026‑2890) in the Formidable Forms WordPress plugin allows unauthenticated attackers to bypass Stripe payment verification. The flaw, present in all versions up to 6.28, lets a low‑value PaymentIntent be reused to mark a higher‑value purchase as paid....
Canadian Retail Giant Loblaw Notifies Customers of Data Breach
Lobster Companies Limited, Canada’s largest food and pharmacy retailer, disclosed a breach affecting a non‑critical segment of its IT network. Hackers accessed basic customer information, including names, phone numbers and email addresses, but no financial, health, or password data appears...
Japan Warns Companies Considering Ukraine Support on Potential Leaks by Huawei
Japan’s government cautioned domestic firms that aid Ukraine’s reconstruction about the risk of technology and sensitive data leaks via Huawei‑supplied 5G networks. The warning follows a Ukrainian telecom operator’s 5G trials with Huawei and a failed bid by Japan’s Rakuten...
Data Breach at NYC Health + Hospitals Partner Exposes Info of 5,086 Patients
A data breach at NADAP, a care‑management partner of NYC Health + Hospitals, exposed protected health information for 5,086 patients. The unauthorized access occurred around Nov. 26, 2025 and was discovered on Jan. 10, 2026, with the health system notified...
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iran’s Ministry of Intelligence and Security (MOIS) is now openly partnering with cyber‑criminal groups, embedding tools like the Rhadamanthys infostealer into its APT operations. The strategy, highlighted by Check Point research, shows MOIS‑run groups such as Void Manticore and MuddyWater buying...
Commercial Spyware Opponents Fear US Policy Shifting
Recent U.S. actions have raised alarms among spyware opponents, as ICE reactivated a contract with Paragon Solutions and the Treasury lifted sanctions on Intellexa executives. Meanwhile, major spyware firms Paragon and NSO Group were sold to U.S. investors, signaling potential...
Medical Technology Company Stryker Disrupted Globally by Cyberattack
Stryker, a leading medical‑technology supplier, announced a cyberattack on March 11 that compromised its Microsoft environment, though no ransomware or malware was detected. The breach disrupted the company’s global operations and prompted immediate containment efforts. Stryker is coordinating with hospital networks...
Onyx Security Launches With $40M
Onyx Security has launched its secure AI control plane, raising $40 million from investors Conviction and Cyberstarts. The platform consolidates security, governance, and infrastructure functions to monitor AI agents across enterprises. Powered by proprietary models, it promises compliance, risk mitigation, and...
UK Fraud Strategy Considers Business Digital Identity and IDV
The UK Home Office released the Fraud Strategy 2026‑2029, committing £250 million to combat fraud and cyber‑crime, with a focus on digital identity and biometric verification. The plan introduces a £30 million Online Crime Centre, tighter KYC for company directors, and a...
DOD Is Finally Leaning Into CMMC 2.0 Requirements for CUI
The Department of Defense has accelerated enforcement of CMMC 2.0 for contracts handling Controlled Unclassified Information, a shift driven by recent White House contracting reforms. Since January, more DoD solicitations explicitly require specific CMMC levels, prompting contractors to prove their data‑security...
AutoCAD Users May Have a Ransomware Problem – Here's What They Can Do
Cybercriminals are now disguising ransomware as AutoCAD file types, a tactic uncovered by Veeam’s security team. With AutoCAD commanding roughly 40% of the CAD market, attackers exploit the trusted .dwg and .dwt extensions to bypass naïve file‑type filters. The deception...
Study Finds That AI Is Organizations’ Top Cybersecurity Fear
More than half of surveyed organizations now rank generative AI as their top cybersecurity threat, overtaking stolen credentials. AI‑driven attacks such as deepfakes and hyper‑personalized phishing are proliferating, with phishing emails appearing every 19 seconds in 2025. Nearly 40% of...
Deepfakes Force Enterprises to Rethink Cybersecurity
Enterprises face rising deepfake threats as generative AI matures, prompting a shift from simple detection tools to layered security strategies. Current detection systems achieve only about 80% accuracy and lack explainability, limiting legal and public trust. Vendors such as GetReal...
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Brazilian security firm ZenoX has uncovered VENON, a Rust‑based banking trojan that targets 33 banks and digital‑asset platforms. The malware uses DLL side‑loading, shortcut hijacking, and nine evasion techniques before delivering credential‑stealing overlays. Distribution relies on a PowerShell‑driven ZIP chain,...
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Security researchers have uncovered a new phishing technique that leverages Cloudflare's Turnstile human‑verification widget to conceal fraudulent Microsoft 365 login pages. The malicious sites present a Turnstile challenge, then use the visitor's IP to identify security professionals or bots and serve...
Active Directory Flaw Enables SYSTEM Privilege Escalation
Microsoft disclosed CVE-2026-25177, an Active Directory Domain Services flaw with an 8.8 CVSS rating that lets attackers manipulate Service Principal Names using hidden Unicode characters. The vulnerability enables privilege escalation to SYSTEM level across the domain, even with minimal initial...