Week in Review: Infostealer Dropped via FortiClient EMS Flaw, Exploited Trend Micro Apex One Flaw
The week’s headlines were dominated by critical vulnerabilities and active exploits. FortiClient’s Enterprise Management Server (CVE‑2026‑35616) was leveraged to spread a broad‑range infostealer across corporate endpoints, while Trend Micro’s Apex One suffered a zero‑day path‑traversal attack (CVE‑2026‑34926). Microsoft released patches for a high‑severity SharePoint remote‑code‑execution flaw (CVE‑2026‑45659), and phishing actors abused Adobe’s A/B testing platform and LinkedIn‑styled emails to lure victims. The Verizon 2026 Data Breach Investigations Report, covering over 31,000 incidents, underscored the accelerating pace of AI‑driven threats.
Dutch Police Disrupts Botnet Composed of 17 Million Devices
Dutch police and the National Cyber Security Center seized 200 servers that powered a botnet of roughly 17 million compromised devices, ranging from computers and smartphones to IoT gadgets. The operation, triggered by a security researcher’s tip, took the network offline...
LinkedIn-Themed Phishing Abuses Adobe’s A/B Testing Platform
A new phishing campaign is targeting professionals with LinkedIn‑styled business emails that contain a PDF‑named HTML attachment. When opened, the attachment displays a counterfeit LinkedIn login page that auto‑fills the victim’s email and captures credentials. The malicious page is delivered...
Claroty Targets Cyber-Physical System Risks with AI-Powered Security Agent
Claroty unveiled Claroty Claire, an AI‑driven security agent built natively for cyber‑physical systems (CPS). The agent leverages a CPS‑specific language model trained on more than a decade of industry data and insights from over 6,500 OEMs. Deployed across 20,000+ sites in...
Humanix Expands Detection to Identify Live Violations of Security Procedures
Humanix unveiled a new capability that detects live violations of organization‑defined IT support procedures. The conversational‑AI platform monitors voice, chat, email, and ticket interactions to flag impersonation, manipulation, and attempts to bypass security steps in real time. By identifying the...
The Behavioral Signals that Sharpen Trojan Malware Detection
A recent study introduced a Trojan detection framework that trims 146 sandbox‑derived attributes down to 33 high‑impact features and feeds them into a custom neural network (TrDNN). Tested on 3,000 Windows executables—including benign, suspicious, and malicious samples—the model outperformed ten...
Detectify Brings AppSec Automation to AI Agents with MCP Server and Continuous Testing
Detectify has launched the Model Context Protocol (MCP) Server, an integration layer that embeds its application security testing engines into AI‑driven development pipelines. The platform lets autonomous coding agents retrieve real‑time vulnerability data, generate remediation patches, and trigger validation scans...
Tamnoon Introduces Skill-Based AI Orchestration for Autonomous Cloud Defense
Tamnoon has upgraded its AI engine, Tami, into a skill‑based orchestrator that creates custom remediation workflows for each enterprise. Trained on over 6 million real cloud fixes from 800+ accounts, Tami now offers a Remediation Confidence Score and a Safe Vulnerability...
High-Severity SharePoint RCE Bug Patched by Microsoft (CVE-2026-45659)
Microsoft has issued patches for the high‑severity SharePoint remote code execution flaw CVE‑2026‑45659, which impacts SharePoint Server Subscription Edition, SharePoint Server 2019 and SharePoint Enterprise Server 2016. The vulnerability stems from deserialization of untrusted data and allows an authenticated attacker...
Cisco Refines Its Risk-Based Vulnerability Disclosure for the AI Era
Cisco announced it will use advanced AI models to accelerate vulnerability discovery and shift to a risk‑based disclosure approach. The new framework will prioritize bugs that are actively exploited or have high impact, while low‑risk findings may be bundled into...
US States Step up Cyber Defenses to Protect Local Communities
U.S. state governments are expanding cyber defense programs—including cybersecurity clinics, regional security operations centers (RSOCs), and state cyber corps—to protect local communities and essential services. A new guide from UC Berkeley’s Center for Long‑Term Cybersecurity outlines a roadmap for shared...
OpenHack: Open-Source AI-Powered Vulnerability Research
Hadrian, a Dutch security firm, released OpenHack, an MIT‑licensed, file‑based workspace that enables AI‑assisted vulnerability research. The platform integrates with coding harnesses such as Claude Code, Codex and Cursor, orchestrating agents through a state‑machine workflow while preserving all data in...
$20 per Zero-Day Is Already the WordPress Plugin Reality
Researchers from TrendAI and CHT Security demonstrated an AI‑driven pipeline that identified more than 300 critical zero‑day flaws across WordPress plugins in just 72 hours. The system combined static analysis, Docker provisioning, and Chrome DevTools verification, and each finding was...
GitLab 19.0 Adds AI Workflows, Secrets Management, and Self-Hosted Model Support
GitLab unveiled version 19.0, adding a public‑beta Secrets Manager, AI‑enhanced merge‑request workflows, and expanded CI visibility. The release also introduces self‑hosted support for four new open‑source large language models, enabling air‑gapped deployments. Supply‑chain security is bolstered with SBOM‑based dependency scanning...
Keepnet Contributes Voice and SMS Phishing Data to the 2026 Verizon DBIR
Keepnet’s voice and SMS phishing simulation data has been incorporated into Verizon’s 2026 Data Breach Investigations Report, marking the first DBIR edition to feature phone‑centric phishing at scale. The report records a median click rate of 2% for voice/SMS simulations...