Today's security brief highlights critical vulnerabilities and active exploitation, particularly concerning AI agents and Ivanti products. Several major data breaches have also been disclosed, alongside significant law enforcement actions against cybercrime infrastructure.

Agentjacking Attack Tricks AI Coding Agents — Researchers have uncovered "Agentjacking," a new attack class that tricks AI coding agents into running malicious code on developer machines, often via crafted error reports. Read more →
Ivanti Sentry Exploitation Attempts Hitting Honeypots — Exploitation attempts for the critical Ivanti Sentry OS command injection vulnerability (CVE-2026-10520) are actively hitting honeypots, allowing attackers to execute arbitrary code with root privileges. CISA has ordered federal agencies to patch this flaw by Sunday. Read more →
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to RCE — Three patched security flaws in LangGraph, an open-source framework for AI agentic applications, including a critical vulnerability chain, could lead to remote code execution. Read more →
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day — Google has confirmed that the ShinyHunters group exploited an Oracle PeopleSoft zero-day (CVE-2026-35273) in the wild, leading to data theft from universities. Oracle has since mitigated the vulnerability. Read more →
Pharma Giant Novo Nordisk Discloses Clinical Trials Data Breach — Danish pharmaceutical company Novo Nordisk has disclosed a data breach impacting patient information from some of its clinical trials. Read more →
Iranian Cyber Group Handala Claims Cal Water Hack — The Iranian cyber group Handala claims to have hacked Cal Water, publishing 5GB of data including customer personal information and credentials for the RTKBase platform. Read more →
INTERPOL Operation Takes Down Sniper Dz Phishing Platform — An INTERPOL-led operation, "Operation Ramz," disrupted Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, leading to 201 arrests across 13 countries. Read more →
Europol Disrupts AudiA6 Crypto Laundering Service — Europol has dismantled AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks to wash over €336 million (~$389 million) in illicit profits. Read more →