Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices
A financially motivated threat actor exploited various commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries between January 11 and February 18, 2026. The campaign marks a defining demonstration of how AI is lowering the technical entry barrier to offensive cyber operations, enabling a low- to medium-skilled individual or small group to execute...
CVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).
Information published. - Read more
Chromium: CVE-2026-2649 Integer overflow in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. - Read more
Compromised npm package silently installs OpenClaw on developer machines
A new security bypass has users installing AI agent OpenClaw — whether they intended to or not. Researchers have discovered that a compromised npm publish token pushed an update for the widely-used Cline command line interface (CLI) containing a malicious postinstall script. That script installs the wildly popular, but increasingly condemned, agentic application OpenClaw on...
PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months
PayPal disclosed a software error in its Working Capital platform that exposed sensitive customer data, including Social Security numbers, for months in 2025.
The post PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months appeared first on TechRepublic. - Read more
Metasploit Wrap-Up 02/20/2026
Hacking Churches and Backdooring EmacsThis release packs some solid exploit module additions! Two new unauthenticated RCE modules are a major win: the StoryChief WordPress plugin exploit (CVE-2025-7441) targets a webhook validation flaw allowing arbitrary file uploads, while the ChurchCRM exploit (CVE-2025-62521) abuses the installation wizard to inject PHP code for persistent access. Both establish Meterpreter sessions. On the persistence front, there's a creative Emacs...
AI-augmented threat actor accesses FortiGate devices at scale
Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale—a trend Amazon Threat Intelligence has been tracking closely. A recent investigation illustrates this shift: Amazon Threat Intelligence observed a Russian-speaking financially motivated threat actor leveraging multiple commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries from January...
Latest article
2025 FINMA ISAE 3000 Type II attestation report available with 183 services in scope
Amazon Web Services (AWS) is pleased to announce the issuance of the Swiss Financial Market Supervisory Authority (FINMA) Type II attestation report...
Vulnerability monitoring service secures public-sector websites faster
An automated scanning system has cut the time it takes to fix cybersecurity vulnerabilities across public sector IT systems, reducing...
Chrome Gemini Vulnerability Lets Attackers Access Victims’ Camera and Microphone Remotely
A high-severity security vulnerability has been discovered in Google Chrome’s integrated Gemini AI assistant, exposing users to unauthorized camera and microphone access, local file...
2nd March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 2nd March, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
Wynn Resorts, a...
