Security insights, vulnerability roundups, and updates from the Agent Breach team.
Security email updates
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.
Security researchers demonstrated a critical gap in AI agent skill marketplaces by deploying a fake skill that evaded all security scanners and reached approximately 26,000 agents, including corporate deployments. The proof-of-concept highlights how current detection mechanisms fail to catch malicious agent capabilities before distribution.
A Russian-speaking initial access broker has orchestrated a large-scale credential-harvesting operation against over 430,000 FortiGate firewalls since February 2026, potentially exposing 110 million credentials. The FortiBleed campaign combines reconnaissance, brute-force attacks, and custom malware deployment to compromise critical network infrastructure.
A critical input validation vulnerability in Cisco Unified Communications Manager is being actively exploited in the wild, allowing unauthenticated remote attackers to write files with root privileges. Organizations running affected versions must apply patches immediately to prevent compromise.
A decades-old heap over-read vulnerability in Squid web proxy can expose cleartext HTTP requests—including credentials and session tokens—to other users on the same proxy. The bug, rooted in 1997 FTP-parsing code, remains active in default configurations.
Researchers have disclosed four vulnerabilities in Dify, a popular open-source AI workflow platform, that allow unauthenticated attackers to read AI conversations across different customer tenants. The flaws, collectively named DifyTap, pose significant risks to multi-tenant deployments.
Threat actors compromised the build and distribution pipeline of ShapedPlugin, injecting backdoor code into multiple WordPress Pro plugins distributed via official licensed update channels. The attack highlights critical risks in third-party plugin supply chains affecting thousands of WordPress sites.
OpenAI has released an enhanced GPT-5.5-Cyber model through its Daybreak initiative, designed to help security defenders identify and remediate software vulnerabilities more effectively. The improved model can analyze large codebases in greater depth, enabling faster and more comprehensive vulnerability discovery.
Attackers are leveraging WhatsApp Desktop and Web to distribute VBScript files disguised as legitimate documents, leading to unauthorized installation of ManageEngine RMM software. The campaign, identified by Kaspersky, targets users across multiple countries including Malaysia, Brazil, India, and the UK.
A validation vulnerability in ldns allows remote attackers to inject arbitrary DNS responses when the library operates as a UDP stub resolver. Ubuntu has released a security update to address this DNS spoofing risk.