Tag: ai-security

Malware Roundup: BlackSanta EDR Killer, BeatBanker Android Trojan, and Zombie ZIP Evasion

Security researchers identified multiple new malware threats including the BlackSanta EDR killer used by Russian actors against HR departments for over a year, BeatBanker Android malware posing as Starlink apps, and the Zombie ZIP technique for evading security tools. Meanwhile, Iranian MOIS actors are increasingly adopting cybercrime tools and infrastructure.

Mar 11, 2026BleepingComputer, Graham Cluley, Cisco Talos, Checkpoint Research, Malwarebytes Labs

edr-evasionandroid-malwarebotnets

🏴Play

🇺🇸X Corp🇺🇸Google

lowApplication Security

Cloudflare Launches AI-Powered Stateful Vulnerability Scanner for Web APIs

Cloudflare announced a new Web and API Vulnerability Scanner that uses artificial intelligence to construct API call graphs and detect logic vulnerabilities that conventional security tools typically miss.

Mar 10, 2026Cloudflare Security

vulnerability-scanningapi-securitycloudflare

highNation-State & APT

Tycoon 2FA Platform Disrupted, Russian Messaging App Attacks, AI Security Bypasses

International law enforcement disrupted the Tycoon 2FA phishing-as-a-service platform that targeted over 500,000 organizations monthly. Meanwhile, Dutch intelligence warns of Russian-linked actors targeting encrypted messaging apps used by government officials worldwide.

Mar 10, 2026Security Affairs, Palo Alto Unit 42

phishinglaw-enforcementrussia

🇺🇸Meta Platforms

mediumIndustry & Policy

White House Shifts to Offensive Cyber Strategy as AI Security Dominates Innovation Landscape

The Trump administration has outlined a new offensive-focused cybersecurity strategy emphasizing preemption and deterrence. Meanwhile, the ShinyHunters group claims to have breached nearly 400 websites through Salesforce Experience Cloud attacks, highlighting ongoing threats to cloud platforms.

Mar 10, 2026Dark Reading, Infosecurity Magazine

policyai-securityoffensive-cyber

🏴ShinyHunters

criticalNation-State & APT

Critical Infrastructure Under Siege: Healthcare Breach Exposes 3.4M Records, Nginx UI Flaw Threatens Backups

Cognizant's TriZetto healthcare platform suffered a breach exposing 3.4 million patient records while a critical vulnerability in Nginx UI allows unauthenticated access to server backups. Meanwhile, AI-assisted security research yielded 22 Firefox vulnerabilities and threat actors continue leveraging GitHub for malware distribution.

Mar 9, 2026Security Affairs

healthcare-breachnginx-vulnerabilityai-security

mediumTools & Techniques

OpenAI Launches Codex Security AI Agent, Identifies 10,561 High-Severity Vulnerabilities in Initial Scan

OpenAI launched Codex Security, an AI-powered security agent that scans code repositories to identify and propose fixes for vulnerabilities. In initial testing, the tool analyzed 1.2 million commits and discovered 10,561 high-severity security issues.

Mar 8, 2026The Hacker News

ai-securityvulnerability-scanningcode-analysis

criticalIndustry & Policy

Cyber Threat Landscape Shifts: AI-Powered Attacks, Critical Cisco Flaws, and Global Enforcement Wins

This week brought critical infrastructure vulnerabilities from Cisco, AI-powered nation-state malware campaigns, and successful law enforcement operations against cybercriminal infrastructure. The convergence of AI tooling in both offensive and defensive operations marks a significant shift in the threat landscape.

Mar 6, 2026Dark Reading, Infosecurity Magazine

threat-intelligencevulnerabilitiesai-security

highIndustry & Policy

Critical AI Tool Flaws and Supply Chain Exposure Highlight Security Challenges

A critical vulnerability in the popular OpenClaw AI tool joins a growing list of AI security issues, while research reveals 26,000 organizations were impacted by supply chain attacks. Meanwhile, law enforcement scored a major win with 30 arrests from 'The Com' cybercriminal collective.

Mar 3, 2026Dark Reading, Infosecurity Magazine

ai-securitysupply-chainvulnerability-management

criticalMalware & Threats

Critical Infrastructure Under Fire: AWS Drone Strikes, Android Zero-Day, and AI-Powered Attack Tools

Physical attacks on AWS infrastructure in the Middle East caused extensive cloud service outages, while Google patched an actively exploited Qualcomm zero-day affecting Android devices. Multiple major data breaches and the weaponization of AI security tools highlight escalating threat landscape complexity.

Mar 3, 2026BleepingComputer, Cisco Talos

awszero-dayransomware

🇺🇸Amazon🇺🇸Google

lowCloud Security

Wiz Details Visibility Gaps in Modern AI Application Security

Wiz researchers detail why conventional security tooling struggles with AI application visibility across distributed cloud environments. The company proposes implementation-agnostic approaches to address these monitoring gaps.

Mar 3, 2026Wiz Blog

ai-securitycloud-visibilityapplication-monitoring

highVulnerabilities & Exploits

Weekly Vulnerability Roundup: OpenClaw AI Agent Hijacking, Vim Command Injection, and Vitess Path Traversal

Security researchers disclosed a high-severity vulnerability in OpenClaw that allows malicious websites to hijack local AI agents via WebSocket connections. Microsoft's security update guide also published three new CVEs affecting Vim and Vitess.

Mar 1, 2026The Hacker News, MSRC Security Updates

vulnerability-disclosureai-securitycommand-injection

highVulnerabilities & Exploits

ClawJacked Vulnerability in OpenClaw Enables Browser-Based AI Agent Hijacking

Security researchers at Oasis Security have identified a critical vulnerability dubbed ClawJacked in OpenClaw that enables attackers to hijack AI agents through malicious websites. The attack requires only a simple browser tab to compromise AI assistants.

Feb 28, 2026Hackread

ai-securitybrowser-hijackingopenclaw