Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence. Dutch intelligence agencies (MIVD and AIVD) warn of a global campaign by Russia-linked threat actors aiming to compromise Signal and WhatsApp accounts. The operation targets government officials, civil servants, and military personnel, highlighting growing cyber risks to sensitive…
Category: Apps
AI, Apps, Compliance, Global Security News, Risk Management
Datadog Intros MCP Server for Secure AI Observability
Datadog, Inc., a provider of observability and security services for cloud applications, has announced that its MCP Server is now generally available. The Datadog MCP Server provides access to live observability data, enabling teams to debug using their preferred AI coding agents or an Integrated Development Environment, with real-time telemetry, and take action within established…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Why MSPs Should Focus on Managed Patch Management in 2026
In 2026, patch management is more critical than ever as organizations face a rapidly evolving threat environment. AI-driven attacks have increased both the volume and sophistication of exploits, making vulnerabilities easier and faster for threat actors to weaponize. As a result, MSPs and internal IT teams alike must implement effective patch management strategies to keep…
AI, Apps, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management
PQC roadmap remains hazy as vendors race for early advantage
Post-quantum cryptography (PQC) has long sat on the periphery of enterprise security, with experts calling it inevitable but not urgent. That posture is beginning to shift. Earlier this year, Palo Alto Networks published a blog announcing a new “quantum-safe security” initiative, framing it as a way for enterprises to assess where quantum-vulnerable cryptography exists across…
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management, Russia
How AI Assistants are Moving the Security Goalposts
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx UI, tracked as CVE-2026-27944 (CVSS score of 9.8), allows attackers to download and decrypt full server backups without authentication. The flaw poses a serious risk to organizations exposing the management…
AI, Apps, Global Security News, malware, Russia
Massive GitHub malware operation spreads BoryptGrab stealer
Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distributing the BoryptGrab information stealer through more than 100 GitHub repositories. BoryptGrab is designed to collect browser and cryptocurrency wallet data, system details, and common files. Some variants also deploy…
AI, Apps, Europe, Global Security News, Government & Policy, malware, Network Security, privacy, Russia
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer a human problem! StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential Stealer Inside a fake Google security check that becomes a browser RAT SloppyLemming…
AI, Apps, Global Security News, Government & Policy, Politics, privacy, Risk Management
OpenAI on Surveillance and Autonomous Killings: You’re Going to Have to Trust Us
OpenAI claims it has accomplished what Anthropic couldn’t: securing a Pentagon contract that won’t cross professed red lines against dragnet domestic spying and the use of artificial intelligence to order lethal military strikes. Just don’t expect any proof. Sam Altman, OpenAI’s CEO, announced the company’s big win with the Defense Department in a post on…
AI, Apps, Global Security News, malware
Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
WordPress Plugin Flaw Lets Attackers Create Admin Accounts
A vulnerability in a popular WordPress membership plugin could allow attackers to create administrator accounts and completely take over affected websites. The flaw affects the User Registration & Membership plugin and enables unauthenticated attackers to bypass security controls during the account registration process. This vulnerability allows “… unauthenticated attackers to create administrator accounts by supplying…
AI, Apps, Compliance, Global Security News, Risk Management
Nutanix Enterprise Cloud Index: AI Drives Container Adoption
Nutanix, a hybrid multicloud computing company, has published the findings of its eighth annual Enterprise Cloud Index (ECI) survey and research report. The report looked at the challenges IT executives face as they navigate the rapid growth of AI use and the increasing need for application and infrastructure modernization in the enterprise. Scaling AI confidently…
AI, Apps, Data Breaches, Global Security News, Government & Policy, Network Security
FBI Arrests Suspect in $46M U.S. Marshals Crypto Theft
A suspect accused of stealing more than $46 million in cryptocurrency linked to assets managed by the U.S. Marshals Service (USMS) has been arrested in an international law enforcement operation. The suspect, identified as John Daghita, was apprehended Wednesday on the Caribbean island of Saint Martin. “Last night, John Daghita – a U.S. government contractor…
AI, Apps, Global Security News, Risk Management
Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
North Korean threat groups are using artificial intelligence tools to accelerate and expand the country’s long-running scheme to get remote technical workers hired at global companies for longer durations, Microsoft Threat Intelligence said in a report Friday. AI services are empowering North Korean operatives across the attack lifecycle. Attackers have turned AI into a “force…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
AWS-LC Flaws Could Bypass Certificate Verification
Amazon AWS has disclosed several vulnerabilities in AWS-LC, its open-source cryptographic library. The issues include flaws that could allow certificate verification to be bypassed and weaknesses that may expose encryption timing information. One of the vulnerabilities, CVE-2026-3338, “allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes,” said AWS in…
AI, Apps, Europe, Global Security News
European consumers ask EU to put a stop to digital enshittification
Online rights campaigners have come together to complain about the propensity of IT companies to make life more difficult for their users. The groups, mainly from Europe but with some from the US, have written to policy makers in the EU/EEA, UK and the US. The initiative has been spearheaded by Forbrukerrådet (the Norwegian Consumer…
AI, Apps, Data Breaches, Global Security News, Government & Policy, malware, Network Security, Politics, Risk Management
FBI Investigates Suspicious Activity in Surveillance Platform
The Federal Bureau of Investigation (FBI) is investigating suspicious cyber activity involving systems used to process surveillance and wiretap warrants, raising concerns about the security of highly sensitive law enforcement infrastructure. Although officials say the issue has been contained, the incident highlights the growing cyber risks facing government networks that store and manage critical investigative…
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
CyberProof 2026 Report Warns of Rising Identity and AI Cyberattacks
The global cyber threat landscape shifted in 2025, as attackers increasingly abandoned complex malware in favor of faster, more scalable tactics centered on identity compromise, AI-driven automation, and SaaS ecosystem abuse. According to the CyberProof 2026 Global Threat Intelligence Report, attackers are no longer focused on breaking through network perimeters. Instead, they are logging in…
AI, Apps, Exploits, Global Security News, Risk Management
OAuth vulnerability in n8n automation platform could lead to system compromise
A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, researchers at Imperva have discovered. Setting up OAuth allows n8n to connect to services such as Google Workspace, Microsoft 365, Slack, or GitHub without having to expose service passwords. This is core to automation platforms like…
AI, APAC, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management
Channel M&A Roundup: February 2026 Consolidation Trends
During the month of February, the channel witnessed several key acquisitions and a couple of mergers aimed at increasing revenue and supporting partners. Among the moves are acquisitions by 11:11 Systems, Scale Computing, and Proofpoint, which continue to pursue strategic acquisitions to grow their businesses and expand their services. Proofpoint acquires Acuvity Cybersecurity and compliance…
AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management
LevelBlue Launches Exposure Management for MSSPs with Tenable
LevelBlue is expanding its managed security portfolio for the channel with a new exposure management offering designed to help MSSPs and MSPs deliver deeper visibility into cyber risk across modern IT environments. The Dallas-based managed security provider announced Exposure Management for Partners, a new capability built in partnership with cybersecurity vendor Tenable. The offering expands…
AI, Apps, Cybersecurity, Global Security News, Risk Management
Will AI Agents Kill SaaS? What MSPs Should Know
With the advent of agentic AI, conversations are heating up about whether AI agents could replace SaaS platforms and disrupt the tech industry as we know it. While the so-called “SaaSpocalypse” suggests dramatic changes to the SaaS business model, its true impact on managed services remains to be seen. AI agents promise to reduce tool…
AI, Apps, Endpoint, Global Security News, Government & Policy, malware, Network Security
Iran-nexus APT Dust Specter targets Iraq officials with new malware
A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry of Foreign Affairs in phishing messages that delivered previously unseen malware, including SPLITDROP, TWINTASK, TWINTALK,…
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While slightly below the 100 observed in 2023, the number increased from 78 in 2024, with…
AI, Apps, Global Security News, Network Security
The ‘Attachment Economy’ is now coming to your desk
What do tech companies have to do to get your attention? Have you heard about the Attachment Economy? It’s the next evolution of the Attention Economy. The Attention Economy concept was first articulated by economist Herbert A. Simon in 1971. He wrote that “a wealth of information creates a poverty of attention.” The idea was…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Cisco SD-WAN Manager Vulnerabilities Actively Exploited
Cisco is warning customers that attackers are actively exploiting multiple vulnerabilities affecting its Catalyst SD-WAN Manager platform. The software serves as a centralized management console used to monitor and control large distributed SD-WAN deployments. These vulnerabilities “… could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information,…
AI, Apps, Compliance, Global Security News, Government & Policy, Risk Management
AWS completes the 2026 annual Dubai Electronic Security Centre (DESC) certification audit
We’re excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate as a Tier 1 Cloud Service Provider (CSP) for the AWS Middle East (UAE) Region. This alignment with DESC requirements demonstrates our continued commitment to adhere to the heightened expectations for CSPs. Government…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Cisco Firewall Management Flaw Enables Remote Code Execution
Cisco has reported a vulnerability in its Secure Firewall Management Center (FMC) software that could allow attackers to remotely execute code and take full control of affected systems. The flaw does not require user interaction or authentication. “An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface…
Apps, Global Security News
Calling all innovators: Applications now open for Cicada xTech23
Australia’s leading deep tech founders invited to apply for one of 23 coveted places in Australia’s biggest deep tech festival, Cicada xTech23.
AI, Apps, Data Breaches, Exploits, Global Security News, Risk Management
Commvault Expands Identity Resilience with Okta, CloudSEK
Commvault announced two new capabilities aimed at strengthening enterprise identity protection, expanding its Identity Resilience portfolio with support for Okta, and introducing a new integration with threat intelligence provider CloudSEK. The add capabilities focus on helping organizations respond to the growing wave of identity-based cyberattacks, as credential theft and exposed identity data become a primary…
AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security
Cisco reveals 2 max-severity defects in firewall management software
Cisco released information on a pair of max-severity vulnerabilities in its firewall management software Wednesday that unauthenticated, remote attackers could exploit to obtain the highest level of access to the underlying operating system or on affected devices. The vulnerabilities — CVE-2026-20079 and CVE-2026-20131 — affect the web-based interface of Cisco Secure Firewall Management Center (FMC)…
AI, Apps, china, Exploits, Global Security News, malware, Network Security, Risk Management, Russia
Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year
Google’s threat intelligence researchers have identified a sophisticated exploit kit targeting iPhones that was first used by a commercial surveillance vendor’s customer before being repurposed by a suspected Russian espionage group and then by Chinese cybercriminals, highlighting what researchers describe as an active secondary market for high-end zero-day exploits. “How this proliferation occurred is unclear,…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Russia
Coruna iOS Exploit Kit Compromises Thousands of iPhones
An iOS exploit framework has revealed how advanced mobile attack tools can move rapidly from surveillance operations to espionage and financial crime. Google’s Threat Intelligence Group (GTIG) identified Coruna, a powerful exploit kit containing 23 vulnerabilities across five exploit chains that were used to compromise thousands of iPhones throughout 2025. “The core technical value of…
AI, Apps, Cybersecurity, Data Security, Endpoint, Exploits, Global Security News, Risk Management
Forcepoint Revamps Partner Program, Data Security Platform
Forcepoint announced major updates to its AI-native Data Security Cloud platform and a revamped Global Partner Program designed to help partners deliver modern data security across cloud, endpoint, and AI-driven environments. The announcement comes as enterprises grapple with the security implications of artificial intelligence. According to a recent World Economic Forum report cited by Forcepoint,…
AI, APAC, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security
SIEM vs Log Management: Observability, Telemetry, and Detection
Security teams are no longer short on data. They are drowning in it. Cloud control plane logs, endpoint telemetry, identity events, SaaS audit trails, application logs, and network signals keep expanding, while the SOC is still expected to deliver faster detection and cleaner investigations. That is why SIEM vs log management is not just a…
AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
14 old software bugs that took way too long to squash
In 2021, a vulnerability was revealed in a system that lay at the foundation of modern computing. An attacker could force the system to execute arbitrary code. Shockingly, the vulnerable code was almost 54 years old — and there was no patch available, and no expectation that one would be forthcoming. Fortunately, that’s because the…
AI, Apps, Exploits, Global Security News, malware, Network Security, Russia
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
The infrastructure hosting the Tycoon2FA service, which Europol said was among the largest phishing operations worldwide, has been taken down by a coalition of IT companies and law enforcement agencies. At least temporarily, this removes access to one more tool for evading multifactor authentication defenses from threat actors. Europol, which coordinated the operation, said Wednesday…
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security
Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program] The internet is under constant, automated siege. Every publicly reachable IP address is probed continuously by bots and scanners hunting for anything that can be exploited or retrieved. It’s not because there is a specific target, but…
AI, Apps, Global Security News
Global coalition dismantles Tycoon 2FA phishing kit
Tycoon 2FA, a major phishing kit and platform that allowed low-skilled cybercriminals to bypass multifactor authentication and conduct large-scale adversary-in-the-middle attacks, was dismantled Wednesday by a global coalition of security companies and law enforcement agencies. Microsoft, which led the effort alongside Europol and authorities from six countries and 11 security firms or organizations, said it…
AI, Apps, Exploits, Global Security News, malware, Network Security
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls. Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls. It lets administrators configure,…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Perplexity Comet Browser Bug Leaks Local Files via AI Prompt Injection
A newly disclosed attack against Perplexity’s AI-powered Comet browser shows how agentic browsers can be manipulated into leaking sensitive data directly from a user’s machine. Zenity Labs researchers demonstrated a zero-click attack that tricks the browser’s AI agent into reading local files and sending their contents to an attacker-controlled server. The attack “… results in…
AI, Apps, Global Security News
AWS Partners See Surge in AI Agents Demand for 2026
Demand for AWS AI agents is accelerating in 2026, reshaping how enterprises buy technology and how partners deliver services. Executives from AWS, Mission Cloud, and Genpact say customers are moving quickly from experimentation to scaled deployment — often under board-level pressure to demonstrate AI-driven outcomes. AWS Marketplace search activity for agentic AI tools has increased…
AI, APAC, Apps, Cybersecurity, Data Breaches, Europe, Global Security News, Government & Policy, Network Security, Risk Management, Venture
February 2026 Recap: Channel Sees New Hires in a Variety of Roles
January saw a flurry of organizations hiring for the new year, including many CEOs. So many, in fact, that it required a Part 1 and Part 2. February’s leadership changes include several impactful hires from organizations such as QuSecure, Syncro, ConnectWise, and KnowBe4. Channel Insider takes a look around the channel each month to round…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
MS-Agent Flaw Enables Remote Code Execution via AI Agents
A vulnerability in an AI automation framework could allow attackers to take complete control of systems running the software. Security researchers have identified a command injection flaw in the ModelScope MS-Agent framework that could enable remote code execution through crafted prompt input, exposing organizations that deploy AI agents with operating system access. “The real issue…
AI, Apps, Global Security News
Digital.ai expands post-build protection for Android and iOS applications
Software security has reached an inflection point as AI development tools increase the volume and velocity of software releases, while AI is also powering the next generation of threat actors driving attack volume and sophistication to new heights. For security teams, this is not just acceleration – it is multiplication: more apps, more releases, and…
AI, Apps, Cybersecurity, Endpoint, Global Security News, Government & Policy, malware, Network Security, Risk Management
Iranian cyberattacks fail to materialize but threat remains acute
Five days into US and Israel’s war with Iran, the worst predictions for cyber-retaliation have yet to materialize. But Iran has built one of the world’s most active cyber operations, which means this is likely a temporary reprieve, experts warn. At the weekend, both the UK National Cyber Security Centre (NCSC) and the Canadian Centre…
AI, Apps, Cybersecurity, Endpoint, Global Security News, Government & Policy, malware, Network Security, Risk Management
Iranian cyberattacks fail to materialize but threat remains acute
Five days into US and Israel’s war with Iran, the worst predictions for cyber-retaliation have yet to materialize. But Iran has built one of the world’s most active cyber operations, which means this is likely a temporary reprieve, experts warn. At the weekend, both the UK National Cyber Security Centre (NCSC) and the Canadian Centre…
AI, Apps, Global Security News, Risk Management
Cork Cyber Unveils Software Installer Scripts
At ThreatLocker Zero Trust World, Cork Cyber announced the launch of Software Installer Scripts within the Cork Vantage Platform, a new capability that enables MSPs to generate dynamic installer scripts for vulnerable and outdated software across Windows environments. Aligning operational security with financial continuity According to Cork Cyber, the release addresses the longstanding problem of…
AI, Apps, Global Security News
Nasuni Acquires Resilio to Accelerate Edge File Access & AI
Nasuni has acquired Resilio to strengthen high-speed file synchronization and edge acceleration capabilities within its cloud-native file services platform. The Boston-based unstructured data management vendor announced March 4 that the deal brings Resilio’s file synchronization and caching technology into the Nasuni File Data Platform. The combined offering is designed to improve end-user access to shared…
AI, Apps, Compliance, Endpoint, Europe, Global Security News, Government & Policy, malware, Risk Management
Google Workspace vs. Microsoft 365: What’s the best office suite for business?
Once upon a time, Microsoft Office ruled the business world. By the late ’90s and early 2000s, Microsoft’s office suite had brushed aside rivals such as WordPerfect Office and Lotus SmartSuite, and there was no competition on the horizon. Then in 2006 Google came along with Google Docs & Spreadsheets, a collaborative online word processing and…
AI, Apps, Compliance, Global Security News
Radware Announces Another DDoS Industry First – Encrypted Attack Blocking Without SSL Decryption
COMPANY NEWS: Radware (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today announced the availability of its Web DDoS Protection for Encrypted Traffic as a cloud-based service that does not require SSL certificate sharing or traffic decryption. With this release, Radware believes it is the only security provider to…
Apps, Global Security News
RICOH MediaMax Expands Application Capabilities And Opens New Market Opportunities for Australian Businesses
COMPANY NEWS: Unique technology that expands substrate choice and drives new business opportunities
AI, Apps, Global Security News, Risk Management
ArmorCode AI Exposure Management identifies, governs, and reduces shadow AI risk
ArmorCode has announced AI Exposure Management (AIEM), delivered on the ArmorCode Agentic AI Platform, as the newest solution in its unified exposure management suite. ArmorCode AIEM is a system of action that provides enterprises with comprehensive visibility and control over AI usage across heterogeneous environments while establishing ownership and enforceable governance. ArmorCode AIEM helps organizations…
AI, Apps, Exploits, Global Security News, malware
Researchers discover suite of agentic AI browser vulnerabilities
Researchers have discovered multiple vulnerabilities that let attackers to quietly hijack agentic AI browsers. Researchers at Zenity Labs discovered these flaws, which affected multiple AI browsers, including Perplexity’s Comet. Before being patched, an attacker could exploit them via a legitimate calendar invite, using a prompt injection to force the AI browser to act against its…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Alabama Sextortion Case Involved Hundreds of Victims
A 22-year-old Alabama man has pleaded guilty to federal charges after hijacking the social media accounts of hundreds of young women and extorting them with stolen intimate images. Between 2022 and 2025, Jamarcus Mosley used impersonation tactics to seize control of victims’ Snapchat and Instagram accounts, then threatened to publish private photos unless they complied…
AI, Apps, Global Security News, Government & Policy
iTWire TV: AI With Accountability – How Smart Communications Is Proving That Regulated Industries Don’t Have to Choose Between Innovation and Trust
There’s an old IBM slide from the 1970s that carries a deceptively simple message: A computer can never be held accountable. Therefore, a computer must never make a management decision. Half a century later, as AI agents draft insurance claims, process government applications, and orchestrate healthcare communications at scale, that maxim hasn’t become obsolete – it’s become…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Politics, Risk Management
UK Warns of Heightened Iranian Cyber Risk as Middle East Conflict Intensifies
The United Kingdom’s National Cyber Security Centre (NCSC) is urging British organizations to brace for potential Iranian-linked cyber activity as tensions escalate in the Middle East. While officials say there is no confirmed spike in direct attacks against the UK, they caution that the situation could shift rapidly. “There is almost certainly a heightened risk…
AI, Apps, Global Security News, Government & Policy
AI With Accountability: How Smart Communications Is Proving That Regulated Industries Don’t Have to Choose Between Innovation and Trust
There’s an old IBM slide from the 1970s that carries a deceptively simple message: A computer can never be held accountable. Therefore, a computer must never make a management decision. Half a century later, as AI agents draft insurance claims, process government applications, and orchestrate healthcare communications at scale, that maxim hasn’t become obsolete – it’s become…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
$5M Microsoft Activation Key Fraud Ends in Prison Term
A Florida woman has been sentenced to 22 months in federal prison for running a years-long scheme that trafficked thousands of illicit Microsoft software activation keys. Heidi Richards, who operated Trinity Software Distribution, was also ordered to pay a $50,000 fine after pleading guilty to charges tied to the resale of Microsoft Certificate of Authenticity…
AI, Apps, Cloud Security, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Identity Security Blind Spots Fuel Modern Attacks
Many organizations believe they have identity security under control. New data from Permiso’s State of Identity Security Report suggests that confidence is increasingly misplaced — right as identity becomes the dominant attack vector in cloud environments. “92% percent of organizations have AI agents in production accessing sensitive data, and those agents are creating identities without…
AI, Apps, Data Breaches, Exploits, Global Security News
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management, Venture
Anthropic won’t kill cyber, but it will kill some companies
Over the past several weeks, social media has been exploding with predictions that “cyber is dead”. It doesn’t take much insight to jump on that bandwagon, as Anthropic’s announcement of Claude Code Security indeed sent the cybersecurity public market into turmoil, with some companies losing as much as 20% of their market cap. Contrary to…
AI, Apps, Cybersecurity, Global Security News, Risk Management
DeepKeep Launches AI Agent Security Scanner
DeepKeep on Tuesday introduced a new AI Agent Scanner designed to help enterprises identify and secure the growing attack surface created by AI agents embedded in business workflows. The Tel Aviv-based AI security vendor said its latest release provides structured attack surface scanning and discovery for agentic AI environments, where large language model (LLM)-based agents…
AI, Apps, Exploits, Global Security News, Government & Policy, malware, Risk Management
UAC-0252 Attack Detection: SHADOWSNIFF and SALATSTEALER Fuel Phishing Campaigns in Ukraine
Since January 2026, CERT-UA has been tracking a series of intrusions attributed to UAC-0252 and built around SHADOWSNIFF and SALATSTEALER infostealers. The campaigns rely on well-crafted phishing lures, payload staging on legitimate infrastructure, and user-driven execution of disguised EXE files. Detect UAC-0252 Attacks Covered in CERT-UA#20032 According to the Phishing Trends Q2 2025 research by…
AI, Apps, Endpoint, Exploits, Global Security News, malware
OAuth phishers make ‘check where the link points’ advice ineffective
Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultimately lead somewhere that isn’t. “OAuth includes a legitimate feature that allows identity…
AI, Apps, Endpoint, Exploits, Global Security News, malware
OAuth phishers make ‘check where the link points’ advice ineffective
Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultimately lead somewhere that isn’t. “OAuth includes a legitimate feature that allows identity…
AI, Apps, Global Security News, Risk Management
Nutanix Enterprise Cloud Inex Finds AI Is Driving Rapid Container Adoption while Shadow IT and Organisational Silos Create AI Risks
COMPANY NEWS: Shadow IT is creating business risk and security challenges Data sovereignty is a non-negotiable for Australian organisations Containers are the foundation of modern applications, with AI as the key driver
AI, APAC, Apps, Endpoint, Global Security News, Network Security, privacy
What is digital employee experience — and why is it more important than ever?
On any given day, an organization’s employees might be using smartphones, laptops, desktop computers, tablets, a variety of cloud and networking services, a host of enterprise applications and mobile apps, and other digital tools. Many of them might be working remotely, and nearly all of them will be operating with tight security and data privacy…
AI, Apps, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management
Phishing campaign exploits OAuth redirection to bypass defenses
Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing campaigns targeting government and public-sector organizations by abusing OAuth URL redirection. Instead of stealing credentials or exploiting software flaws, attackers leverage OAuth’s legitimate by-design behavior to bypass email and browser defenses. The tactic redirects…
AI, Apps, Global Security News
AI Agents: The Next Wave Identity Dark Matter – Powerful, Invisible, and Unmanaged
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This…
AI, Apps, Compliance, Cybersecurity, Data Security, Global Security News
Cybersecurity jobs available right now: March 3, 2026
AI & Data Security Expert Ferrero | Italy | Hybrid – View job details As an AI & Data Security Expert, you will define and maintain security controls for AI solutions, ensuring compliance with evolving threats and regulations. You will advise on data protection, tool selection, and access controls, strengthen AI evaluation frameworks, and drive…
AI, Apps, Data Security, Europe, Global Security News, Network Security
News alert: DDoS attacks surge 75% in 2025; Link11 says attacks now sustained, not sporadic
FRANKFURT, Mar. 2, 2026, CyberNewswire — Link11 has published its European Cyber Report 2026, revealing that DDoS attacks reached a new level in 2025 and have become a permanent stress factor for digital infrastructures. The report shows that the number of documented attacks in the Link11 network rose by 75% in 2025, following explosive growth in…
AI, Apps, Endpoint, Europe, Global Security News, Network Security, privacy
Windows 11 Insider Previews: What’s in the latest build?
Windows 11 25H2 has been released, but behind the scenes, Microsoft is constantly working to improve the newest version of Windows. The company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out — and help shape — upcoming features. Skip to the latest builds The Windows…
AI, Apps, Europe, Global Security News, Government & Policy, privacy, Risk Management
OpenAI says its US defense deal is safer than Anthropic’s, but is it?
OpenAI has struck a deal to supply the US government with AI services, announcing it hours after US President Donald Trump’s decision on Friday to ban its AI rival Anthropic from all US government contracts. Sam Altman, CEO of OpenAI, said of the negotiation, “It was definitely rushed, and the optics don’t look good,” in…
AI, Apps, Compliance, Endpoint, Global Security News, Network Security
Understanding IAM for Managed AWS MCP Servers
As AI agents become part of your development workflows on Amazon Web Services (AWS), you want them to work with your existing AWS Identity and Access Management (IAM) permissions, not force you to build a separate permissions model. At the same time, you need the flexibility to apply different governance controls when an AI agent…
AI, Apps, Global Security News
Closing the gap: why traditional security fails to protect the modern web browser
As the primary gateway to the internet – and now to most enterprise applications – web browsers are one of the most heavily used applications in any enterprise. Yet as cybercrime has grown to unprecedented levels, browsers remain one of the least protected elements of the security stack.
AI, Apps, Data Breaches, Europe, Exploits, Global Security News, Network Security, Risk Management
Europol Operation Targets Online Network Exploiting Minors
A yearlong international crackdown has led to 30 arrests tied to “The Com,” a decentralized cybercrime collective accused of targeting children and teenagers across digital platforms. Coordinated by Europol and involving law enforcement agencies from 28 countries, the operation — codenamed Project Compass — resulted in the arrest of 30 suspects, linked 179 additional individuals…
AI, Apps, Data Breaches, Global Security News, malware, Network Security, Risk Management
South Korean Tax Agency Leak Leads to $4.8M Crypto Theft
A public press release intended to highlight a tax enforcement victory instead exposed millions in confiscated cryptocurrency. South Korea’s National Tax Service (NTS) inadvertently revealed the mnemonic seed phrase of a seized Ledger hardware wallet, enabling an unknown actor to transfer approximately $4.8 million in digital assets. “The thief first deposited a small amount of…
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
Chrome Extension Hijacked to Push ClickFix Malware
A once-trusted Chrome extension with thousands of users was quietly transformed into a malware delivery vehicle, exposing how quickly browser add-ons can become security liabilities. QuickLens – Search Screen with Google Lens was removed from the Chrome Web Store after researchers discovered it had been updated to deploy ClickFix attacks and steal cryptocurrency wallet data. …
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security
BYOVD Turns Trusted Drivers Against Windows Security
A growing number of great actor groups are quietly abusing legitimate Windows drivers to turn endpoint defenses against themselves. Known as Bring Your Own Vulnerable Driver (BYOVD), the technique allows attackers to load a digitally signed but flawed driver and exploit it to gain full kernel-level access. Attackers “… load a legitimate, digitally signed, but…
AI, Apps, Endpoint, Exploits, Global Security News, Risk Management
Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API vulnerabilities every quarter. According to the 2026 API ThreatStats report, authorization issues ranked ninth in…
AI, Apps, Global Security News, Risk Management
Q&A: AI Fuels ERP Modernization Surge in the Channel
ERP modernization is no longer a discretionary IT refresh; it has become a strategic inflection point. As organizations confront end-of-maintenance deadlines, mounting security exposure, talent attrition, AI-driven competitive pressure, and rising expectations for real-time performance, the question is shifting from whether to modernize to how, and how fast. In this Q&A, Henrik Wagner, the chief…
AI, Apps, Exploits, Global Security News, Risk Management
Your dependencies are 278 days out of date and your pipelines aren’t protected
Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across the environments studied, 87% of organizations run at least one exploitable vulnerability in production services, affecting 40% of those…
AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management
How CISOs can build a resilient workforce
With ongoing skills gaps, AI reshaping roles and workforce stress as standing concerns for many CISOs, ensuring the resilience of the workforce has become top of mind. But due to budget constraints, return to office mandates and teams struggling to keep up with the threat landscape, CISOs are faced with a real challenge. Stephen Ford,…
AI, APAC, Apps, Global Security News
Cheap enterprise PCs? Not anytime soon — analysts
Historic price hikes for PCs are likely to linger for a long time, prompting many enterprises to put hardware upgrades on hold, analysts said. PC prices — for both enterprise and consumer buyers — are expected to jump by about 17% this year, Gartner analyst Ranjit Atwal told Computerworld. And the era of the $500…
AI, Apps, Global Security News, Network Security, privacy
People are getting sick of AI — literally
Does AI make you nervous? Worried? Fearful? Delusional? The rise of AI appears to be triggering the rise of new conditions that never existed before. So, what’s going on? We’ve all heard of AI psychosis, of course. The media loves this one. The phrase “AI psychosis” started as “chatbot psychosis.” Coined by Danish psychiatrist Søren…
AI, Apps, Global Security News
Security debt is becoming a governance issue for CISOs
Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline (Source: Veracode) The analysis spans 1.6 million unique applications that underwent static analysis, dynamic analysis,…
AI, Apps, Exploits, Global Security News, malware
Week in review: Self-spreading npm malware hits developers, Cisco SD-WAN 0-day exploited since 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Identity verification systems are struggling with synthetic fraud Fake and expired IDs keep showing up in routine customer transactions, from alcohol purchases to credit card applications. The problem shows up most often in industries that depend on fast onboarding and…
AI, Apps, Global Security News, Government & Policy, Politics, Risk Management
Anthropic to Department of Defense: Drop dead
In recent weeks, AI giant Anthropic has been locked in a high‑stakes confrontation with the Trump administration’s Department of Defense (DoD) over new standard terms the Pentagon wants to impose on AI vendors. Defense Secretary Pete Hegseth had demanded contract language that would give the military “any lawful use” of Anthropic’s models, effectively stripping out…
AI, Apps, china, Global Security News, Government & Policy, Politics, Risk Management
Trump administration bans Anthropic, escalating clash over military use of AI
The Trump administration on Friday moved to ban the use of products from artificial intelligence company Anthropic by federal businesses, escalating a high-stakes clash over whether private AI makers can limit how the US military uses their systems. Calling Anthropic “Leftwing nut jobs,” President Donald Trump said in a Truth Social post that he was…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
FreeBSD Jail Escape Flaw Breaks Filesystem Isolation
A critical vulnerability in FreeBSD allows attackers to escape jail environments and access the host filesystem. The flaw weakens a core isolation mechanism and, under specific configurations, can lead to a complete breakdown of filesystem separation. This vulnerability “… enables full filesystem access for a jailed process, breaking the chroot,” said researchers in the advisory.…
AI, Apps, Endpoint, Global Security News, malware, Network Security
Aeternum botnet hides commands in Polygon smart contracts
Aeternum botnet uses Polygon blockchain smart contracts for C&C, making its infrastructure harder to detect and disrupt. Qrator Labs researchers uncovered Aeternum, a botnet that runs its command-and-control infrastructure through smart contracts on the Polygon blockchain. By decentralizing its C2, the malware avoids traditional server-based takedowns and becomes far harder to disrupt or shut down,…
AI, APAC, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Juniper PTX Flaw Could Allow Full Router Takeover
Juniper Networks has disclosed a critical vulnerability in Junos OS Evolved that could allow an unauthenticated attacker to gain root-level control of affected PTX Series routers. These routers are widely used in service provider, telecom, and cloud environments. The vulnerability “… allows an unauthenticated, network-based attacker to execute code as root,” said the company in…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Trend Micro Patches Critical Apex One RCE Flaws
Trend Micro has released patches for two high-severity vulnerabilities in its Apex One endpoint security platform. The flaws impact the Apex One management console and could allow remote code execution on unpatched systems. One of the vulnerabilities, CVE-2025-71210, “… could allow a remote attacker to upload malicious code and execute commands on affected installations,” said…
AI, Apps, Global Security News, Risk Management
Jack Dorsey shrinks Block to ‘intelligence‑native’ model, cutting 4,000 jobs
Block, the payments and financial services company led by Jack Dorsey, is cutting more than 4,000 jobs, nearly half its workforce, because AI tools have made a leaner organisation not just possible, but strategically preferable, Dorsey said in a letter to its shareholders. The cuts will reduce Block’s headcount from over 10,000 to just under…
AI, APAC, Apps, Cloud Security, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Why application security must start at the load balancer
For a long time, I thought of the load balancer as a performance device. Its job was to distribute traffic, improve uptime, and make applications feel fast. Security was something that happened elsewhere, on firewalls, inside WAFs or deep in the application code. That perspective changed early in my consulting career. I worked with a…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
12 Million exposed .env files reveal widespread security failures
Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny rule, an overlooked server setting, or a full project folder uploaded to production can quietly expose a company’s most sensitive secrets. In many cases, those secrets live inside simple environment files…
AI, APAC, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security
Ransomware groups switch to stealthy attacks and long-term access
Ransomware attackers are switching tactics in favor of more stealthy infiltration, as the threat of public exposure of sensitive corporate data is becoming the main mechanism of extortion. Picus Security’s annual red-teaming report shows attackers shifting away from loud disruption toward quiet, long-term access — or from “predatory” smash-and-grab tactics to “parasitic” silent residency. Four…
AI, Apps, Compliance, Global Security News
AWS successfully completed its first surveillance audit for ISO 42001:2023 with no findings
In November 2024, Amazon Web Services (AWS) was the first major cloud service provider to announce the ISO/IEC 42001 accredited certification for AI services, covering: Amazon Bedrock, Amazon Q Business, Amazon Textract, and Amazon Transcribe. In November 2025, AWS successfully completed its first surveillance audit for ISO 42001:2023, Artificial Intelligence Management System with no findings.…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Inside AWS Security Agent: A multi-agent architecture for automated penetration testing
AI agents have traditionally faced three core limitations: they can’t retain learned information or operate autonomously beyond short periods, and they require constant supervision. AWS addresses these limitations with frontier agents—a new category of AI that performs complex reasoning, multi-step planning, and autonomous execution for hours or days. Multi-agent collaboration has emerged as a powerful…