A critical cryptographic signature verification vulnerability in ConnectWise ScreenConnect versions prior to 26.1 allows attackers to extract ASP.NET machine keys and forge authentication tokens, enabling unauthorized access and privilege escalation. The flaw, tracked as CVE-2026-3564, affects both cloud-hosted and on-premises deployments and has been observed being targeted in the wild. Exploitation results in unauthorized session authentication and potential compromise of managed systems accessed via ScreenConnect.

North Korea's state-linked APTs—particularly Jasper Sleet and Coral Sleet—continue to expand their IT worker scams using AI to fabricate identities, automate social engineering, and deploy malware, while simultaneously diversifying revenue streams to fund weapons programs. OFAC sanctions now confirm the scheme's scale and structure, revealing a multi-tiered network of recruiters, facilitators, IT workers, and collaborators that has infiltrated U.S. and international companies to steal sensitive data and extort victims. The use of AI tools like Faceswap for identity fabrication and Astrill VPN for geographic obfuscation underscores the sophistication of these operations, which are deeply embedded in North Korea's sanctions-evasion and revenue-generation machinery. Initial reporting by Microsoft documented how Jasper Sleet and Coral Sleet leverage AI to research job postings, generate fake resumes, create culturally tailored digital personas, and develop web infrastructure for malicious purposes. These groups use AI coding tools to refine malware and jailbreak LLMs to generate malicious code, complicating detection while enabling long-term persistence as insider threats. The scheme's expansion into malware deployment and extortion activities further increases its impact, with a significant portion of earnings funneled back to North Korea to support its missile programs.

The Interlock ransomware gang has been exploiting a zero-day remote code execution (RCE) vulnerability in Cisco’s Secure Firewall Management Center (FMC) software (CVE-2026-20131) since January 26, 2026, nearly two months before Cisco’s March 4, 2026 patch. The flaw, due to insecure Java deserialization, allowed unauthenticated attackers to execute arbitrary code as root via the web-based management interface. Amazon’s threat intelligence team reported active exploitation in attacks targeting enterprise firewalls, while Cisco initially stated there was no evidence of in-the-wild abuse. The vulnerability’s disclosure underscores the persistent risk of zero-day exploits in critical infrastructure, compounded by Interlock’s prior activities, including links to ClickFix and campaigns deploying the NodeSnake remote access trojan against U.K. universities since 2024.

A critical insecure deserialization vulnerability in Cisco Secure Firewall Management Center (FMC) Software, tracked as CVE-2026-20131 (CVSS 10.0), is being actively exploited by the Interlock ransomware group to gain unauthenticated remote root access on unpatched systems. The flaw enables unauthenticated remote attackers to bypass authentication and execute arbitrary Java code with root privileges via crafted HTTP requests to a specific endpoint. Exploitation has been observed as a zero-day since January 26, 2026, more than a month before public disclosure and patch availability. The attack chain includes post-exploitation tooling such as custom JavaScript/Java RATs, PowerShell reconnaissance scripts, Linux reverse proxy configuration tools, memory-resident web shells, and ConnectWise ScreenConnect for persistence. Compromised environments are being leveraged for ransomware operations and secondary monetization.

A local privilege escalation (LPE) vulnerability has been disclosed in Ubuntu Desktop 24.04 and later, tracked as CVE-2026-3888, enabling attackers with minimal access to escalate to full root privileges. The flaw results from the interaction between snap-confine and systemd-tmpfiles, where attackers exploit delayed automated cleanup processes (10–30 days) to replace critical directories with malicious payloads. Triggering snap-confine execution of these files achieves root access without requiring user interaction. Impact includes complete system compromise on affected Ubuntu releases using vulnerable snapd versions.

Marquis Software Solutions has **confirmed** that its **August 2025 ransomware attack** exposed the **personal and financial data of 672,075 individuals**—including names, Social Security numbers, Taxpayer Identification Numbers, and financial account details—after threat actors exploited firewall configuration files stolen from SonicWall’s MySonicWall cloud backup breach. The company, which serves **700+ U.S. banks and credit unions**, completed its forensic review in **December 2025** and began notifying affected individuals in **March 2026**, while facing **over 36 consumer class-action lawsuits** and a self-initiated **lawsuit against SonicWall** for alleged **gross negligence and misrepresentation**. Marquis alleges SonicWall’s **February 2025 API code change** introduced the vulnerability, delayed disclosure by three weeks, and understated the breach’s scope (initially claiming <5% of customers were affected, later confirmed as 100%). The SonicWall incident began with a **September 2025 breach** of its MySonicWall portal, where attackers accessed **AES-256-encrypted credentials, network topology details, and MFA recovery codes** for all cloud backup users. This data fueled follow-on attacks, including the **Marquis breach** and Akira ransomware campaigns bypassing MFA via stolen OTP seeds. SonicWall collaborated with Mandiant to attribute the breach to **state-sponsored actors** and released remediation tools, but **950+ unpatched SMA1000 appliances** remain exposed online. The Marquis lawsuit—seeking damages, indemnification, and legal fees—could set a precedent for **vendor liability**, as enterprises increasingly pursue legal action against cybersecurity providers for contribution or negligence in third-party breaches. CISA and SonicWall continue to urge firmware updates, credential resets, and MFA enforcement to mitigate ongoing risks.

A cryptocurrency-themed browser extension named ShieldGuard, marketed as a security tool for crypto wallets, was dismantled after researchers discovered it functioned as malware designed to harvest sensitive user data from major crypto platforms and general browsing sessions. The operation employed social media promotion, browser extension listings, and token airdrop incentives to lure users into installing the malicious extension. ShieldGuard targeted Binance, Coinbase, MetaMask, and general browsing activity, capturing wallet addresses, HTML content post-login, session persistence, and enabling remote code execution via a command-and-control (C2) server.

A structured underground market has emerged where threat actors commodify refund fraud techniques as tutorials, operational guides, and "as-a-service" offerings to exploit major retailers and payment platforms. Actors profit by manipulating customer-service processes, return policies, and chargeback systems—leveraging social engineering and knowledge of internal workflows rather than malware or hacking. The schemes target high-volume consumer platforms such as Amazon, PayPal, Apple, eBay, Walmart, Best Buy, and digital payment services, capitalizing on customer-friendly refund policies. Retailers processed approximately $685 billion in returns in 2024, with an estimated $103 billion (15%) attributed to fraudulent activity, compounded by $4 in operational costs per $1 lost. Fraud methods sold online include refund without return, chargeback fraud, goods swapping, empty-box returns, and policy manipulation. The ecosystem lowers barriers to entry, enabling novice and experienced actors alike to participate in scalable refund fraud schemes, with tutorials priced between $50 and $300 and commission-based "refund fraud as a service" models.

The Coruna iOS exploit kit campaign has expanded with the emergence of a new, highly sophisticated iOS malware family named Darksword. Targeting iPhones running iOS 18.4 through 18.6.2, Darksword is attributed to the Russian threat actor UNC6353, which is also linked to the earlier Coruna exploit kit. Discovered by Lookout Threat Labs in collaboration with Google’s Threat Intelligence Group and iVerify, Darksword leverages known but patched vulnerabilities to execute kernel read/write attacks via Safari, enabling rapid exfiltration of sensitive data including cryptocurrency wallets, messages, location history, and health data. The malware is designed as a modular, professionally engineered platform with evidence of large language model tools used for development and extensibility. Unlike Coruna, Darksword focuses on immediate data theft and self-wipes temporary files after exfiltration, indicating a shift toward opportunistic financial espionage rather than long-term surveillance. Apple has already patched the exploited vulnerabilities in current iOS releases, and users are advised to upgrade to iOS 26.3.1 and enable Lockdown Mode if at high risk. Prior context: The Coruna exploit kit, first observed in February 2025, targeted iOS versions 13.0 to 17.2.1 with 23 exploits across five chains, used by multiple actors including UNC6353 and UNC6691. It delivered payloads via the PlasmaGrid stager to steal wallet recovery phrases and other sensitive data, and was used in watering hole attacks on Ukrainian and Chinese crypto-related websites. CISA added three Coruna-linked vulnerabilities to its Known Exploited Vulnerabilities catalog, and Apple backported fixes to older devices. The Coruna kit marked a shift from targeted spyware to broader iOS exploitation, including crypto theft, and was linked to U.S. military contractor L3Harris via Operation Zero.

An attacker compromised a Nordstrom marketing infrastructure path via an Okta SSO to Salesforce integration, then sent fraudulent St. Patrick’s Day cryptocurrency scam emails to Nordstrom customers from the legitimate [email protected] address. The emails urged recipients to rapidly deposit crypto to double the amount within two hours, using grammatical errors and urgency to deceive. Nordstrom confirmed the unauthorized campaign and warned customers that no legitimate Nordstrom communication requests crypto transfers. Some customers reportedly sent funds to attacker-controlled wallet addresses before the company issued a takedown notice.

In 2025, threat actors leveraged AI and automation to compress the time between public vulnerability disclosure and exploitation from weeks to days or even minutes, significantly reducing the traditional "predictive window" for defenders. The median time between vulnerability publication and inclusion in CISA’s Known Exploited Vulnerabilities (KEV) catalog decreased from 8.5 days to 5 days, while the mean dropped from 61 days to 28.5 days. The use of AI accelerated reconnaissance, automated decision-making, and industrialized social engineering, enabling rapid weaponization of known weaknesses such as exposed services, weak identity controls, and unpatched edge infrastructure. Confirmed exploitation of high-severity CVEs (CVSS 7–10) rose 105% year-over-year, with deserialization, authentication bypass, and memory corruption flaws most frequently exploited—often against file transfer systems, edge appliances, and collaboration platforms.

A recently observed Magecart skimmer employs a three-stage loader chain that conceals its malicious payload within the EXIF metadata of a dynamically loaded favicon, executing entirely in the browser during checkout without ever residing in the merchant’s source code or repository. The attack abuses third-party CDN-hosted resources (legitimate-looking favicon paths) and leverages JavaScript obfuscation and dynamic script injection to retrieve and decode the payload from binary image data. Stolen payment data is exfiltrated directly from the victim’s browser to attacker-controlled infrastructure. This campaign highlights the operational blind spot of repository-centric static analysis tools, which cannot detect threats injected into third-party assets or embedded in runtime-executed binary metadata. The technique underscores the need for continuous client-side runtime monitoring as a critical control layer for web supply chain attacks.

Nine vulnerabilities across IP KVM devices from four vendors enable unauthenticated attackers to gain root access, execute arbitrary code, or bypass security controls, posing critical risks to connected systems. The flaws span GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM, with the most severe allowing unauthenticated root access or arbitrary code execution. Exploitation can undermine Secure Boot, disk encryption, and operating system-level security measures, granting persistent, undetected access to compromised hosts. Researchers highlight systemic issues including missing firmware signature validation, absent authentication, and exposed debug interfaces as recurring themes.

Vidar 2.0 has expanded its operations through malvertising campaigns leveraging fake game cheats distributed on GitHub and Reddit. Hundreds of GitHub repositories are being used to deliver the infostealer, with Reddit posts promoting Counter-Strike 2 cheats that redirect to malicious sites. The campaigns employ sophisticated loaders with PowerShell scripts and obfuscated AutoIt payloads, alongside advanced evasion techniques such as Defender exclusions, Themida packing, and Telegram/Steam dead-drop C2 resolvers. The infostealer, first announced on October 6, 2025, by developer "Loadbaks," has evolved into a stealthier and more powerful threat with multithreaded execution, polymorphic builds, and advanced anti-analysis features. Its rising adoption follows law enforcement disruption of rival infostealers Lumma and Rhadamanthys, reshaping the infostealer landscape.

Mesh Security has operationalized Gartner’s Cybersecurity Mesh Architecture (CSMA) by launching a platform that continuously discovers, prioritizes, and eliminates viable multi-hop attack paths to critical assets (Crown Jewels) through unified context across existing security tools. The platform addresses the operational gap where isolated signals—such as misconfigurations, entitlement overreach, or unpatched vulnerabilities—fail to be correlated into actionable attack paths. Mesh CSMA builds an identity-centric Mesh Context Graph™ that maps relationships between users, workloads, services, and data stores, anchoring all risk assessment to business-critical systems. Viable attack paths are dynamically ranked using live threat intelligence, and remediation actions are orchestrated across tools (CSPM, IGA, ZTNA, etc.) without requiring rip-and-replace of existing infrastructure. The solution includes continuous validation of detection gaps, enabling proactive risk reduction across prevention, detection, and response.

Gartner predicts that by 2028, at least 50% of enterprise incident response efforts will focus on resolving security issues stemming from custom-built AI applications, driven by their rapid deployment without adequate testing and security controls. Security teams currently lack defined processes for handling AI-related incidents, leading to prolonged resolution times and elevated operational overhead. To mitigate risks, Gartner advises integrating security teams early in AI development lifecycles to enforce controls, a strategy termed "shifting left". Concurrently, AI-powered security tools are expected to become critical, with 50% of organizations adopting such platforms within two years to protect third-party AI services and custom-built applications against threats like prompt injection and data misuse.

A high-severity vulnerability in default Ubuntu installations (versions 24.04 and later) enables local attackers to escalate privileges to root by exploiting a timing-based interaction between snap-confine and systemd-tmpfiles. Exploitation requires low privileges and no user interaction, but depends on a specific cleanup window (10–30 days) where systemd-tmpfiles removes the /tmp/.snap directory. Attackers can then recreate the directory with malicious payloads that snap-confine bind mounts during sandbox initialization, executing arbitrary code with root privileges.

Apple’s Background Security Improvements update addressed CVE-2026-20643, a WebKit flaw enabling malicious web content to bypass Same Origin Policy restrictions via the Navigation API. The vulnerability impacted iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2, exposing users to data leakage or spoofing risks. The fix was delivered as a lightweight, out-of-band patch via Apple’s Background Security Improvements mechanism, eliminating the need for a full OS upgrade or device restart. Background Security Improvements updates can be managed via Privacy & Security settings, with options for automatic installation and rollback to baseline OS versions if removed.

An unauthenticated remote attacker can execute arbitrary code with root privileges via CVE-2026-32746, a critical out-of-bounds write vulnerability in the GNU InetUtils telnet daemon (telnetd) affecting versions through 2.7. The flaw resides in the LINEMODE Set Local Characters (SLC) suboption handler during the initial Telnet handshake, enabling exploitation before any login prompt appears. Successful exploitation requires only a single connection to port 23 and does not require credentials, user interaction, or special network positioning, leading to potential full system compromise.

Ransomware operators increasingly rely on native Windows utilities and built-in tooling to evade detection amid declining ransom payments and heightened defensive measures. Initial access frequently leverages stolen credentials (21%) and exploited vulnerabilities in VPNs and firewalls (33%), while lateral movement predominantly uses RDP (85%), SMB, and SSH. Data theft accompanies 77% of attacks, with victim shaming via leak sites rising despite reduced payment rates. The ecosystem’s disruption—driven by law enforcement, crowded actor competition, and improved recovery—has pushed adversaries toward ‘evasion through normalcy,’ reducing reliance on signatured tools like Cobalt Strike Beacon (2% in 2025 vs. 11% in 2024) and Mimikatz (18% in 2025 vs. 20% in 2024).

The Council of the European Union imposed sanctions on three Chinese companies, two Iranian entities, and two individuals for their roles in cyberattacks, botnet operations, and influence campaigns targeting the EU and third countries. The measures include asset freezes and travel bans, targeting entities and individuals involved in compromising over 65,000 devices, critical infrastructure intrusions, SMS service hijacking, and misinformation campaigns during major events. The sanctions align with prior actions by U.S. authorities, which previously linked some entities to state-sponsored threat actors and documented extensive offensive operations.

Security researchers and BeyondTrust demonstrated a DNS-based data exfiltration method in AWS Bedrock AgentCore Code Interpreter's sandbox mode, allowing attackers to establish bidirectional command-and-control channels, obtain interactive reverse shells, and exfiltrate sensitive data via DNS queries despite network isolation restrictions. The technique leverages malicious instructions embedded in files and requires overly permissive IAM roles to access AWS resources such as S3 buckets. AWS confirmed the behavior as intended functionality and updated documentation, recommending migration from sandbox mode to VPC mode for sensitive workloads. BeyondTrust assigned a CVSS score of 7.5 to the issue. The findings highlight architectural challenges in sandbox isolation and underscore the risks of overprivileged IAM roles in AI code execution environments.

An Android runtime manipulation technique leveraging the LSPosed framework has been disclosed, enabling attackers to intercept, spoof, or inject data at the OS level to bypass mobile payment protections such as SMS-based 2FA, SIM-binding, and app integrity checks. The attack targets legitimate payment apps without code modification, retaining valid signatures and evading Google Play Protect. Malicious modules like "Digital Lutera" hook system APIs to intercept SMS 2FA tokens, spoof device identities, and manipulate device databases in real time. By combining a compromised victim device with a manipulated attacker-controlled device, fraudsters exploit weakened SIM-binding and backend trust models to authorize unauthorized transactions and reset payment PINs without user awareness.

LeakNet ransomware has expanded its operations by adopting the ClickFix social engineering tactic delivered through compromised websites, which instruct users to run malicious 'msiexec.exe' commands via fake CAPTCHA checks. The group continues to deploy a Deno-based in-memory loader to execute Base64-encoded JavaScript payloads, fingerprint systems, and stage follow-on malware via polling loops, while maintaining a consistent post-exploitation chain involving DLL sideloading, credential discovery via 'klist', lateral movement via PsExec, and data staging using compromised Amazon S3 buckets. LeakNet first emerged in November 2024, presenting itself as a 'digital watchdog' focused on internet freedom and transparency, and has targeted industrial entities according to Dragos. The group’s shift away from initial access brokers reduces per-victim costs and operational bottlenecks. ReliaQuest also observed a separate intrusion attempt using Microsoft Teams-based phishing leading to a Deno-based loader, suggesting either a broadening of LeakNet’s tactics or adoption by other actors. The operation’s average of three monthly victims may increase as the group scales its new initial access and execution methods.

The rapid adoption of autonomous AI agents requires a fundamental shift from traditional guardrails to identity-first governance models to prevent data exfiltration, destructive actions, and systemic failures. Security frameworks must treat AI agents as first-class identities with explicit ownership, authentication, scoped permissions, and continuous monitoring. Current approaches relying on prompt filtering and output controls are deemed insufficient due to the non-deterministic and adaptive nature of AI agents, which can bypass such constraints over time. The focus shifts to controlling access—limiting systems reach, data access, and executable actions—while enforcing intent-based policies rather than static permissions inherited from human users. Organizations are urged to eliminate 'shadow AI' through continuous discovery of machine identities, tokens, and service accounts to prevent unauthorized agents from operating with default trust.

A novel attack abuses font-rendering and CSS techniques to present visually distinct malicious commands to end users while hiding them from AI assistants, enabling social-engineering-driven command execution. Attackers craft malicious instructions encoded in custom glyph mappings and concealed via CSS (font size, foreground/background color matching, or near-zero opacity), making the payload invisible to text-based AI parsers while rendering clearly to users. Users visiting a malicious page are tricked into executing the hidden payload (e.g., reverse-shell initiation) under the guise of legitimate rewards. AI assistants analyzing only the DOM or raw HTML receive a sanitized view and incorrectly deem the instructions safe, reinforcing erroneous trust.

Microsoft has reversed its plan to automatically install the Microsoft 365 Copilot app on Windows devices outside the European Economic Area (EEA). The forced rollout, originally scheduled to begin in early December 2025 and complete by mid-December, was halted in March 2026 and temporarily disabled without an official explanation. Existing installations remain unaffected. IT administrators can still opt out of automatic installation via the Apps Admin Center and may use new policies to uninstall Copilot on managed devices. Microsoft initially announced in September 2025 that the Copilot app would integrate AI-powered features across Microsoft 365 suite apps (Word, Excel, PowerPoint) and be added to the Windows Start Menu by default, with completion by mid-November 2025. The app was positioned as a centralized entry point for Copilot experiences, though opt-out controls remained available for administrators.

Microsoft and Samsung have released recovery guidance to resolve persistent Windows C:\ drive access issues affecting Samsung laptops running Windows 11 versions 25H2 and 24H2. Users experiencing 'Access denied' errors, app failures, or permission-related problems must follow a 29-step procedure to restore default Windows permissions and uninstall the Samsung Galaxy Connect app. The fix reinstates TrustedInstaller ownership of the C:\ drive and normalizes system behavior without modifying personal files. Affected users are advised to contact Samsung Support if issues persist after applying the update.

Fifty-four percent of UK organizations reported cyber operations attributed to nation state actors in 2025, according to Armis’ 2026 Cyberwarfare Report, representing an increase from 47% in the prior year. Geopolitical tensions are cited as the primary driver, with 80% of UK IT decision-makers stating that escalating international hostilities have heightened the risk of cyber warfare. Nearly all respondents (92%) expressed concern about the potential consequences of a full-scale cyber conflict, and 76% believe state actors possess the capability to disrupt global critical infrastructure.

A 2026 study by Pentera reveals systemic gaps in enterprise AI security as CISOs report limited visibility and reliance on outdated tooling. The survey of 300 US CISOs and senior security leaders highlights that 67% lack comprehensive visibility into AI usage across their organizations, with 48% citing this as a primary obstacle alongside a 50% shortfall in specialized AI security expertise. Only 11% of organizations deploy AI-specific security tools, forcing reliance on legacy controls that fail to address AI-specific attack vectors such as autonomous decision-making and indirect access pathways.