Weekly Recap
Weekly Cybersecurity Recap - 24 March 2025
This Week in Cybersecurity: Phishing, Ransomware, and a $32B Acquisition
Weekly Cybersecurity Recap - 18 May 2026
AI-Driven Threats, Critical Vulnerabilities & Identity Based Attacks
By Paratus
Marketing Team
01 / Blog Article
Weekly Cybersecurity Recap - 18 May 2026
Introduction
Artificial intelligence, identity compromise, and software supply-chain abuse continued to dominate the cybersecurity landscape last week, with organizations facing increasingly automated and fast-moving threats. From AI-generated exploits and attacks against agentic frameworks to large-scale npm and PyPI supply-chain compromises, attackers are accelerating operations while leveraging weaknesses across cloud, identity, and development ecosystems.
At the same time, governments and technology providers are responding with new cybersecurity initiatives and defensive AI programs. The UAE launched its AI Cyber Factory initiative to strengthen cyber sovereignty, while OpenAI introduced Daybreak to improve cyber defense capabilities using large language models and agentic tooling. Meanwhile, active exploitation of critical flaws in platforms like Cisco SD-WAN and rapid attacks against newly disclosed vulnerabilities demonstrate that patch management, identity security, and infrastructure hardening remain critical priorities for organizations worldwide.
AI, Identity and National Cybersecurity
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors began attempting to exploit the PraisonAI vulnerability within hours of public disclosure. The flaw, tracked as CVE-2026-44338, stems from missing authentication protections that expose sensitive API endpoints, potentially allowing attackers to invoke protected functionality without valid tokens. The incident highlights the shrinking window between vulnerability disclosure and active exploitation, especially in AI orchestration environments.
UAE launches AI Cyber Factory to fight cyberattacks
The UAE Cyber Security Council launched the UAE Cyber Factory initiative to strengthen national cyber resilience and reinforce the country’s digital leadership. The program aims to improve the nation’s ability to anticipate, detect, and respond to increasingly sophisticated cyberattacks targeting both public institutions and private organizations.
AI-Built Zero-Day Nearly Powered Mass Attack
Google researchers disclosed that a cybercriminal group nearly launched a mass attack using an exploit generated entirely by artificial intelligence. Unlike previous AI-assisted attack reports, the operation involved AI creating functional exploit code from scratch, signaling a major escalation in offensive AI capabilities and raising concerns about the future speed and scale of cyberattacks.
OpenAI launches Daybreak to combat cyber threats
OpenAI introduced a new cybersecurity initiative called Daybreak, combining large language models, Codex agentic capabilities, and external security partnerships to identify vulnerabilities and strengthen defensive operations. The launch follows growing industry concerns around frontier AI models and their potential cybersecurity implications.
Identity takes center stage as a leading factor in enterprise cyberattacks
New research from Sophos found that seven out of ten organizations experienced at least one identity-related breach over the past year, with ransomware attacks increasingly originating from compromised identities. The findings reinforce how identity abuse, credential compromise, and access management failures have become central attack vectors in modern enterprise environments.
Critical Vulnerabilities and Exploitation
Chrome 148 Update Patches Critical Vulnerabilities
Google’s Chrome 148 release addressed 79 vulnerabilities, including 14 critical-severity flaws affecting multiple browser components. Among them were CVE-2026-8509, a heap buffer overflow in WebML, and CVE-2026-8510, an integer overflow flaw in Skia. Several of the vulnerabilities carried high bug bounty payouts, indicating the potential for severe exploitation scenarios, including remote code execution.
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
Rapid7 disclosed active exploitation of CVE-2026-20182, a critical authentication bypass flaw in Cisco Catalyst SD-WAN controllers. The vulnerability received the maximum CVSS score of 10.0 due to its ability to grant unauthenticated attackers control over highly privileged network management infrastructure, creating severe enterprise-wide risk.
Supply Chain and Ecosystem Threats
Mass Supply-Chain Attack Slams npm and PyPi, Hits Mistral AI
Attackers behind ongoing software supply-chain campaigns targeted npm and PyPI repositories while releasing an open-source version of their malware to automate downstream infections. The attacks affected multiple organizations, including Mistral AI, further demonstrating how open-source ecosystems continue to face escalating supply-chain risks.
Infrastructure and Enterprise Security
Enhancing Data Center Security Without Sacrificing Performance
Data center operators continue to struggle with balancing cybersecurity visibility and system performance. Host-based security agents often consume resources needed for high-performance workloads, creating blind spots attackers can exploit. Recent incidents involving VMware ESXi vulnerabilities and campaigns like ESXiArgs demonstrate how gaps between virtual machines and physical hosts remain attractive targets for attackers.
Weekly Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 April 2025
AI Weaknesses, Airport Ransomware, Cloud Gaps & Phishing PhaaS
Weekly Recap
Weekly Cybersecurity Recap - 14 April 2025
Fake Apps, Data Leaks, Ransomware Tactics & WordPress Plugin Exploits
Weekly Recap
Weekly Cybersecurity Recap - 21 April 2025
Multi-stage malware, GPS spoofing, ClickFix campaigns, and Shadow AI adoption—this week’s cybersecurity recap has it all
Weekly Recap
Weekly Cybersecurity Recap - 28 April 2025
QR code scams, GenAI hallucinations, mobile spyware, and double extortion — it’s another action-packed week in cybersecurity.
Weekly Recap
Weekly Cybersecurity Recap - 5 May 2025
TikTok fined €530M, hackers breach CNI, and top 2025 cyber threats – your weekly cyber update
Weekly Recap
Weekly Cybersecurity Recap - 12 May 2025
FreeDrain Crypto Phishing, Qilin Ransomware Surge & Google’s AI Moves
Weekly Recap
Weekly Cybersecurity Recap - 19 May 2025
Botnets, Bounties, and the AI Balancing Act
Weekly Recap
Weekly Cybersecurity Recap - 26 May 2025
Fake Installers, Ransomware Fallout & Malicious Extensions: Last Week’s Cyber Recap
Weekly Recap
Weekly Cybersecurity Recap - 2 June 2025
Malware campaigns, breaches, and the $111B cloud security boom
Weekly Recap
Weekly Cybersecurity Recap - 9 June 2025
From a massive AT&T data leak to new macOS malware and a takedown of a notorious carding site - here's what happened last week.
Weekly Recap
Weekly Cybersecurity Recap - 16 June 2025
Discord Malware, Salesforce Risks, SME Pressures and more
Weekly Recap
Weekly Cybersecurity Recap - 23 June 2025
Cybercriminal Innovation, Record-Breaking DDoS, and Retail Breaches - What You Missed Last Week
Weekly Recap
Weekly Cybersecurity Recap - 30 June 2025
Emerging Quantum Threats, UAE Cyber Trends, and Critical Exploits – Last Week’s Cybersecurity Recap
Weekly Recap
Weekly Cybersecurity Recap - 7 July 2025
Weekly Cybersecurity Recap: AI-Enhanced Phishing, Android Fraud, and Emerging Risks
Weekly Recap
Weekly Cybersecurity Recap - 14 July 2025
Weekly Cybersecurity Recap: Human Weakness, AI Risks, and Critical Vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 11 August 2025
Weekly Cybersecurity Recap: AI-Powered Scams, Vault Flaws, Airline Breaches & GPT-5 Jailbreaks
Weekly Recap
Weekly Cybersecurity Recap - 25 August 2025
Weekly Cybersecurity Recap: Wi-Fi Breaches, AI Risks, and Major Exploits
Weekly Recap
Weekly Cybersecurity Recap - 1 September 2025
AI Ransomware, WhatsApp Zero-Click Exploit, and Salesforce Credential Theft
Weekly Recap
Weekly Cybersecurity Recap - 8 September 2025
AI-powered Threats, Global Partnerships, Zero-Day Exploits & Record DDoS Attack
Weekly Recap
Weekly Cybersecurity Recap - 15 September 2025
npm Breach, Zero-Days, AI Jailbreaks and More
Weekly Recap
Weekly Cybersecurity Recap - 22 September 2025
AI-powered threats, airport cyberattacks, phishing surges & critical vulnerabilities
Weekly Recap
Weekly Cybersecurity Recap - 6 October 2025
Oracle Extortion, Red Hat Breach, and AI Browser Exploits
Weekly Recap
Weekly Cybersecurity Recap - 13 October 2025
New Malware Strains, Supply Chain Risks, and Massive Breaches
Weekly Recap
Weekly Cybersecurity Recap - 20 October 2025
Smart Contract Malware, Corporate Breaches, and Ransomware Disruptions
Weekly Recap
Weekly Cybersecurity Recap - 27 October 2025
GlassWorm Supply Chain Attack, WSUS Exploited, and a $2.5B JLR Fallout
Weekly Recap
Weekly Cybersecurity Recap - 3 November 2025
AI Advances, Cloud Disruptions, and Global Threat Campaigns
Weekly Recap
Weekly Cybersecurity Recap - 17 November 2025
AI Framework Flaws, Mass Supply Chain Abuse, and Rising Ransomware Complexity
Weekly Recap
Weekly Cybersecurity Recap - 24 November 2025
Cloud Outages, AI Botnets, 7-Zip Exploits, and Rising Gulf Security Spend
Weekly Recap
Weekly Cybersecurity Recap - 8 December 2025
AI Risks, RCE Threats, Supply-Chain Abuse & Global Outages
Weekly Recap
Weekly Cybersecurity Recap - 15 December 2025
Zero-Days, AI Risk Warnings, and Escalating Exploits
Weekly Recap
Weekly Cybersecurity Recap - 19 January 2026
Malware Innovation, Zero-Days, and Cloud-Focused Threats
Weekly Recap
Weekly Cybersecurity Recap - 26 January 2026
Identity Attacks, Exploited Trust, and Emerging Global Defenses
Weekly Recap
Weekly Cybersecurity Recap - 2 February 2026
Cyber Risks Escalate Across Industry, Infrastructure, and AI as Attack Surfaces Expand
Weekly Recap
Weekly Cybersecurity Recap - 9 February 2026
Credential Theft, Supply Chain Risks, and Critical Exploits
Weekly Recap
Weekly Cybersecurity Recap - 16 February 2026
From nation-state activity targeting defense infrastructure to malicious browser extensions with tens of millions of downloads, this week’s events highlight how digital risk continues to expand across ecosystems, platforms, and sectors.
Weekly Recap
Weekly Cybersecurity Recap - 23 February 2026
Cyber threats are accelerating across both national infrastructure and enterprise environments. While governments strengthen defensive posture against organized cyberattacks, ransomware operators and AI-enabled adversaries continue to compress response timelines and expand sector targeting.
Weekly Recap
Weekly Cybersecurity Recap - 2 March 2026
This week’s cybersecurity landscape highlights long-term zero-day exploitation, widespread infrastructure compromise, AI-assisted attacks, and escalating credential theft.
Weekly Recap
Weekly Cybersecurity Recap - 9 March 2026
These developments underscore the urgency for organizations to strengthen defenses across identity, infrastructure, and emerging technologies.
Weekly Recap
Weekly Cybersecurity Recap - 16 March 2026
From destructive malware warnings and supply-chain attacks targeting developer ecosystems to vulnerabilities in widely used enterprise platforms, organizations are facing a rapidly evolving threat landscape.
Weekly Recap
Weekly Cybersecurity Recap - 23 March 2026
The latest cybersecurity developments highlight a surge in critical vulnerabilities, targeted ransomware campaigns, and evolving threats tied to remote work and artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 30 March 2026
The past week highlights a cybersecurity landscape shaped by active exploitation, evolving phishing techniques, and growing concerns around artificial intelligence.
Weekly Recap
Weekly Cybersecurity Recap - 6 April 2026
From a sophisticated nation-state operation resulting in a $285 million loss to widespread abuse of open-source ecosystems, attackers are increasingly leveraging both technical and human vulnerabilities to maximize impact.
Weekly Recap
Weekly Cybersecurity Recap - 13 April 2026
From AI models deemed too powerful for public release to persistent weaknesses in cloud and industrial environments, organizations are being forced to rethink how they approach resilience, governance, and threat detection in an increasingly complex ecosystem.
Weekly Recap
Weekly Cybersecurity Recap - 20 April 2026
The cybersecurity landscape is entering a new phase where artificial intelligence is not only transforming defense strategies but also accelerating the scale and sophistication of attacks.
Weekly Recap
Weekly Cybersecurity Recap - 27 April 2026
The cybersecurity landscape is increasingly shaped by the convergence of artificial intelligence, identity-centric threats, and supply chain dependencies.
Weekly Recap
Weekly Cybersecurity Recap - 4 May 2026
The past week underscores a critical shift in cybersecurity, where speed, scale, and automation are redefining both attack and defense dynamics.
Weekly Recap
Weekly Cybersecurity Recap - 11 May 2026
This week also saw critical vulnerability disclosures affecting widely used platforms such as Ivanti EPMM and cPanel/WHM, reinforcing the urgency of patch management and proactive defense strategies.
Protect your business with Paratus
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
96%
Risks from dealing with clients and traders decrease by 96%