Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
AI-Powered Attacks, Critical Zero-Days, Ransomware Evolution & UAE Cyber Defense
Last week’s cybersecurity landscape underscored how artificial intelligence is reshaping both cyber defense and offensive operations. While new AI-powered security models and automated detection capabilities continue to strengthen defenders, threat actors are leveraging AI to accelerate ransomware attacks, exploit vulnerabilities faster, and automate complex intrusion techniques at unprecedented speed.
Alongside these developments, organizations faced a surge in actively exploited vulnerabilities, evolving ransomware campaigns, and growing concerns around breach transparency. From the UAE successfully defending critical financial infrastructure to increasingly sophisticated attacks targeting enterprise technologies, the week's events highlight the importance of rapid patching, resilient security operations, and responsible cybersecurity governance.
OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI
OpenAI announced a limited preview of GPT-5.6, introducing three new AI models - Sol, Terra, and Luna - with Sol positioned as its most advanced cybersecurity model to date. Following consultations with the U.S. government, the company is initially providing access only to a select group of trusted partners, reflecting continued caution around releasing highly capable cybersecurity AI systems.
AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
Sysdig researchers identified what they believe is the first ransomware attack autonomously executed by an AI agent. The operation exploited a Langflow remote code execution vulnerability, with the AI independently performing initial access, credential theft, lateral movement, and database encryption. The findings suggest AI agents could significantly lower the technical barriers for launching sophisticated cyberattacks.
When Too Much Security Data Became the Risk
As organizations generate enormous volumes of security telemetry, collecting everything is no longer sustainable. One CISO demonstrated how artificial intelligence can intelligently filter firewall and security logs before they reach the SIEM, helping reduce operational costs while allowing analysts to focus on the most meaningful security events.
Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution
Researchers discovered two critical vulnerabilities, CVE-2026-50548 and CVE-2026-50549, affecting the Cursor AI code editor. Dubbed "DuneSlide," the flaws allow attackers to escape the IDE sandbox and execute code directly on the host operating system, highlighting growing security concerns surrounding AI-powered developer tools.
New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure
Attackers began exploiting CVE-2026-8451 less than 24 hours after Citrix released patches and technical details became public. The vulnerability affects NetScaler ADC and Gateway appliances configured as SAML identity providers, allowing memory disclosure through an out-of-bounds read vulnerability and demonstrating how quickly newly disclosed flaws are weaponized.
Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability
Cisco confirmed active exploitation of CVE-2026-20230 affecting Unified Communications Manager and Unified CM SME. The SSRF vulnerability enables attackers to write arbitrary files to the underlying operating system, potentially leading to root-level access. Organizations are urged to apply available patches immediately.
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
Researchers observed the Anubis ransomware group exploiting Citrix Bleed 2 (CVE-2025-5777) for initial access while combining bring-your-own-vulnerable-driver (BYOVD) techniques and stolen supply chain credentials. Originally emerging as a rebrand of Sphinx ransomware, Anubis continues to evolve its attack capabilities to maximize enterprise compromise.
FortiBleed Hacks Tied to INC Ransom and Lynx Operation
SOCRadar linked the FortiBleed campaign - which compromised more than 430,000 FortiGate firewalls to harvest credentials - to ransomware groups INC Ransom and Lynx. Investigators observed operators actively managing ransomware negotiations, strengthening evidence of direct collaboration between credential theft operations and ransomware deployment.
Azure Password-Spraying Attack Bypasses MFA Defenses
Huntress researchers identified an automated password-spraying campaign targeting Microsoft Office 365 accounts through the Azure command-line interface. In several cases, attackers successfully bypassed multifactor authentication protections, underscoring the need for stronger identity security controls beyond traditional MFA.
UAE thwarts sophisticated cyberattacks targeting financial sector
The UAE Cybersecurity Council announced that the country's national cybersecurity system successfully detected and contained sophisticated attacks targeting financial institutions. By following established national cybersecurity protocols, authorities minimized operational impact while protecting the stability of the UAE's critical digital financial infrastructure.
Most cybersecurity workers have been told to conceal a breach, report finds
Bitdefender's latest industry survey found that 55% of cybersecurity professionals have been instructed to keep security breaches confidential. Based on responses from 1,200 IT and cybersecurity professionals across multiple countries, the report raises concerns about organizational transparency, breach reporting practices, and cyber governance.
Weekly Recap
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Recap
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Weekly Recap
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft.
Weekly Recap
These developments underscore the urgency for organizations to strengthen defenses across identity, infrastructure, and emerging technologies.
Weekly Recap
From destructive malware warnings and supply-chain attacks targeting developer ecosystems to vulnerabilities in widely used enterprise platforms, organizations are facing a rapidly evolving threat landscape.
Weekly Recap
The latest cybersecurity developments highlight a surge in critical vulnerabilities, targeted ransomware campaigns, and evolving threats tied to remote work and artificial intelligence.
Weekly Recap
The past week highlights a cybersecurity landscape shaped by active exploitation, evolving phishing techniques, and growing concerns around artificial intelligence.
Weekly Recap
From a sophisticated nation-state operation resulting in a $285 million loss to widespread abuse of open-source ecosystems, attackers are increasingly leveraging both technical and human vulnerabilities to maximize impact.
Weekly Recap
From AI models deemed too powerful for public release to persistent weaknesses in cloud and industrial environments, organizations are being forced to rethink how they approach resilience, governance, and threat detection in an increasingly complex ecosystem.
Weekly Recap
The cybersecurity landscape is entering a new phase where artificial intelligence is not only transforming defense strategies but also accelerating the scale and sophistication of attacks.
Weekly Recap
The cybersecurity landscape is increasingly shaped by the convergence of artificial intelligence, identity-centric threats, and supply chain dependencies.
Weekly Recap
The past week underscores a critical shift in cybersecurity, where speed, scale, and automation are redefining both attack and defense dynamics.
Weekly Recap
This week also saw critical vulnerability disclosures affecting widely used platforms such as Ivanti EPMM and cPanel/WHM, reinforcing the urgency of patch management and proactive defense strategies.
Weekly Recap
Artificial intelligence, identity compromise, and software supply-chain abuse continued to dominate the cybersecurity landscape last week, with organizations facing increasingly automated and fast-moving threats.
Weekly Recap
Cybersecurity threats continue to evolve at an aggressive pace, with last week highlighting a dangerous mix of supply chain compromises, actively exploited vulnerabilities, and escalating attacks against critical industries.
Weekly Recap
Last week’s cybersecurity developments once again highlighted the growing risks tied to software supply chains, credential theft, and social engineering attacks.
Weekly Recap
Cybersecurity developments last week highlighted the growing convergence of AI, software supply chain risk, and enterprise resilience.
Weekly Recap
Artificial intelligence, identity security, and active vulnerability exploitation continued to dominate the cybersecurity landscape last week.
Weekly Recap
Artificial intelligence, ransomware operations, software supply chain attacks, and actively exploited vulnerabilities continued to dominate the cybersecurity landscape last week.
Weekly Recap
Cybersecurity developments last week reflected a continued shift toward AI-driven defense, faster exploitation timelines, and growing pressure on organizations to strengthen operational resilience.
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
To: Paratus
Thank you for reaching out to us. Your request has been received, and we will get back to you within the next 24 hours. Alternatively, you can also reach us at [email protected]
To: Paratus
To: Paratus