This month in security with Tony Anscombe – February 2026 edition
In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
How can you be reassured about your AI’s security integrity
Is Your AI Security Integrity Robust Enough? Where artificial intelligence is increasingly utilized across diverse sectors, the question of...
Is your AI security solution scalable for future challenges
Are Non-Human Identities the Key to Scalable AI Security? How can organizations ensure their AI security solution stays scalable...
Canadian Tire 2025 data breach impacts 38 million users
Canadian Tire 2025 data breach impacts 38 million users Pierluigi Paganini February 28, 2026 A data breach at Canadian Tire...
MY TAKE: The Pentagon punished Anthropic for red lines it accepted from OpenAI hours later
By Byron V. Acohido KINGSTON, Wash. — On Friday afternoon, President Trump ordered every federal agency to stop using...
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to...
Iran Has One Card Left—It’s Pointed at Your Network
In light of today’s attack by the U.S. and Israel on Iran, it is prudent to ask: What can...
External Authentication: Exploring WS-Trust for Authentication
Let’s be honest. Nobody wakes up in the morning excited to debug XML. In the rush to slap OAuth2...
Iran ’s Internet near-totally blacked out amid US, Israeli strikes
Iran ’s Internet near-totally blacked out amid US, Israeli strikes Pierluigi Paganini February 28, 2026 Iran experienced a near-total internet...
Microsoft warns of RAT delivered through trojanized gaming utilities
Microsoft warns of RAT delivered through trojanized gaming utilities Pierluigi Paganini February 28, 2026 Attackers spread trojanized gaming tools to...
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the...
How vCISO Services Reduce Cyber Risk Without Increasing Costs?
Smaller organizations are increasingly under attack, with ransomware emerging as the dominant threat. According to the Verizon 2025 Data...
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused...
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Ravie LakshmananFeb 28, 2026National Security / Artificial Intelligence Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth...
Mobile app permissions (still) matter more than you may think
Mobile Security Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them...
