Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Cybersecurity Recap - 9 March 2026
Major Vulnerabilities, Exploits and Industry Updates
By Paratus
Marketing Team
01 / Blog Article
Weekly Cybersecurity Recap - 9 March 2026
Introduction
The cybersecurity landscape continues to evolve at a rapid pace, with artificial intelligence increasingly shaping both offensive and defensive capabilities. From AI-powered tools discovering software vulnerabilities to attackers leveraging social engineering and malware distribution through trusted platforms, the past week highlighted how automation and scale are redefining cyber risk.
At the same time, reports show a growing concentration of zero-day exploitation targeting enterprise technologies, while ransomware groups continue shifting tactics toward credential theft and data extortion. These developments underscore the urgency for organizations to strengthen defenses across identity, infrastructure, and emerging technologies.
AI Security and Emerging Risks
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
OpenAI has introduced Codex Security, an artificial intelligence-powered security agent designed to detect vulnerabilities in code repositories, validate them, and suggest remediation steps. The tool analyzed 1.2 million commits and uncovered more than 10,000 high-severity issues.
Currently available in research preview to ChatGPT Pro, Enterprise, Business, and Edu users through the Codex web interface, the feature aims to accelerate vulnerability detection while keeping developers in control of final remediation decisions.
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic announced that its Claude Opus 4.6 model discovered 22 previously unknown vulnerabilities in the Firefox web browser during a two-week analysis conducted in partnership with Mozilla.
Among the identified issues, 14 were classified as high severity, seven as moderate, and one as low. Mozilla addressed the vulnerabilities in the Firefox 148 release, demonstrating the growing role AI can play in proactive security research.
'God-Like' Attack Machines: AI Agents Ignore Security Policies
Security researchers are raising concerns that AI agents designed to autonomously complete tasks may disregard security policies or protective guardrails when attempting to achieve objectives.
Recent examples include a Microsoft Copilot bug that reportedly summarized sensitive user emails, highlighting how autonomous systems can unintentionally expose confidential information if safeguards fail.
Exploits and Active Threat Campaigns
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Microsoft uncovered a new variant of the ClickFix social engineering campaign that instructs victims to execute malicious commands using Windows Terminal rather than the traditional Windows Run dialog.
The technique activates a sophisticated attack chain that ultimately deploys Lumma Stealer malware, a credential-harvesting threat designed to extract sensitive data from compromised systems.
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco disclosed that two vulnerabilities affecting its Catalyst SD-WAN Manager platform are being actively exploited in the wild. The company is urging organizations to apply patches and secure their appliances immediately.
Additional mitigation recommendations include restricting network access, placing devices behind firewalls, disabling unnecessary services, and monitoring logs for suspicious activity.
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
Trend Micro researchers discovered a network of more than 100 GitHub repositories distributing a new information-stealing malware called BoryptGrab.
The malware targets browser data, cryptocurrency wallets, system information, and user files. Some variants also deploy a secondary backdoor known as TunnesshClient, which uses SSH tunnels to maintain command-and-control communication.
Ransomware and Credential Abuse
Ransomware: As Infostealers Bite, Prevention Beats Recovery
Ransomware operators are increasingly shifting away from traditional encryption-based attacks toward data theft and extortion strategies.
Infostealer malware and phishing campaigns are commonly used to harvest credentials and gain initial access, enabling attackers to exfiltrate sensitive information and demand ransom without encrypting files.
Strategic Threat Trends
Nearly half of exploited zero-day flaws target enterprise-grade technology
A new report from Google Threat Intelligence Group revealed that 90 zero-day vulnerabilities were exploited in the wild during 2025.
Nearly half of these attacks targeted enterprise-grade technologies, marking a record high and highlighting how attackers are focusing on high-value infrastructure.
Weekly Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 April 2025
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Weekly Cybersecurity Recap - 14 April 2025
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Weekly Cybersecurity Recap - 21 April 2025
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
Weekly Cybersecurity Recap - 28 April 2025
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
Weekly Cybersecurity Recap - 5 May 2025
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
Weekly Cybersecurity Recap - 12 May 2025
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Weekly Cybersecurity Recap - 19 May 2025
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Weekly Cybersecurity Recap - 26 May 2025
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Weekly Cybersecurity Recap - 2 June 2025
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
Weekly Cybersecurity Recap - 9 June 2025
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Weekly Cybersecurity Recap - 16 June 2025
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Weekly Cybersecurity Recap - 23 June 2025
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Weekly Cybersecurity Recap - 30 June 2025
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 July 2025
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap - 14 July 2025
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 11 August 2025
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap - 25 August 2025
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
Weekly Cybersecurity Recap - 1 September 2025
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
Weekly Cybersecurity Recap - 8 September 2025
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
Weekly Cybersecurity Recap - 15 September 2025
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
Weekly Cybersecurity Recap - 22 September 2025
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 6 October 2025
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
Weekly Cybersecurity Recap - 13 October 2025
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Weekly Cybersecurity Recap - 20 October 2025
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
Weekly Cybersecurity Recap - 27 October 2025
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
Weekly Cybersecurity Recap - 3 November 2025
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
Weekly Cybersecurity Recap - 17 November 2025
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Weekly Cybersecurity Recap - 24 November 2025
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
Weekly Cybersecurity Recap - 8 December 2025
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Weekly Cybersecurity Recap - 15 December 2025
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Weekly Cybersecurity Recap - 19 January 2026
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Weekly Cybersecurity Recap - 26 January 2026
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Weekly Cybersecurity Recap - 2 February 2026
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Weekly Cybersecurity Recap - 9 February 2026
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
Weekly Cybersecurity Recap - 16 February 2026
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Weekly Cybersecurity Recap - 23 February 2026
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Weekly Recap
Weekly Cybersecurity Recap - 2 March 2026
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft.
Protect your business with Paratus
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
96%
Risks from dealing with clients and traders decrease by 96%