← Latest brief

Security news.

·Morning Brief

Today's security brief highlights active exploitation of a Cisco SD-WAN vulnerability and new phishing tactics abusing .arpa DNS. The growing role of AI in both offense and defense is also a prominent theme, with discussions on AI assistants shifting security priorities and threat actors leveraging AI in their attacks.

SECURITYWEEKEXPLOIT
Mar 8READ

Cisco Catalyst SD-WAN Vulnerability Widely Exploited

WatchTowr reports widespread exploitation attempts for CVE-2026-20127 affecting Cisco Catalyst SD-WAN.

BLEEPINGPHISHING
Mar 8READ

Hackers Abuse .arpa DNS and IPv6 to Evade Phishing Defenses

Threat actors are leveraging the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns to bypass domain reputation checks and email security gateways.

KREBS
Mar 8READ

AI Assistants Shifting Security Priorities

The increasing popularity of autonomous AI agents with access to user systems is rapidly changing security priorities for organizations.

BLEEPINGPHISHING
Mar 8READ

EU Court Adviser: Banks Must Immediately Refund Phishing Victims

An Advocate General of the CJEU has issued an opinion suggesting banks should immediately refund account holders for unauthorized transactions, even if the victim is at fault.

THN
Mar 7READ

OpenAI Codex Security Scanned 1.2 Million Commits, Found 10,561 High-Severity Issues

OpenAI has rolled out Codex Security, an AI-powered agent designed to find, validate, and propose fixes for vulnerabilities, available in research preview.

BLEEPING
Mar 7READ

Microsoft: Hackers Abusing AI at Every Stage of Cyberattacks

Microsoft reports that threat actors are increasingly using AI in their operations to accelerate attacks, scale malicious activity, and lower technical barriers.

BLEEPINGRANSOMWARE
Mar 7READ

Termite Ransomware Breaches Linked to ClickFix CastleRAT Attacks

Velvet Tempest ransomware actors are using the ClickFix technique and legitimate Windows utilities to deploy DonutLoader malware and the CastleRAT backdoor.

SECURITYWEEKMALWARE
Mar 7READ

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

A new report indicates that more than 100 GitHub repositories are distributing the BoryptGrab stealer, which targets browser and cryptocurrency wallet data.

Generated twice daily from public security RSS feeds. Informational only.