Illinois Representative Delia Ramirez has been appointed as the top Democrat on the House Homeland Security Committee's Cybersecurity and Infrastructure Protection Subcommittee, replacing Eric Swalwell following his resignation from Congress.
Most AI detection systems learn from post-compromise artifacts, but new data from GreyNoise reveals that attacker behavior — including fresh infrastructure and behavioral spikes — frequently surfaces well before a breach is confirmed.
Fortinet has released an emergency hotfix for CVE-2026-35616, a critical 9.1-scored authentication bypass flaw in FortiClient EMS that is already being exploited in the wild. CISA added the vulnerability to its Known Exploited Vulnerabilities catalog, mandating federal agencies patch by April 9.
A new Ekoparty report based on 605 LatAm cybersecurity professionals reveals the region faces 40% more cyberattacks than the global average while struggling to tap its largely self-trained talent pool.
OpenAI has introduced a new $100 monthly Pro subscription for ChatGPT, directly mirroring Anthropic Claude's pricing structure and targeting coders and enterprise users who need advanced AI capabilities.
The threat group TeamPCP is leveraging credentials harvested from supply chain attacks on open source projects to rapidly breach AWS, Azure, and SaaS environments, with some victims compromised within 24 hours of initial theft.
Healthcare professionals are turning to unsanctioned AI tools to manage crushing workloads, creating dangerous visibility gaps that compound ransomware recovery challenges. Experts say denial is no longer viable — containment and discovery are now the priority.
The OWASP Foundation has released updated AI security guidance splitting recommendations into generative AI and agentic AI tracks, while cataloguing 21 data security risks and expanding its solutions matrix from 50 to more than 170 providers.
The Kimwolf IoT botnet has been hammering the I2P anonymity network since early February 2026 after its operators attempted to enroll 700,000 infected devices as network nodes, overwhelming the system and cutting connectivity roughly in half.
A new phishing-as-a-service platform called Starkiller dynamically loads authentic login pages through a reverse proxy, capturing credentials and MFA tokens in real time while rendering traditional detection methods largely ineffective.