Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Cybersecurity Recap - 16 June 2026
Zero-Day Exploitation, AI-Driven Threats and Identity Risks
By Paratus
Marketing Team
01 / Blog Article
Weekly Cybersecurity Recap - 16 June 2026
Introduction
Artificial intelligence, identity security, and active vulnerability exploitation continued to dominate the cybersecurity landscape last week. Organizations faced a growing number of high-impact threats, ranging from zero-day vulnerabilities in widely used enterprise platforms to increasingly sophisticated ransomware operations and AI-assisted attack techniques. At the same time, security leaders are being forced to rethink traditional defenses as attackers adopt new methods that target identities, software supply chains, and trusted business systems.
The week also highlighted a broader shift in cyber risk management. While phishing volumes may be declining, threat actors are becoming more precise and effective, leveraging AI, credential abuse, and advanced exploitation techniques to maximize impact. In response, enterprises are increasing investments in security training, patch management, and identity governance as they work to strengthen resilience against an increasingly complex threat environment.
Vulnerability Alerts and Active Exploitation
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation revealed that the financially motivated threat group initially operated as an affiliate conducting double-extortion attacks. The group leveraged infrastructure and resources from several ransomware-as-a-service ecosystems, including LockBit, Qilin, and Medusa. Researchers noted that the operation has already claimed 478 victims and demonstrated capabilities that could allow ransomware infections to spread more aggressively across environments.
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
Google confirmed that threat actors linked to ShinyHunters exploited a critical Oracle PeopleSoft vulnerability as a zero-day to steal organizational data. The flaw, tracked as CVE-2026-35273, affects PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62, as well as PeopleSoft Enterprise Applications. Oracle has issued mitigations and security guidance, although patches were not immediately available at the time of disclosure.
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
Ivanti, Fortinet, and SAP released updates addressing multiple critical vulnerabilities that could enable arbitrary code execution and information disclosure. Among the most severe issues is Fortinet’s CVE-2026-25089, a command injection flaw affecting FortiSandbox products and carrying a CVSS score of 9.1. Organizations are encouraged to apply updates promptly to reduce exposure.
OpenSSL Patches High-Severity Vulnerability Found With AI
OpenSSL addressed 18 vulnerabilities, including CVE-2026-45447, a high-severity heap user-after-free flaw that could potentially lead to remote code execution. The vulnerability affects PKCS#7 signature verification and can be triggered using specially crafted PKCS#7 or S/MIME signed messages. Notably, the flaw was identified through collaboration between a researcher, Claude AI, and Anthropic Research, demonstrating AI’s growing role in vulnerability discovery.
Check Point warns of zero-day flaw targeted by ransomware affiliate
Check Point disclosed active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw stems from improper certificate validation and can allow attackers to establish VPN sessions without requiring a password. Researchers believe ransomware affiliates have been abusing the vulnerability for more than a month.
AI, Identity and Emerging Threats
AI being used to diversify attacks beyond phishing and email, says UAE cybersecurity chief
According to UAE Cyber Security Council head Dr. Mohamed Al Kuwaiti, threat actors are increasingly using AI to expand their attack strategies beyond traditional phishing and email-based campaigns. AI is now being leveraged to facilitate data theft, exfiltration, and destructive cyber operations, creating a broader and more sophisticated threat landscape.
4 Critical Threats Where Attackers Have the Advantage
Security analysts identified deepfakes, software supply chain compromises, prompt injection attacks, and AI application compromises as the four most significant threats facing enterprises today. These risks ranked highest in Gartner’s 2026-27 ThreatScape analysis, highlighting areas where attackers currently maintain a strategic advantage over defenders.
Companies are failing to keep up with AI’s identity sprawl, creating entry points for hackers
A Netwrix report found that many organizations lack adequate oversight of AI-generated identities, even as AI agents gain access to sensitive business data and critical operational functions. The report revealed that three-quarters of organizations are not fully monitoring AI identities, increasing the risk of unauthorized access and compromise.
Threat Landscape and Attack Trends
Phishing Attack Volume Down 20%, but Risk Still Rising
Zscaler’s 2026 phishing report found that phishing activity has declined across many industries, but researchers caution that the threat remains significant. Attackers are shifting away from mass campaigns toward highly targeted operations designed to achieve higher success rates, making individual attacks more dangerous and effective.
Security Strategy and Workforce Development
Enterprises report increasing budgets for security training in AI and other critical topics
Organizations are responding to evolving cyber risks by increasing investments in security awareness and training programs. Nearly three-quarters of surveyed organizations reported larger training budgets over the past year, with many focusing on emerging threats such as AI-enabled attacks, ransomware, and phishing. Companies are also balancing in-house expertise with third-party training providers to strengthen workforce readiness.
Weekly Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 April 2025
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Weekly Cybersecurity Recap - 14 April 2025
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Weekly Cybersecurity Recap - 21 April 2025
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
Weekly Cybersecurity Recap - 28 April 2025
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
Weekly Cybersecurity Recap - 5 May 2025
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
Weekly Cybersecurity Recap - 12 May 2025
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Weekly Cybersecurity Recap - 19 May 2025
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Weekly Cybersecurity Recap - 26 May 2025
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Weekly Cybersecurity Recap - 2 June 2025
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
Weekly Cybersecurity Recap - 9 June 2025
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Weekly Cybersecurity Recap - 16 June 2025
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Weekly Cybersecurity Recap - 23 June 2025
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Weekly Cybersecurity Recap - 30 June 2025
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 July 2025
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap - 14 July 2025
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 11 August 2025
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap - 25 August 2025
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
Weekly Cybersecurity Recap - 1 September 2025
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
Weekly Cybersecurity Recap - 8 September 2025
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
Weekly Cybersecurity Recap - 15 September 2025
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
Weekly Cybersecurity Recap - 22 September 2025
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 6 October 2025
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
Weekly Cybersecurity Recap - 13 October 2025
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Weekly Cybersecurity Recap - 20 October 2025
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
Weekly Cybersecurity Recap - 27 October 2025
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
Weekly Cybersecurity Recap - 3 November 2025
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
Weekly Cybersecurity Recap - 17 November 2025
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Weekly Cybersecurity Recap - 24 November 2025
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
Weekly Cybersecurity Recap - 8 December 2025
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Weekly Cybersecurity Recap - 15 December 2025
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Weekly Cybersecurity Recap - 19 January 2026
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Weekly Cybersecurity Recap - 26 January 2026
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Weekly Cybersecurity Recap - 2 February 2026
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Weekly Cybersecurity Recap - 9 February 2026
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
Weekly Cybersecurity Recap - 16 February 2026
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Weekly Cybersecurity Recap - 23 February 2026
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Weekly Recap
Weekly Cybersecurity Recap - 2 March 2026
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft.
Weekly Recap
Weekly Cybersecurity Recap - 9 March 2026
These developments underscore the urgency for organizations to strengthen defenses across identity, infrastructure, and emerging technologies.
Weekly Recap
Weekly Cybersecurity Recap - 16 March 2026
From destructive malware warnings and supply-chain attacks targeting developer ecosystems to vulnerabilities in widely used enterprise platforms, organizations are facing a rapidly evolving threat landscape.
Weekly Recap
Weekly Cybersecurity Recap - 23 March 2026
The latest cybersecurity developments highlight a surge in critical vulnerabilities, targeted ransomware campaigns, and evolving threats tied to remote work and artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 30 March 2026
The past week highlights a cybersecurity landscape shaped by active exploitation, evolving phishing techniques, and growing concerns around artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 6 April 2026
From a sophisticated nation-state operation resulting in a $285 million loss to widespread abuse of open-source ecosystems, attackers are increasingly leveraging both technical and human vulnerabilities to maximize impact.
Weekly Recap
Weekly Cybersecurity Recap - 13 April 2026
From AI models deemed too powerful for public release to persistent weaknesses in cloud and industrial environments, organizations are being forced to rethink how they approach resilience, governance, and threat detection in an increasingly complex ecosystem.
Weekly Recap
Weekly Cybersecurity Recap - 20 April 2026
The cybersecurity landscape is entering a new phase where artificial intelligence is not only transforming defense strategies but also accelerating the scale and sophistication of attacks.
Weekly Recap
Weekly Cybersecurity Recap - 27 April 2026
The cybersecurity landscape is increasingly shaped by the convergence of artificial intelligence, identity-centric threats, and supply chain dependencies.
Weekly Recap
Weekly Cybersecurity Recap - 4 May 2026
The past week underscores a critical shift in cybersecurity, where speed, scale, and automation are redefining both attack and defense dynamics.
Weekly Recap
Weekly Cybersecurity Recap - 11 May 2026
This week also saw critical vulnerability disclosures affecting widely used platforms such as Ivanti EPMM and cPanel/WHM, reinforcing the urgency of patch management and proactive defense strategies.
Weekly Recap
Weekly Cybersecurity Recap - 18 May 2026
Artificial intelligence, identity compromise, and software supply-chain abuse continued to dominate the cybersecurity landscape last week, with organizations facing increasingly automated and fast-moving threats.
Weekly Recap
Weekly Cybersecurity Recap - 25 May 2026
Cybersecurity threats continue to evolve at an aggressive pace, with last week highlighting a dangerous mix of supply chain compromises, actively exploited vulnerabilities, and escalating attacks against critical industries.
Weekly Recap
Weekly Cybersecurity Recap - 1 June 2026
Last week’s cybersecurity developments once again highlighted the growing risks tied to software supply chains, credential theft, and social engineering attacks.
Weekly Recap
Weekly Cybersecurity Recap - 8 June 2026
Cybersecurity developments last week highlighted the growing convergence of AI, software supply chain risk, and enterprise resilience.
Protect your business with Paratus
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
96%
Risks from dealing with clients and traders decrease by 96%