Aggregator

You must login to view this content

You must login to view this content

A critical advisory warning regarding a severe vulnerability affecting Honeywell CCTV products, published on February 17, 2026, under advisory ICSA-26-048-04. The alert details a high-severity security flaw that could allow malicious actors to completely hijack user accounts and gain unauthorized access to sensitive camera feeds. The vulnerability has been assigned a CVSS v3 score of […]

The post CISA Warns of Honeywell CCTV Products Vulnerability Leads to Account Takeovers appeared first on Cyber Security News.

Frankfurt am Main, Germany, 19th February 2026, CyberNewswire

The post AI Under Control: Link11 Launches AI Management Dashboard for Clean Traffic appeared first on Security Boulevard.

AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths. 

1. The velocity trap: Security teams are fighting "machine-speed" threats with manual processes; you must move from volume-based management (fix everything, or try to) to context-based exposure management (fix what matters) to stay ahead.
2. The non-human identity crisis: With 52% of non-human identities holding critical excessive permissions, the "identity attack surface" is now dominated by overprivileged roles rather than human users.
3. Supply chain weaponization: Third-party risk has evolved from passive flaws to active compromise. Mapping the blast radius of external entities is no longer optional—it is a core requirement for governance, risk, and compliance (GRC).

Every year, the gap between "how fast we build" and "how well we protect" creates a new set of silent liabilities. In the “Tenable Cloud and AI Security Risk Report 2026,” we’ve analyzed real-world telemetry from diverse public cloud and enterprise environments to identify where this gap is most dangerous. The data reveals a critical tension: While teams are rushing to integrate AI and leverage third-party code, they are inadvertently creating direct, unmonitored paths to sensitive data.

AI adoption is no longer experimental. According to a recent study by Cloud Security Alliance (CSA) in partnership with Tenable, 55% of organizations now use AI tools for active business needs. However, this engineering speed has created a systemic control gap in the underlying access infrastructure.

Our latest telemetry analysis, performed via Tenable One Cloud Security, reveals the technical reality: 18% of organizations have overprivileged IAM roles that AWS AI services can instantly assume. These roles often carry critical administrative permissions but are rarely audited for least-privilege alignment.
 

18% of organizations harbor overprivileged IAM roles that AWS AI services can assume – including a 13% critical exposure layer primed for high-impact compromise.

Also of considerable concern is the "dormancy gap." We found that 73% of Amazon SageMaker roles and 70% of Amazon Bedrock agent roles are currently inactive. These abandoned roles act as a pre-packaged catalog of privileges waiting to be claimed by an attacker who gains a foothold in your AI environment.

Cloud security risk management must now account for active weaponization, as supply chain weaknesses have evolved from passive, latent flaws to immediate, active compromise.

• Vulnerable packages (passive risk): A staggering 86% of organizations have at least one third-party code package containing a critical-severity vulnerability.
• Malicious packages (active threat): 13% of organizations have deployed third-party code packages with a known history of compromise, such as those affected by the s1ngularity or Shai-Hulud malware campaigns.

13% of organizations — nearly one in eight — have deployed at least one third-party code package with a known malicious history. 

It isn't just about the code you import; it's about the permissions you grant to external entities, such as partners, suppliers and contractors. Our research shows that 53% of organizations have given third parties access to internal systems via external accounts capable of assuming highly risky, excessive permissions. In many cases, the "blast radius" is massive: 14% of organizations expose over 75% of their total cloud resources to trusted third-parties via these external accounts. If a single trusted vendor is breached, the adversary gains a direct path for lateral movement across your entire estate.

Modern governance must address these converging threats, as our research shows that for 70% of organizations, AI and model context protocol (MCP) packages have become core components of the production cloud stack.

• The AI standing privilege risk: 18% of organizations harbor AI services with administrative permissions that are rarely audited.
• Non-human identities dominate: 52% of non-human identities possess critical excessive permissions, outpacing human identities (37%). Over a third of these non-human roles are inactive — a large but easily mitigated exposure.
• Massive supply chain blast radius: Single-vendor compromises can grant an adversary instant lateral movement across your most sensitive systems.

52% of non-human identities are highly overprivileged, of which 37% are inactive. Eliminating these inactive “ghost” roles is the most efficient path to reducing the identity attack surface.

Standard security tools often fail because they lack the unified context of how identities, workloads, and AI services intersect. To safely navigate the velocity trap, organizations need a modern GRC framework powered by exposure management —not basic scanning. Tenable One Cloud Security provides this unified context through a CNAPP that integrates AI-SPM, CIEM, DSPM, and CSPM to address the full spectrum of cloud and AI risk:

• Neutralize ghost roles and classify data: Tenable Cloud Security's identity-first approach automatically identifies inactive roles while DSPM classifies sensitive data. Mapping access to your sensitive data allows you to automate the cleanup of the most dangerous exposure paths—including dormant AI service entitlements that expand the identity attack surface.
• Prioritize via exploitability: Tenable One correlates cloud misconfigurations, identity risks, and vulnerability data to surface real exploitable exposures rather than flat severity scores. This exposure context lets you systematically remove the "sitting ducks" that attackers strike first—whether they're overprivileged AI roles, vulnerable third-party packages, or excessive external entitlements.
• Enforce zero trust with JIT access: Tenable Cloud Security's Just-in-Time (JIT) access eliminates permanent attack paths by ensuring overprivileged roles—including those assumed by AI services—only activate when needed, containing the "blast radius" during a potential compromise.

Tenable One Cloud Security enables you to achieve AI risk management and cloud security risk management by providing the unified visibility needed to close these exposure gaps – across hybrid and multi-cloud environments. Ready to see the full data and discover all 10 strategic recommendations?

Register now to download the full “Tenable Cloud and AI Security Risk Report 2026”

Adidas confirmed it is investigating a possible data breach involving one of its third-party customer service providers. The company stated that there is no indication its IT infrastructure, e-commerce platforms, or consumer data were impacted by the incident. An individual claiming to belong to the Lapsus$ Group posted on BreachForums alleging they had compromised the sportswear giant’s extranet. The stolen dataset is described as containing 815,000 rows of information, including names, email addresses, passwords, birthdays, … More →

The post Adidas investigates alleged data breach affecting 815,000 records appeared first on Help Net Security.

A sophisticated evolution of the ClickFix social engineering campaign, in which threat actors are now abusing the legitimate Windows utility nslookup.exe to deploy malicious payloads via DNS queries. This technique, noticed by Researcher Muhammad Hassoub, marks a significant shift from traditional attack methods that typically rely on PowerShell commands, making detection more challenging for security teams. […]

The post Hackers Leveraging nslookup.exe to Stage Payloads via DNS Using Clickfix Attack appeared first on Cyber Security News.