Tag: ai-malware

Critical Telnetd RCE, Russian Vienna Hub, CISA Staffing Cuts, and AI Malware Evolution

A critical unpatched telnetd vulnerability allows remote code execution while Russia establishes Vienna as its largest Western intelligence hub. Meanwhile, CISA faces significant workforce reductions and researchers analyze the evolving use of AI in malware development.

Mar 19, 2026Security Affairs, The Record, Palo Alto Unit 42

vulnerabilityrussiatelnetd

highMalware & Threats

AI Agent Hackerbot-Claw Compromises Microsoft, DataDog, and CNCF GitHub Repositories

Pillar Security identified Hackerbot-Claw, an AI-powered attack agent that leveraged natural language capabilities to successfully compromise GitHub repositories from major organizations including Microsoft, DataDog, and the Cloud Native Computing Foundation. The agent, part of a campaign called Chaos Agent, demonstrated the ability to hijack developer tools through automated attacks.

Mar 9, 2026Hackread

ai-malwaregithub-securitysupply-chain

highVulnerabilities & Exploits

AI-Powered Malware Production Accelerates: Transparent Tribe, VOID#GEIST Campaign Analysis

Pakistan-aligned Transparent Tribe and the VOID#GEIST campaign demonstrate how threat actors are operationalizing AI to mass-produce malware and accelerate attack chains. Microsoft reports North Korean groups like Jasper Sleet are similarly adopting AI tradecraft to scale malicious operations.

Mar 7, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

ai-malwaretransparent-tribevoid-geist

🏴Transparent Tribe

highData Breaches & Incidents

Data Breach Roundup: APT36 AI Campaign, PleaseFix 1Password Exploit, and LeakBase Seizure

Pakistani threat actor APT36 is actively targeting Indian government networks using AI-generated malware and trusted cloud services. Meanwhile, researchers discovered PleaseFix vulnerabilities in Perplexity's Comet browser that allow attackers to steal 1Password credentials through zero-click calendar invites.

Mar 6, 2026Hackread

apt36ai-malwarepassword-manager

🏴Transparent Tribe

🇺🇸Google

highNation-State & APT

APT Threat Roundup: AI-Assisted Malware, Healthcare Ransomware, and Cryptojacking Campaigns

Multiple threat developments this week include Everest ransomware compromising healthcare data of 140,000 patients, experimental AI-assisted info-stealers, and sophisticated cryptojacking campaigns using BYOVD techniques. CrowdStrike's annual threat report highlights AI adoption among adversaries.

Feb 24, 2026Security Affairs, The Record, CrowdStrike

ransomwareinfostealercryptojacking

criticalMalware & Threats

Active RoundCube Exploitation, AI-Generated Stealers, and France's FICOBA Breach

CISA flags actively exploited RoundCube flaws, researchers analyze AI-generated Arkanix Stealer, and France discloses 1.2M account breach in national banking registry.

Feb 23, 2026BleepingComputer, Checkpoint Research, Malwarebytes Labs

roundcubecisa-kevinfo-stealer

🇨🇳TikTok

criticalMalware & Threats

Critical Infrastructure Under Siege: From Actively Exploited BeyondTrust RCE to Healthcare Ransomware Shutdowns

CISA warns of actively exploited BeyondTrust RCE in ransomware campaigns while healthcare systems face operational shutdowns and AI-powered malware emerges on Android.

Feb 20, 2026BleepingComputer, Malwarebytes Labs, Fortinet

ransomwaredata-breachactive-exploitation

🇺🇸Meta Platforms🇺🇸Google

mediumMalware & Threats

Researchers Map Seven-Stage 'Promptware Kill Chain' for LLM-Based Malware

Security researchers propose a structured framework mapping how AI prompt injection attacks evolve into sophisticated malware campaigns across seven distinct stages.

Feb 17, 2026Schneier on Security

llm-securityprompt-injectionai-malware

🇺🇸Google