editorially independent. We may make money when you click on links
to our partners.
Learn More
Major Threats & Vulnerabilities
AI-Driven Exploits and Framework Flaws
The MS-Agent vulnerability in the ModelScope framework enables remote code execution through crafted AI prompts. No patch is available yet, and experts recommend sandboxing MS-Agent with least privileges and monitoring for anomalies.
Meanwhile, a flaw in Perplexity’s Comet browser allowed malicious prompt injections to exfiltrate local files. The issue has been patched, but users are advised to restrict local file access and monitor browser activity.
Critical Infrastructure and Network Vulnerabilities
Juniper PTX routers were found vulnerable due to an exposed On-Box Anomaly Detection service, allowing unauthenticated attackers to gain root-level control. Juniper has released a patch and recommends tightening management access and enforcing MFA.
Trend Micro Apex One users should immediately apply patches for two critical directory traversal vulnerabilities (CVE-2025-71210 and CVE-2025-71211) that allowed unauthenticated file uploads and remote code execution.
The FreeBSD jail escape vulnerability broke filesystem isolation, allowing jailed processes to access the host system. Administrators should apply the patch and review jail configurations.
Malware and Exploitation Campaigns
A new malware campaign dubbed Dohdoor uses DNS-over-HTTPS to hide command-and-control traffic, targeting education and healthcare sectors. The campaign remains active and employs in-memory execution to evade detection.
Attackers are exploiting signed Windows drivers to disable endpoint defenses. Organizations should enable HVCI and WDAC, limit administrative rights, and monitor for suspicious driver loads.
Application and Data Exposure Risks
Researchers identified 1,575 vulnerabilities across 10 popular Android therapy apps, exposing sensitive data of over 14 million users. The flaws include insecure storage and exposed APIs, underscoring the need for third-party risk management.
Industry News
Major Breaches and Data Leaks
LexisNexis confirmed a breach after hackers leaked stolen files, allegedly obtained through a React2Shell exploit. The company stated that most data was outdated and non-financial, urging organizations to patch applications and audit IAM permissions.
A hacktivist group claims to have leaked data from 6,681 companies tied to ICE contracts, potentially exposing sensitive contractor information and increasing phishing risks.
In South Korea, a tax agency leak inadvertently exposed a seized wallet’s recovery phrase, leading to a $4.8 million cryptocurrency theft.
Cybercrime and Law Enforcement Actions
Authorities arrested 30 individuals in a Europol operation targeting a decentralized exploitation network linked to grooming, ransomware, and extremism. The case highlights the intersection of online exploitation and organized cybercrime.
The founder of OnlyFake, an AI-powered fake ID platform, pleaded guilty to producing over 10,000 counterfeit documents used to bypass KYC checks.
An Alabama man admitted to a sextortion campaign targeting hundreds of victims by hijacking social media accounts and extorting them with stolen images.
A Florida reseller received a prison sentence for a $5 million Microsoft activation key fraud, underscoring the risks of gray-market software and the importance of authorized sourcing.
Global Threat Landscape and Physical Risks
Drone strikes on AWS data centers in the UAE and Bahrain caused outages, emphasizing the need for resilience planning that includes physical infrastructure threats.
The UK’s NCSC issued a warning about Iran-linked cyber spillover as Middle East tensions escalate, urging organizations to strengthen DDoS and phishing defenses.
Corporate and Technology Developments
Nasuni’s acquisition of Resilio aims to enhance edge file access and AI data pipeline performance for distributed teams.
Intel’s 2026 growth plan includes a $100–150M investment in a SambaNova partnership to power AI PCs and data centers.
Security Tips & Best Practices
Chrome Extension Hijacked to Deliver Malware and Steal Crypto Wallets
- Audit installed browser extensions regularly.
- Remove or disable unverified or compromised extensions.
- Use endpoint protection to detect malicious browser activity.
Social Engineering Awareness Policy
- Implement a customizable policy to train employees against phishing and social engineering.
- Regularly update awareness materials to reflect new attack tactics.
When Did You Last Test Your BCP and DRP?
- Conduct tabletop exercises and full failover tests to validate recovery capabilities.
- Use breach and attack simulation tools to assess readiness.
- Automate backups and regularly restore data to verify integrity.
- Document recovery time objectives and ensure key personnel have access and tools.
- Regularly test continuity and recovery plans to minimize downtime during incidents.
Is Identity Your Biggest Security Gap?
- Enforce phishing-resistant MFA and just-in-time access to prevent credential abuse.
- Deploy identity threat detection and attack path analysis to identify anomalies early.
- Continuously manage non-human identities and automate credential rotation.
- Strengthen governance for AI-driven and non-human access to reduce risk.
Can Your Defenses Handle AI-Driven Threats?
- Implement phishing-resistant MFA and zero trust solutions to limit lateral movement.
- Deploy AI-powered email filtering, deepfake detection, and behavioral monitoring.
- Conduct regular security awareness training using AI-driven simulations.
Is Your Core Infrastructure Secure Enough?
- Apply firmware patches promptly and disable unused services or ports.
- Restrict management access using dedicated networks or VPNs with MFA.
- Enable configuration change logging and maintain secure backups.
Organizations can explore the Best CRM Software 2026 guide for effective customer data management and analytics solutions.
Subscribers can also participate in TechRepublic’s Refer a Friend Program to earn tech points by inviting colleagues to join the newsletter community.
If you want to see more from our Newsletter Archive please click here.
