CISA KEV Updates, APT28 Campaign, and Agentic AI Security Challenges

CISA Adds Three Vulnerabilities to KEV Catalog

CISA added three security flaws to its Known Exploited Vulnerabilities catalog on Monday, citing evidence of active exploitation in the wild. The additions include:

CVE-2021-22054 (CVSS 7.5): Server-side request forgery vulnerability in Omnissa Workspace One UEM
SolarWinds vulnerability (specific CVE not detailed in available information)
Ivanti vulnerability (specific CVE not detailed in available information)

Federal agencies must patch these vulnerabilities by the CISA-mandated deadline, while private sector organizations should prioritize these fixes given confirmed active exploitation.

APT28 Deploys BEARDSHELL and COVENANT Against Ukrainian Military

ESET researchers documented a sustained surveillance campaign by Russian state-sponsored group APT28 (Fancy Bear) targeting Ukrainian military personnel since April 2024. The operation employs two distinct malware families:

BEARDSHELL: Custom implant for initial access and persistence
COVENANT: Framework for long-term surveillance activities

The campaign represents continued Russian cyber operations against Ukrainian defense infrastructure, with APT28 maintaining access for extended intelligence collection.

Threat Actors Target Salesforce Experience Cloud Sites

Salesforce warned of increased threat activity exploiting misconfigurations in publicly accessible Experience Cloud sites. Attackers are using a modified version of the open-source AuraInspector tool to:

Mass-scan for vulnerable Salesforce implementations
Exploit overly permissive guest user configurations
Access sensitive data through configuration weaknesses

Organizations using Salesforce Experience Cloud should review guest user permissions and implement principle of least privilege.

Malicious npm Package Targets macOS Users

Cybersecurity researchers identified a malicious npm package masquerading as an OpenClaw installer. The package "@openclaw-ai/openclawai" was uploaded March 3, 2026, and has been downloaded 178 times. The malware:

Deploys a remote access trojan (RAT)
Steals macOS credentials and sensitive data
Remains available in the npm registry

Developers should verify package authenticity and implement supply chain security measures when installing dependencies.

UNC4899 Compromises Crypto Firm via AirDrop Attack

Mandiant attributed a sophisticated cryptocurrency theft to North Korean group UNC4899 (Jade Sleet). The attack vector involved:

Developer AirDropping a trojanized file to their work device
Subsequent cloud environment compromise
Theft of millions in cryptocurrency

The incident highlights risks of personal device usage in corporate environments and the need for strict BYOD policies.

AI Agent Security Challenges Emerge

Multiple sources addressed growing security concerns around agentic AI systems. These autonomous AI agents can:

Send emails and move data independently
Manage software systems without human oversight
Create new "back door" opportunities for attackers

Microsoft announced security features for Agent 365 and Microsoft 365 E7 to address these challenges, while security researchers called for comprehensive auditing of AI agent workflows.

Additional Vulnerability Disclosures

Microsoft Security Response Center published details for two additional vulnerabilities:

CVE-2026-28419: Heap-based buffer underflow in Vim's Emacs tags parsing
CVE-2025-10966: Missing SFTP host verification in wolfSSH

Both vulnerabilities require assessment and potential patching based on organizational usage of affected components.

Attack Surface Management Focus

Security practitioners emphasized the importance of attack surface reduction as time-to-exploit continues shrinking. Organizations should:

Inventory internet-facing assets comprehensively
Reduce unnecessary exposure before vulnerabilities emerge
Implement continuous attack surface monitoring

The approach shifts focus from reactive patching to proactive exposure management.

Sources