A China-nexus threat group, tracked as Red Menshen (aka Earth Bluecrow, DecisiveArchitect, Red Dev 18), has conducted a multi-year espionage campaign targeting telecom providers in the Middle East and Asia by deploying stealthy Linux kernel-level implants. The adversary abuses Berkeley Packet Filter (BPF) functionality to embed passive backdoors (BPFDoor) that activate via crafted network packets, avoiding detectable listeners or C2 channels. Initial access is obtained via internet-facing edge services (e.g., VPNs, firewalls) from vendors including Ivanti, Cisco, Juniper, Fortinet, VMware, Palo Alto, and Apache Struts. Post-exploitation includes deployment of frameworks like CrossC2 and Sliver, alongside credential harvesting tools, enabling lateral movement. BPFDoor’s functionality extends to telecom-native protocols (e.g., SCTP), potentially granting visibility into subscriber behavior, location tracking, and surveillance of high-value targets. A newly documented variant enhances evasion by concealing trigger packets within legitimate HTTPS traffic at fixed byte offsets and introducing ICMP-based lightweight communication between infected hosts.

Researchers at Georgia Tech’s Systems Software & Security Lab (SSLab) report a significant increase in vulnerabilities directly introduced by AI coding tools, with at least 35 new CVE entries disclosed in March 2026 alone—up from six in January and 15 in February. The findings, part of the Vibe Security Radar project launched in May 2025, track flaws across multiple public advisories (NVD, GHSA, OSV, RustSec) and confirm 74 cases where AI tool signatures (e.g., co-author tags, bot emails) were present in vulnerability-introducing commits. Anthropic’s Claude Code is the most frequently identified tool, though underreporting is suspected due to metadata stripping and lack of traces in tools like GitHub Copilot.

A critical Oracle WebLogic remote code execution (RCE) vulnerability, tracked as CVE-2026-21962 with CVSS score 10.0, underwent rapid weaponization within hours of public exploit code release in January 2026. Automated scanning and exploitation campaigns leveraging the flaw were detected targeting internet-exposed WebLogic servers globally, with the first exploitation attempt recorded on January 22, 2026—the same day exploit code was published. Threat actors predominantly utilized rented virtual private servers from mainstream cloud providers to conduct attacks. The observed activity underscores the immediate operational risk posed by newly disclosed high-severity WebLogic vulnerabilities and highlights continued reliance on long-standing, known-vulnerable endpoints for mass exploitation.

A newly identified EtherRAT campaign employs Ethereum smart contracts to host and rotate command-and-control (C2) infrastructure, evading traditional takedown mechanisms. The malware, observed in a March 2026 retail sector incident response, delivers a Node.js-based backdoor after initial access via ClickFix attacks and Microsoft Teams–based IT support scams. Once deployed, EtherRAT exfiltrates system data, steals cryptocurrency wallets and cloud credentials, and blends malicious traffic with legitimate CDN requests. The attack chain includes obfuscated scripts, encrypted payloads, and Windows registry persistence, with C2 addresses retrieved dynamically from Ethereum smart contracts via public RPC endpoints. Operators can update C2 infrastructure by writing new data to contracts, enabling low-cost retooling and sustained access.

A study by Sonatype analyzing 258,000 AI-generated dependency upgrade recommendations across Maven Central, npm, PyPI, and NuGet from June to August 2025 revealed that frontier AI models—including GPT-5.2, Claude Sonnet 3.7/4.5, Claude Opus 4.6, and Gemini 2.5 Pro/3 Pro—frequently produce hallucinated or incorrect upgrade paths, security fixes, and version recommendations. Nearly 28% of recommendations from earlier models were hallucinations, while even improved frontier models introduced faulty advice, leaving critical and high-severity vulnerabilities unresolved in production environments. The issue stems from the models’ lack of real-time dependency, vulnerability, compatibility, and enterprise policy context, leading to wasted developer time, unresolved exposures, and increased technical debt. Notably, some recommendations introduced known vulnerabilities into AI tooling stacks themselves, exacerbating risk within the models’ own infrastructure.

Threat actors are conducting a phishing campaign targeting TikTok for Business accounts, using Cloudflare-hosted reverse proxy pages to harvest credentials and session cookies, bypassing two-factor authentication. The campaign uses domains registered on March 24 via NiceNIC and hosted on a Google Storage bucket, impersonating TikTok for Business and Google Careers pages. Victims are lured via a Google Storage redirect with Cloudflare Turnstile bot protection to malicious pages that request email validation before presenting a fake login interface. Impact includes potential account takeover, ad fraud, malware distribution, and cryptocurrency scams leveraging compromised business accounts.

Meta has introduced several new features for WhatsApp, including AI-powered message drafting and image retouching, multi-account support on iOS, chat history transfer between iOS and Android, and enhanced anti-scam protections. The AI features operate under a privacy model called Private Processing, which ensures message content remains inaccessible to Meta or WhatsApp. Additionally, the update includes tools for media file management and parental controls for pre-teens. These changes aim to improve usability, privacy, and security across the platform.

Modern fraud attacks follow structured, multi-stage chains where different tools and operators handle each phase, from automated signups to account takeovers and monetization. Attackers rotate infrastructure and mix tactics to evade single-signal detection, often using aged or compromised credentials and residential proxies to appear legitimate. Fraudsters blend automated bot traffic with human-operated sessions, exploiting gaps between siloed defenses such as IP reputation, email, device fingerprinting, and identity verification. This coordinated approach enables credential stuffing, synthetic identity fraud, and high-value transaction abuse, with attackers adapting tools as they move from signup to monetization. Effective mitigation requires correlating hundreds or thousands of signals—IP, device, identity, and behavior—across the entire attack lifecycle to detect coordinated abuse patterns rather than isolated anomalies.

AI has rapidly become a central capability for both cyber threat actors and defenders, with criminals leveraging it to enhance malware development, automate reconnaissance, and scale phishing and social engineering across languages and platforms. Corporate security leaders now prioritize AI investments in response, while threat actors use publicly available agentic AI tools to conduct autonomous penetration testing-style attacks. Concerns are rising that AI will fuel a sustained increase in both the volume and sophistication of threats across a broader threat actor base, though AI is also positioned as a critical enabler for rapid detection and automated defense.

The dual iOS exploitation campaigns—Coruna and Darksword—are now confirmed as closely related frameworks with shared origins in the 2019–2023 Operation Triangulation campaign, reinforcing attribution to Russian threat actor UNC6353 and associated groups. Coruna has evolved from a precision espionage tool into a mass-exploitation framework with 23 exploits across five chains, now targeting iOS 13–18.7 and including checks for modern Apple hardware such as A17 and M3 series chips. Darksword, initially targeting iOS 18.4–18.6.2, has been updated to target iOS 18.7 and is now publicly leaked on GitHub, raising the risk of commoditized exploitation beyond targeted campaigns. Apple has patched all exploited flaws in recent iOS releases (18.7.3, 26.2, 26.3.1), and CISA has mandated federal agencies patch three DarkSword-linked vulnerabilities (CVE-2025-31277, CVE-2025-43510, CVE-2025-43520) by April 3, 2026. The dual-kit campaigns, attributed to UNC6353 and associated actors (including UNC6748 and Turkish vendor PARS Defense), highlight the growing commoditization of iOS exploitation tools and elevated risk to end-users globally. Prior context: Coruna was first documented in early March 2026 targeting iOS 13.0–17.2.1 with 23 exploits across five chains, used by UNC6353 and UNC6691 in watering-hole attacks on Ukrainian and Chinese crypto-related websites. Darksword, linked to UNC6353, targets iOS 18.4–18.7 with the modular Darksword malware family, achieving kernel read/write via Safari and enabling rapid exfiltration of sensitive data including cryptocurrency wallets, messages, and system credentials. Both kits share operational overlap, including watering-hole tactics and OPSEC failures, while Apple and CISA have issued patches and advisories to mitigate ongoing threats.

Russian law enforcement arrested a Taganrog resident suspected of founding and administering the LeakBase cybercrime forum in the Rostov region on March 26, 2026. The forum, active since 2021 and previously supported by the ARES threat group, served as a major hub for cybercriminals to trade stolen data, hacking tools, and related services, accumulating over 142,000 members after the Breached forum’s closure in March 2023. The arrest follows a coordinated international takedown codenamed Operation Leak, executed by law enforcement agencies across 15 countries including the U.S., U.K., and multiple EU states, resulting in approximately 100 enforcement actions, including raids, interviews, arrests, and domain seizure.

OpenAI introduced a new Safety Bug Bounty program on March 26, 2026, hosted on Bugcrowd, to incentivize researchers to report AI abuse and safety risks in its products. The program targets scenarios such as agentic risks (e.g., prompt injection, data exfiltration, MCP abuse), integrity violations (e.g., bypassing anti-automation controls, evading account restrictions), and proprietary information exposure. It complements OpenAI’s existing Security Bug Bounty, which since April 2023 has rewarded 409 security vulnerabilities.

An Armenian national, Hambardzum Minasyan, was extradited to the United States to face criminal charges for allegedly administering infrastructure supporting RedLine, a prolific infostealer malware operation. Minasyan is accused of registering virtual private servers, domains, and cryptocurrency accounts used by the RedLine gang, including for receiving affiliate payments and distributing malware. He allegedly managed command-and-control servers and administrative panels while providing support to affiliates and conspiring to steal financial data. If convicted, he faces up to 30 years in prison on charges including access device fraud and money laundering conspiracy.

A forthcoming webinar introduces Exposure-Driven Resilience, a methodology to automate and continuously validate security posture against real attacker behavior. The session emphasizes moving beyond mere existence of controls or active alerts to actively testing whether defenses would withstand a live intrusion attempt. It highlights systematic pressure-testing of both technical controls and operational processes, guided by threat intelligence, and integrating validation into SOC and incident response workflows. Jermain Njemanze and Sébastien Miguel will present practical implementation guidance and conduct a live demonstration of the approach.

Iranian state-sponsored and affiliated cyber threat actors have **formalized a cyber-kinetic war doctrine**, integrating digital reconnaissance with physical strikes following the February 28, 2026, joint US-Israel military operation (*Epic Fury*). New research confirms Iran’s systematic compromise of **Hikvision and Dahua IP cameras** across Israel, Qatar, Bahrain, Kuwait, the UAE, Cyprus, and Lebanon—exploiting **five patched but widely unpatched vulnerabilities** to enable **real-time battle damage assessment and missile-targeting support**. Check Point Research assesses this activity as a **predictive indicator of kinetic strikes**, mirroring tactics used during the June 2025 Israel-Iran conflict. The campaign extends beyond surveillance: **pro-Iranian actors breached Jordan’s Silos and Supply General Company via phishing**, while IRGC-linked groups conducted **limited but targeted ICS/SCADA attacks** and **DDoS campaigns against UAE/Bahrain government entities**. CrowdStrike and Flashpoint warn of escalating hybrid tactics, including **propaganda operations, data center missile strikes, and hacktivist proxies** (e.g., Russian Legion) expanding targets to US-based critical infrastructure. **Pay2Key**, an Iranian-linked ransomware group active since 2020, has **re-emerged in March 2026 with enhanced evasion capabilities**, targeting a US healthcare provider in a three-hour encryption blitz that leveraged TeamViewer, credential harvesting (Mimikatz/LaZagne), and backup enumeration—raising concerns about its **strategic destruction motives** amid geopolitical tensions. Prior waves included **149 hacktivist DDoS attacks** (70% by Keymous+/DieNet) against **110 organizations in 16 countries**, IRGC strikes on **Saudi Aramco and a U.A.E. AWS data center**, and **SMS phishing** via fake *RedAlert* app updates. UNC1549 (Nimbus Manticore) remains a top-tier threat, while Iranian cryptocurrency exchanges adjust operations amid sanctions-induced connectivity blackouts (internet at ~4% capacity). The UK NCSC and GTIG reiterate calls for **DDoS resilience, ICS segmentation, and supply-chain hardening**, with warnings that Iran’s **ransomware-as-smokescreen** and **wiper attacks** may intensify as the conflict progresses.

The UK National Crime Agency (NCA) and NatWest Bank initially warned of rising invoice fraud in January 2026, reporting nearly £4 million in losses from 83 cases in September 2025 and urging businesses to verify payment details. Recent attention has focused on the construction sector, where complex supply chains and high-value email payments create elevated risks. Invoice fraud, a form of business email compromise (BEC), involves impersonating suppliers by changing bank details on fake invoices or hijacking supplier email accounts to gather intelligence before issuing fraudulent invoices. The NCA reports that construction and manufacturing accounted for a quarter of all invoice fraud cases in 2024/25—the highest of any sector. The agency is actively disrupting criminal networks while promoting prevention measures such as checking for email anomalies, verifying invoices via trusted channels, and requiring colleague authorization for high-value payments. Globally, BEC scams cost nearly $2.8 billion in 2024, according to the FBI, underscoring the severity of the threat.

A critical unauthenticated remote code execution vulnerability named PolyShell affects all supported versions of Magento Open Source and Adobe Commerce (version 2), enabling attackers to upload polyglot files via the REST API and achieve code execution. Adobe has released a patch only in the alpha release of version 2.4.9, leaving production deployments vulnerable. Exploitation is now actively occurring in the wild, with mass scanning activity involving over 50 IP addresses since March 19, 2026, and successful compromises detected in 56.7% of all vulnerable stores. Attackers are leveraging the flaw to deploy a new WebRTC-based payment skimmer that bypasses Content Security Policy (CSP) and exfiltrates payment data via encrypted UDP, marking a significant evolution in skimmer tactics. Immediate remediation is critical given the widespread abuse and potential for mass compromise of e-commerce storefronts.

GitHub is integrating AI-powered scanning into its Code Security tool to complement CodeQL static analysis, expanding vulnerability detection across additional languages and frameworks. The hybrid approach targets ecosystems historically difficult to analyze statically, including Shell/Bash, Dockerfiles, Terraform, and PHP, while maintaining CodeQL’s deep semantic analysis for supported languages. The new detections are expected to enter public preview in early Q2 2026. Security findings are surfaced directly within pull requests, enabling early remediation before code merges, with internal testing reporting 80% positive developer feedback and over 170,000 findings processed in 30 days.

Threat actors are leveraging the no-code AI-powered app-building platform Bubble to host and deliver credential phishing web apps targeting Microsoft accounts. The malicious apps, hosted on Bubble’s trusted *.bubble.io domain, evade email security controls by bypassing static and automated analysis due to their complex JavaScript and Shadow DOM structures. Users are redirected to phishing portals mimicking Microsoft login interfaces, often protected by Cloudflare checks, to harvest credentials for Microsoft 365 access, including email, calendar, and sensitive data.

A new info-stealing malware family named Torg Grabber has been identified targeting 850 browser extensions, with over 700 focused on cryptocurrency wallets. Initial access is achieved via the ClickFix technique, involving clipboard hijacking and user tricked into executing malicious PowerShell commands. The malware rapidly evolves, with 334 unique samples compiled in three months and weekly registration of new command-and-control (C2) servers. Torg Grabber employs advanced anti-analysis, multi-layered obfuscation, direct syscalls, and reflective loading to evade detection. It exfiltrates data over HTTPS via Cloudflare, supports chunked uploads, and includes mechanisms to bypass browser cookie protection. The malware targets credentials, cookies, autofill data, and files from 25 Chromium-based browsers and 8 Firefox variants, alongside a wide range of applications including password managers, 2FA tools, messaging platforms, VPNs, and desktop crypto wallets.

Cloud phone platforms—remote-access Android environments hosted in data centers—are increasingly used by threat actors to establish and manage dropper accounts for financial fraud. These environments emulate legitimate smartphones, evading traditional device fingerprinting and emulator detection due to realistic hardware identifiers, sensor data, and mobile network characteristics. Fraud losses in the UK attributed to Authorized Push Payment (APP) scams exceeded £485.2 million in 2022, with dropper accounts identified as a significant vector. Cloud phone services, rented at low cost online, allow operators to control multiple virtual devices without physical hardware, enabling scalable abuse. In some cases, pre-verified bank accounts linked to cloud phone devices are resold on darknet markets, transferring both account access and device context to new actors. This undermines banks’ reliance on device recognition for fraud detection, increasing the risk of transaction approval without additional scrutiny.

Security researchers report a significant escalation in adversary use of legitimate enterprise identities to conduct large-scale network intrusions, creating an "impersonation crisis" that bypasses traditional defenses focused on perimeter detection. Attackers leverage compromised or fraudulently obtained accounts—via social engineering, MFA bypass kits, brute-force campaigns, or fake employee personas using AI deepfakes—to achieve persistent, policy-level access within victim organizations. Intrusions often remain undetected until post-compromise damage occurs, such as data exfiltration or ransomware deployment, due to the adversary’s ability to operate under valid credentials and administrative privileges.

At RSAC 2026, SANS Institute researchers unveiled five AI-driven attack techniques becoming mainstream in 2026, fundamentally altering the cyber threat landscape. Independent researchers demonstrated AI-generated zero-day exploits at minimal cost ($116 in AI token expenses), breaking historical barriers to zero-day development. Supply chain attacks continued to surge, with malicious packages like the Shai-Hulud worm exposing 14,000 credentials across 487 organizations and a China-affiliated group compromising Notepad++ update infrastructure for six months. Operational Technology (OT) environments face increasing accountability crises due to lack of visibility, where evidence evaporates post-compromise and critical infrastructure incidents result in catastrophic outcomes with unclear attribution. Irresponsible AI deployment in Digital Forensics & Incident Response (DFIR) is generating false confidence and undermining response outcomes. Meanwhile, defenders are adopting autonomous defense frameworks like Protocol SIFT to counter AI-driven attacks, achieving up to 47x faster response times in simulated incidents.

GlassWorm has escalated into a multi-stage framework combining remote access trojans (RATs), data theft, and hardware wallet phishing, with the latest iteration leveraging Solana dead drops for C2, a novel browser extension for surveillance, and a shift into the Model Context Protocol (MCP) ecosystem. The campaign now delivers a .NET binary that targets Ledger and Trezor devices by masquerading as configuration errors and prompting users to input recovery phrases, while a Websocket-based JavaScript RAT exfiltrates browser data, executes arbitrary code, and deploys HVNC or SOCKS proxy modules. The malware uses a Google Chrome extension disguised as Google Docs Offline to perform session surveillance on cryptocurrency platforms like Bybit and harvest extensive browser data. Additionally, threat actors have begun distributing malicious payloads via npm packages impersonating the WaterCrawl MCP server, marking GlassWorm’s first confirmed incursion into the AI-assisted development ecosystem. The GlassWorm campaign remains a persistent supply chain threat impacting multiple ecosystems including npm, PyPI, GitHub, and Open VSX. Since its emergence in October 2025, the campaign has evolved from invisible Unicode steganography in VS Code extensions to a sophisticated multi-vector operation spanning 151 compromised GitHub repositories and dozens of malicious npm packages. The threat actor, assessed to be Russian-speaking, continues to avoid infecting Russian-locale systems and leverages Solana blockchain transactions as dead drops for C2 resolution. Recent developments include the ForceMemo offshoot that force-pushes malicious code into Python repositories, the abuse of extensionPack and extensionDependencies for transitive malware delivery, and the introduction of Rust-based implants targeting developer toolchains. The Eclipse Foundation and Open VSX have implemented security measures such as token revocation and automated scanning, but the threat actors have repeatedly adapted by rotating infrastructure, obfuscating payloads, and expanding into new ecosystems like MCP servers.

Cyber threat actors increasingly leverage AI to automate and scale attacks, particularly through identity compromise and advanced social engineering, while geopolitical tensions shape targeting and tactics. Enterprise infrastructures remain vulnerable due to persistent reliance on traditional identity mechanisms and inadequate defenses against evolving attack vectors. The integration of AI into threat operations enhances reconnaissance, malware development, and phishing campaigns, though fully autonomous attack sequences remain largely experimental rather than operational at scale. Defensive strategies must prioritize identity governance and continuous trust validation, with organizations aligning security measures to high-impact assets and geopolitically motivated adversaries.

Underground markets are actively commercializing access to premium AI platforms such as ChatGPT, Claude, Microsoft Copilot, and Perplexity, offering discounted, bundled, or allegedly unrestricted subscriptions to cybercriminals and fraud actors. Access is obtained through methods including exposed API keys and secrets, credential theft and account takeover, bulk account creation with virtual phone numbers, abuse of trial and promotional programs, shared or resold subscriptions, and resale of developer or API access. Threat actors use these accounts to automate fraudulent content generation, craft personalized social engineering campaigns, and accelerate malicious operations across phishing, impersonation, and automation workflows.

Kali Linux 2026.1, the first major release of Kali Linux in 2026, has been published with eight new security tools, a comprehensive theme refresh, and a new BackTrack mode in Kali-Undercover. The update includes a kernel upgrade to version 6.18, 25 new packages, and updates to 183 existing packages. The release targets ethical hackers, penetration testers, and cybersecurity professionals, available as a live environment, installable OS, or via Kali NetHunter on supported hardware including Raspberry Pi and Android devices.

The U.S. Federal Communications Commission (FCC) has expanded its Covered List to prohibit the sale of new consumer-grade routers manufactured outside the United States, citing unacceptable national security risks. The ban targets 'consumer-grade' routers as defined in NIST Internal Report 8425A, intended for residential use and installable by end users, while permitting continued operation of existing routers. Companies with prior FCC authorization for specific foreign-manufactured models may maintain imports of those approved devices. The decision follows a March 20 National Security Determination identifying severe supply-chain vulnerabilities in foreign-made routers, which have been directly implicated in attacks by China-nexus threat actors such as Volt Typhoon, Flax Typhoon, and Salt Typhoon against U.S. critical infrastructure. Exemptions are strictly limited to Department of Defense or Department of Homeland Security drone and surveillance systems, with no blanket exclusions for foreign-made consumer routers. Existing hardware and U.S.-manufactured devices like Starlink routers remain unaffected, though future model availability may decline due to compliance costs and delays.

TeamPCP has expanded their multi-vector CanisterWorm campaign to target the LiteLLM PyPI package (versions 1.82.7 and 1.82.8), embedding credential-stealing malware with automatic execution mechanisms that harvested SSH keys, cloud provider credentials, Kubernetes secrets, database credentials, cryptocurrency wallets, and TLS/SSL private keys before exfiltrating data to attacker-controlled infrastructure and establishing persistent backdoors. The compromised versions were removed from PyPI by March 25, 2026, but researchers warn of downstream breach disclosures and follow-on intrusions due to the volume of stolen credentials. The campaign began as a supply-chain attack involving 47 compromised npm packages and the @teale.io/eslint-config variant, leveraging ICP canisters for decentralized C2 and persistence via masqueraded systemd services. It escalated to include GitHub repository hijacking (e.g., Aqua Security), Docker Hub compromise, and deployment of an infostealer, then pivoted to targeting CI/CD pipelines directly via GitHub Actions workflows (e.g., Checkmarx, Trivy) using stolen credentials. TeamPCP now compromises GitHub Actions workflows and Open VSX extensions to deploy the TeamPCP Cloud stealer, while refining destructive payloads targeting Iranian systems in Kubernetes environments with time-zone/locale-based wipers.

Four former directors of the NSA and US Cyber Command publicly discussed the US government’s offensive cyber strategy, including the definition of a kinetic response ‘red line’ for severe cyberattacks, during a keynote at RSAC 2026 in San Francisco. The panel, moderated by venture capitalist Ted Schlein, addressed the evolution of offensive cyber from a classified concept to a public-facing military capability, the role of the private sector, and the necessity of offensive capabilities for national defense. The discussion followed the release of the Trump administration’s cyber strategy prioritizing offensive cyber and deterrence, and occurred amid a visible decline in US government representation at major cybersecurity conferences.