Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Cybersecurity Recap - 2 March 2026
Major Vulnerabilities, Exploits and Industry Updates
By Paratus
Marketing Team
01 / Blog Article
Weekly Cybersecurity Recap - 2 March 2026
Introduction
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft. From exposed cloud API keys granting access to AI services, to authentication bypass flaws exploited for years, defenders are confronting threats that combine persistence with automation.
AI tools are simultaneously strengthening defensive capabilities and being weaponized offensively, while supply-chain attacks and infostealer-driven ransomware strategies continue reshaping the threat model. The following developments illustrate how exposure, automation, and credential abuse are converging across environments.
Active Exploitation and Infrastructure Risk
Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
Cisco revealed that CVE-2026-20127, a critical authentication bypass vulnerability in its Catalyst SD-WAN Controller, has been exploited for at least three years. With a maximum CVSS score of 10, the flaw allows attackers to send crafted requests and gain high-privileged access to vulnerable systems.
The longevity of exploitation underscores visibility gaps in network infrastructure and the risks posed by unpatched edge and controller systems.
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Shadowserver reported over 900 Sangoma FreePBX instances remain infected with web shells following exploitation of CVE-2025-64328, a high-severity command injection vulnerability. Hundreds of affected systems are located in the U.S., with additional cases across multiple countries.
The compromises demonstrate how telephony and communications infrastructure remain attractive targets for persistent access.
Data Exposure and Breaches
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
Truffle Security identified nearly 3,000 exposed Google API keys embedded in client-side code. Once specific APIs were enabled, these keys could authenticate to sensitive Gemini endpoints and potentially access private data.
While API keys are typically considered billing identifiers, the research highlights how misconfiguration and exposure can extend their impact far beyond cost controls.
38 Million Allegedly Impacted by ManoMano Data Breach
Around 38 million individuals were potentially impacted after attackers compromised a customer support subcontractor tied to ManoMano. The breach was disclosed weeks after the January incident.
Third-party risk continues to amplify breach impact, reinforcing the importance of vendor security oversight.
AI Security and Abuse
Hackers Weaponize Claude Code in Mexican Government Cyberattack
Claude Code was reportedly used to assist in attacks against ten Mexican government bodies and a financial institution. Researchers found over 1,000 prompts were submitted to the AI tool to facilitate attack planning and execution.
The incident illustrates how AI coding assistants can be misused to accelerate reconnaissance and exploit development.
Claude Code Security Shows Promise, Not Perfection
Anthropic launched Claude Code Security, a vulnerability scanning feature integrated into its agentic coding assistant. Currently in research preview, the tool scans codebases, prioritizes vulnerabilities, and suggests fixes for human review.
While promising, analysts note that human oversight remains essential, and expectations of immediate disruption may be premature.
Supply Chain and Malware Campaigns
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
A malicious Go module masquerading as a legitimate crypto library exfiltrates terminal-entered credentials and deploys the Rekoobe Linux backdoor. The package injects malicious code, retrieves remote shell scripts, and establishes persistent SSH access.
The attack reinforces the persistent risk within open-source ecosystems, particularly when dependency verification is weak.
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Threat actors are distributing trojanized gaming tools through browser downloads and chat platforms to deploy a Java-based remote access trojan.
By exploiting trusted distribution channels and gaming communities, attackers expand reach while lowering suspicion.
Ransomware Evolution
Ransomware: As Infostealers Bite, Prevention Beats Recovery
Modern ransomware groups are increasingly skipping encryption and instead focusing on credential theft and data exfiltration. Infostealers and phishing campaigns provide initial access, enabling extortion without locking files.
This shift highlights the growing importance of identity protection, credential hygiene, and proactive monitoring over traditional backup-centric recovery strategies.
Weekly Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 April 2025
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Weekly Cybersecurity Recap - 14 April 2025
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Weekly Cybersecurity Recap - 21 April 2025
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
Weekly Cybersecurity Recap - 28 April 2025
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
Weekly Cybersecurity Recap - 5 May 2025
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
Weekly Cybersecurity Recap - 12 May 2025
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Weekly Cybersecurity Recap - 19 May 2025
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Weekly Cybersecurity Recap - 26 May 2025
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Weekly Cybersecurity Recap - 2 June 2025
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
Weekly Cybersecurity Recap - 9 June 2025
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Weekly Cybersecurity Recap - 16 June 2025
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Weekly Cybersecurity Recap - 23 June 2025
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Weekly Cybersecurity Recap - 30 June 2025
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 July 2025
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap - 14 July 2025
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 11 August 2025
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap - 25 August 2025
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
Weekly Cybersecurity Recap - 1 September 2025
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
Weekly Cybersecurity Recap - 8 September 2025
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
Weekly Cybersecurity Recap - 15 September 2025
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
Weekly Cybersecurity Recap - 22 September 2025
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 6 October 2025
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
Weekly Cybersecurity Recap - 13 October 2025
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Weekly Cybersecurity Recap - 20 October 2025
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
Weekly Cybersecurity Recap - 27 October 2025
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
Weekly Cybersecurity Recap - 3 November 2025
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
Weekly Cybersecurity Recap - 17 November 2025
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Weekly Cybersecurity Recap - 24 November 2025
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
Weekly Cybersecurity Recap - 8 December 2025
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Weekly Cybersecurity Recap - 15 December 2025
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Weekly Cybersecurity Recap - 19 January 2026
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Weekly Cybersecurity Recap - 26 January 2026
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Weekly Cybersecurity Recap - 2 February 2026
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Weekly Cybersecurity Recap - 9 February 2026
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
Weekly Cybersecurity Recap - 16 February 2026
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Weekly Cybersecurity Recap - 23 February 2026
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Protect your business with Paratus
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
96%
Risks from dealing with clients and traders decrease by 96%