Security insights, vulnerability roundups, and updates from the Agent Breach team.
Security email updates
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.
A malicious Chrome extension impersonating the Perplexity AI search engine intercepted user searches and address bar input, routing all queries through attacker-controlled servers. Microsoft discovered the threat, which Google subsequently removed from the Chrome Web Store following responsible disclosure.
A critical privilege management vulnerability in Oracle E-Business Suite is being actively exploited in the wild, with a CVSS score of 9.8. Organizations running Oracle Payments must prioritize immediate patching to prevent unauthorized instance takeover.
Apple released security updates addressing over 30 vulnerabilities across iOS, macOS, and Safari, including four WebKit bugs identified through AI-assisted security tools. The patches underscore the growing role of machine learning in vulnerability discovery and the importance of timely patching across Apple's ecosystem.
Citizen Lab researchers discovered that Russian authorities deployed Cellebrite's UFED forensic software against a jailed opposition activist's iPhone months after the company claimed to halt sales to Russia. The finding raises questions about enforcement of export restrictions and the real-world impact of corporate compliance measures.
Small and medium-sized businesses face disproportionate cybersecurity risks despite their size, with attack surfaces that rival larger enterprises. Establishing a foundation of cyber readiness is essential for SMBs to build lasting resilience against evolving threats.
Microsoft has identified an ongoing phishing campaign targeting hospitality organizations across Europe and Asia since April 2026, using deceptive photo-themed ZIP files to deliver a Node.js implant. The attack focuses on front-desk systems, though the attackers' ultimate objectives remain unclear.
Researchers have identified new malicious npm packages and GitHub Actions abuse linked to the Miasma malware family, targeting LeoPlatform and RStreams. The ongoing campaign demonstrates how attackers continue to exploit open-source dependencies and CI/CD workflows to compromise downstream users.
Attackers compromised npm and Go packages to distribute a Python-based information stealer, leveraging VS Code task automation to evade npm security controls. The campaign targets Windows, Linux, and macOS systems through supply chain manipulation.
As AI agents gain autonomous permissions and traverse enterprise systems at machine speed, traditional identity governance frameworks are proving inadequate. Organizations face a critical security gap between deployed AI capabilities and the oversight mechanisms designed to control them.
A new Linux kernel vulnerability tracked as CVE-2026-43503 allows local attackers to escalate privileges to root by corrupting file-backed memory through cloned network packets. JFrog Security Research released the first public exploit demonstration, highlighting the severity of this DirtyFrag-family flaw.