Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Cybersecurity Recap - 11 May 2026
AI Escalation, Supply Chain Risks and Ransomware Trends
By Paratus
Marketing Team
01 / Blog Article
Weekly Cybersecurity Recap - 11 May 2026
Introduction
Artificial intelligence, ransomware, and supply chain compromises continued to dominate the cybersecurity landscape this week as organizations faced increasingly automated and large-scale threats. From AI-powered attacks accelerating vulnerability exploitation to new concerns surrounding autonomous coding agents, the pace and sophistication of cyber operations are evolving faster than many organizations can adapt to. At the same time, researchers and regulators are warning that unequal access to advanced defensive AI capabilities could widen the global cybersecurity gap, leaving smaller businesses and nations more exposed to emerging threats.
Last week also saw critical vulnerability disclosures affecting widely used platforms such as Ivanti EPMM and cPanel/WHM, reinforcing the urgency of patch management and proactive defense strategies. Threat actors continued targeting cloud environments, financial platforms, and educational services through ransomware, banking trojans, and credential-stealing malware. Researchers additionally uncovered how AI tools were leveraged during attacks on operational technology (OT) environments, highlighting the growing convergence between cyber threats and critical infrastructure risks.
AI and Emerging Threat Landscape
The global cybersecurity gap deepens as AI-powered attacks surge
Restricted access to powerful defensive AI tools like Anthropic’s Mythos leaves some companies, central banks, and nations more vulnerable than others. AI-driven cyberattacks are surging because models can now weaponize software vulnerabilities within hours of their discovery. A massive global shortage of cybersecurity professionals is compounding the risk of an “AI bugocalypse.”
Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion
Cybersecurity firm Dragos detailed an intrusion targeting a municipal water and drainage utility in Monterrey, Mexico, where attackers reportedly leveraged AI tools to assist operations against industrial control systems (ICS). The attack formed part of a broader campaign targeting multiple Mexican government organizations between December 2025 and February 2026.
AI Coding Agents Could Fuel Next Supply Chain Crisis
Researchers from Adversa.AI warned that autonomous AI coding agents could introduce a new generation of supply chain threats. Claude Code’s automation capabilities may be abused to create or distribute insecure code at scale, particularly as agentic AI tools become deeply integrated into modern development workflows.
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
Following concerns around advanced AI systems such as Claude Mythos, the U.S. government announced plans for NIST’s Center for AI Standards and Innovation (CAISI) to conduct pre-deployment evaluations of frontier AI models from Google, Microsoft, and xAI. The initiative represents one of the strongest government efforts so far to assess cybersecurity risks posed by increasingly capable AI technologies before public release.
Vulnerabilities and Patch Alerts
cPanel, WHM Release Fixes for Three New Vulnerabilities - Patch Now
cPanel released updates addressing three vulnerabilities affecting cPanel and Web Host Manager (WHM). The flaws could potentially enable privilege escalation, remote code execution, and denial-of-service attacks, prompting administrators to apply updates immediately.
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
Ivanti published May 2026 security updates for Endpoint Manager Mobile (EPMM), fixing five vulnerabilities including CVE-2026-6973, a high-severity improper input validation flaw actively exploited in targeted attacks. Successful exploitation could allow authenticated attackers with admin privileges to achieve remote code execution.
Malware, Ransomware and Financial Threats
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Researchers identified a previously undocumented Brazilian banking trojan called TCLBANKER capable of targeting 59 banking, fintech, and cryptocurrency platforms. The malware spreads using worm-like propagation through WhatsApp Web and Outlook, continuing the evolution of financially motivated malware campaigns.
Canvas E-Learning Platform Breached by Cybercriminals
The Canvas learning management system used by millions of students and educators experienced a cyber disruption after attackers claimed responsibility for breaching the platform. Users reported being redirected to a ransomware note associated with the ShinyHunters group, while Instructure confirmed service disruptions affecting the platform.
Businesses hide vast majority of ransomware attacks, report finds
Research from BlackFog revealed that while 264 ransomware attacks were publicly disclosed during the first quarter of 2026, more than 2,100 additional attacks likely went unreported. The findings highlight the persistent visibility gap surrounding ransomware activity and the growing challenge organizations face in addressing reputational and operational risks tied to cyber incidents.
Cloud and Supply Chain Security
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Researchers uncovered a modular cloud worm named PCPJack that removes previous TeamPCP malware infections while secretly harvesting sensitive credentials tied to cloud, developer, productivity, container, and financial services. Security analysts warned that affected organizations could face significant exposure if secrets are not properly protected through vaulting and multifactor authentication.
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
Analysis of more than 25 million security alerts across enterprise environments revealed that organizations frequently overlook low-severity alerts, unintentionally institutionalizing dangerous visibility gaps. Researchers warned that attackers increasingly exploit these ignored signals to establish footholds and move laterally inside networks.
Weekly Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 April 2025
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Weekly Cybersecurity Recap - 14 April 2025
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Weekly Cybersecurity Recap - 21 April 2025
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
Weekly Cybersecurity Recap - 28 April 2025
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
Weekly Cybersecurity Recap - 5 May 2025
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
Weekly Cybersecurity Recap - 12 May 2025
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Weekly Cybersecurity Recap - 19 May 2025
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Weekly Cybersecurity Recap - 26 May 2025
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Weekly Cybersecurity Recap - 2 June 2025
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
Weekly Cybersecurity Recap - 9 June 2025
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Weekly Cybersecurity Recap - 16 June 2025
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Weekly Cybersecurity Recap - 23 June 2025
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Weekly Cybersecurity Recap - 30 June 2025
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 July 2025
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap - 14 July 2025
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 11 August 2025
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap - 25 August 2025
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
Weekly Cybersecurity Recap - 1 September 2025
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
Weekly Cybersecurity Recap - 8 September 2025
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
Weekly Cybersecurity Recap - 15 September 2025
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
Weekly Cybersecurity Recap - 22 September 2025
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 6 October 2025
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
Weekly Cybersecurity Recap - 13 October 2025
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Weekly Cybersecurity Recap - 20 October 2025
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
Weekly Cybersecurity Recap - 27 October 2025
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
Weekly Cybersecurity Recap - 3 November 2025
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
Weekly Cybersecurity Recap - 17 November 2025
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Weekly Cybersecurity Recap - 24 November 2025
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
Weekly Cybersecurity Recap - 8 December 2025
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Weekly Cybersecurity Recap - 15 December 2025
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Weekly Cybersecurity Recap - 19 January 2026
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Weekly Cybersecurity Recap - 26 January 2026
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Weekly Cybersecurity Recap - 2 February 2026
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Weekly Cybersecurity Recap - 9 February 2026
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
Weekly Cybersecurity Recap - 16 February 2026
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Weekly Cybersecurity Recap - 23 February 2026
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Weekly Recap
Weekly Cybersecurity Recap - 2 March 2026
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft.
Weekly Recap
Weekly Cybersecurity Recap - 9 March 2026
These developments underscore the urgency for organizations to strengthen defenses across identity, infrastructure, and emerging technologies.
Weekly Recap
Weekly Cybersecurity Recap - 16 March 2026
From destructive malware warnings and supply-chain attacks targeting developer ecosystems to vulnerabilities in widely used enterprise platforms, organizations are facing a rapidly evolving threat landscape.
Weekly Recap
Weekly Cybersecurity Recap - 23 March 2026
The latest cybersecurity developments highlight a surge in critical vulnerabilities, targeted ransomware campaigns, and evolving threats tied to remote work and artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 30 March 2026
The past week highlights a cybersecurity landscape shaped by active exploitation, evolving phishing techniques, and growing concerns around artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 6 April 2026
From a sophisticated nation-state operation resulting in a $285 million loss to widespread abuse of open-source ecosystems, attackers are increasingly leveraging both technical and human vulnerabilities to maximize impact.
Weekly Recap
Weekly Cybersecurity Recap - 13 April 2026
From AI models deemed too powerful for public release to persistent weaknesses in cloud and industrial environments, organizations are being forced to rethink how they approach resilience, governance, and threat detection in an increasingly complex ecosystem.
Weekly Recap
Weekly Cybersecurity Recap - 20 April 2026
The cybersecurity landscape is entering a new phase where artificial intelligence is not only transforming defense strategies but also accelerating the scale and sophistication of attacks.
Weekly Recap
Weekly Cybersecurity Recap - 27 April 2026
The cybersecurity landscape is increasingly shaped by the convergence of artificial intelligence, identity-centric threats, and supply chain dependencies.
Weekly Recap
Weekly Cybersecurity Recap - 4 May 2026
The past week underscores a critical shift in cybersecurity, where speed, scale, and automation are redefining both attack and defense dynamics.
Protect your business with Paratus
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
96%
Risks from dealing with clients and traders decrease by 96%