Category: SecurityNews
-
An FBI ‘Asset’ Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years
Tags: dark-webA staffer of the Incognito dark web market was secretly controlled by the FBI”, and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death. First seen on wired.com Jump to article: www.wired.com/story/an-fbi-asset-helped-run-a-dark-web-site-that-sold-fentanyl-laced-drugs-for-years/
-
US dominance of agentic AI at the heart of new NIST initiative
Moving too slowly: According to Gary Phipps, head of customer success at agentic AI security startup Helmet Security, a problem with NIST is that its initiatives are being outpaced by real-world developments. “History says that anything NIST comes up with will likely not emerge fast enough to address agentic AI,” said Phipps.”From the time NIST…
-
FBI says ATM ‘jackpotting’ attacks are on the rise, and netting hackers millions in stolen cash
The FBI says hacks that trick ATMs into spitting out cash on demand are rising, with hundreds of attacks in the past year alone netting hackers millions in stolen bills. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/fbi-says-atm-jackpotting-attacks-are-on-the-rise-and-netting-hackers-millions-in-stolen-cash/
-
Cellebrite cut off Serbia citing abuse of its phone unlocking tools. Why not others?
Cellebrite, which makes phone unlocking and hacking tools, stopped sales to countries that allegedly abused its tools. But after new allegations in Jordan and Kenya, the company has changed its approach. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/cellebrite-cut-off-serbia-citing-abuse-of-its-phone-unlocking-tools-why-not-others/
-
MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner
How AI is reshaping MVP development, helping startups build faster, validate smarter, avoid overbuilding, manage tech debt, and embed security early. First seen on hackread.com Jump to article: hackread.com/mvp-development-ai-startups-build-smarter-faster-leaner/
-
AI Governance Becomes Critical as Agentic AI Moves Into Production
As agentic AI scales, strong governance is essential to prevent unintended autonomous actions. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/ai-governance-becomes-critical-as-agentic-ai-moves-into-production/
-
PromptSpy is the first Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-android-malware-to-use-generative-ai-at-runtime/
-
BestClass ‘Starkiller’ Phishing Kit Bypasses MFA
A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/starkiller-phishing-kit-mfa
-
How are new AI secrets vaulting methods empowering better security?
How Can Organizations Leverage Non-Human Identities for Better Security? Have you ever wondered how Non-Human Identities (NHIs) are reshaping cybersecurity? With cyber threats evolve, organizations must prioritize the management of NHIs, especially when operating in cloud environments. NHIs serve as the machine identities within digital and are pivotal for modern security strategies. Understanding their role……
-
How are new AI secrets vaulting methods empowering better security?
How Can Organizations Leverage Non-Human Identities for Better Security? Have you ever wondered how Non-Human Identities (NHIs) are reshaping cybersecurity? With cyber threats evolve, organizations must prioritize the management of NHIs, especially when operating in cloud environments. NHIs serve as the machine identities within digital and are pivotal for modern security strategies. Understanding their role……
-
How can Agentic AI improve cybersecurity in financial services
Is Your Organization Ready for Agentic AI in Cybersecurity? Where cyber threats are becoming increasingly sophisticated, the use of Agentic AI in cybersecurity is transforming how industries like financial services handle their security protocols. But what exactly does this mean for your organization’s cybersecurity strategy, especially when integrating Non-Human Identities (NHIs) into your security framework?……
-
How can Agentic AI improve cybersecurity in financial services
Is Your Organization Ready for Agentic AI in Cybersecurity? Where cyber threats are becoming increasingly sophisticated, the use of Agentic AI in cybersecurity is transforming how industries like financial services handle their security protocols. But what exactly does this mean for your organization’s cybersecurity strategy, especially when integrating Non-Human Identities (NHIs) into your security framework?……
-
What are the latest advancements in Non-Human Identity security
How Secure Are Your Machine Identities? Non-Human Identities (NHIs) play a pivotal role in cybersecurity. Where businesses continue transitioning to cloud environments, the importance of protecting these machine identities becomes paramount. But how secure are your NHIs, and what measures are you implementing to ensure their protection? Understanding Non-Human Identities NHIs are essentially machine identities……
-
Why must healthcare embrace Agentic AI for data protection
Are Non-Human Identities the Key to Unlocking Agentic AI in Data Protection? Organizations across industries are increasingly focusing on the management of Non-Human Identities (NHIs). These machine identities, akin to digital passports, play a pivotal role in cybersecurity by managing encrypted passwords, tokens, and keys. Yet, how can NHIs serve as the cornerstone for Agentic……
-
FBI: More than 700 ATM jackpotting incidents with losses over $20 million occurred in 2025
Tags: unclassifiedIn a flash alert on Thursday, the FBI said it has tracked more than 1,900 ATM jackpotting incidents since 2020 and over 700 in 2025 that involved more than $20 million in losses. First seen on therecord.media Jump to article: therecord.media/fbi-atm-jackpotting-2025-report
-
Researchers warn Volt Typhoon still embedded in US utilities and some breaches may never be found
Dragos’s Rob Lee said Volt Typhoon is “still very active, and they’re still absolutely mapping out and getting into embedding in U.S. infrastructure, as well as across our allies.” First seen on therecord.media Jump to article: therecord.media/researchers-warn-volt-typhoon-still-active-critical-infrastructure
-
State Dept. official says post-quantum transition plans will outlive current leadership
Governments and businesses have a shared interest in seeing post-quantum encryption broadly adopted throughout society. First seen on cyberscoop.com Jump to article: cyberscoop.com/post-quantum-state-department-transition-plans-outlive-leadership-cycles/
-
Google says its AI systems helped deter Play Store malware in 2025
Google said it prevented 1.75 million bad apps from going live on Google Play during 2025, a figure that’s down from previous years. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/19/google-says-its-ai-systems-helped-deter-play-store-malware-in-2025/
-
Breach Roundup: Cambodia Scam Center Crackdown
Also: EU Bans AI Tools, Notepad++ Secures Updater, Apple Patches iOS Zero-Day. This week, Cambodia shuttered 200 scam centers. EU Parliament banned AI tools. Canada Goose disputed a ShinyHunters leak. Notepad++ patched an updater flaw. Apple fixed a decades-old iOS zero-day. BeyondTrust and Dell patched critical flaws under active exploitation. First seen on govinfosecurity.com Jump…
-
Cogent Security Gets $42M to Boost AI Vulnerability Defense
Series A Led by Bain Capital Ventures Targets Autonomous Remediation Platform. Cogent Security secured $42 million in Series A funding to expand its AI-powered platform. Backed by Bain Capital Ventures, the company plans to triple staff, enhance model accuracy and scale its agent-based architecture to help enterprises automate remediation and counter AI-driven cyberattacks. First seen…
-
Audit Finds Security Weaknesses at VA Spokane Medical Center
Access, Vulnerability Management, Configuration Lapses. A federal watchdog agency inspection of information security at the VA health system in Spokane, Wash. last year found deficiencies across three areas – configuration management, vulnerability management and access controls – that could potentially put sensitive data at risk, a new report said. First seen on govinfosecurity.com Jump to…
-
Abu Dhabi Finance Week Exposed VIP Passport Details
Unprotected cloud data sends the wrong signal at a time when the emirate’s trying to attract investors and establish itself as a global financial center. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/abu-dhabi-finance-week-leaked-vip-passport-details
-
Texas Sues TP-Link Over Alleged Security Risks and Supply Chain Deception
Texas has sued TP-Link over alleged supply chain deception and router security flaws linked to Chinese threat actors. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/texas-sues-tp-link-over-alleged-security-risks-and-supply-chain-deception/
-
Connected and Compromised: When IoT Devices Turn Into Threats
Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous. First seen on darkreading.com Jump to article: www.darkreading.com/iot/connected-compromised-iot-devices-turn-threats
-
NDSS 2025 NDSS 2025 BARBIE: Robust Backdoor Detection Based On Latent Separability
Session 12D: ML Backdoors Authors, Creators & Presenters: Hanlei Zhang (Zhejiang University), Yijie Bai (Zhejiang University), Yanjiao Chen (Zhejiang University), Zhongming Ma (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER BARBIE: Robust Backdoor Detection Based On Latent Separability Backdoor attacks are an essential risk to deep learning model sharing. Fundamentally, backdoored models are different from benign…
-
NDSS 2025 NDSS 2025 BARBIE: Robust Backdoor Detection Based On Latent Separability
Session 12D: ML Backdoors Authors, Creators & Presenters: Hanlei Zhang (Zhejiang University), Yijie Bai (Zhejiang University), Yanjiao Chen (Zhejiang University), Zhongming Ma (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER BARBIE: Robust Backdoor Detection Based On Latent Separability Backdoor attacks are an essential risk to deep learning model sharing. Fundamentally, backdoored models are different from benign…
-
West Virginia sues Apple for alleged child sexual abuse material failures
Tags: appleWest Virginia sued Apple for allegedly allowing iCloud to be used to disseminate and store child sexual abuse content. First seen on therecord.media Jump to article: therecord.media/apple-csam-west-virginia-lawsuit
-
Disclosure: XWiki CSS Injection (CVE-2026-26000)
During independent security research, a CSS injection vulnerability (CVE-2026-26000) was identified in the XWiki platform. XWiki is an open-source enterprise wiki and collaboration platform commonly used for internal documentation and knowledge management. According to XWiki, the platform has over 8,000 active installations and is used by organisations such as Lenovo and Amazon, meaning vulnerabilities can”¦…
-
Disclosure: XWiki CSS Injection (CVE-2026-26000)
During independent security research, a CSS injection vulnerability (CVE-2026-26000) was identified in the XWiki platform. XWiki is an open-source enterprise wiki and collaboration platform commonly used for internal documentation and knowledge management. According to XWiki, the platform has over 8,000 active installations and is used by organisations such as Lenovo and Amazon, meaning vulnerabilities can”¦…
-
UK to require tech firms to remove nonconsensual intimate images within 48 hours or face fines
U.K. Prime Minister Keir Starmer announced a new law that will require tech companies to remove intimate images shared without consent within two days or face large fines and potentially have their services blocked. First seen on therecord.media Jump to article: therecord.media/united-kingdom-noncensual-images-fines