> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Sunday, March 08, 2026

  1. 1
    1
    The Hacker News general
    Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

    Anthropic's Claude Opus 4.6 AI model discovered 22 new security vulnerabilities in Firefox during a two-week security partnership with Mozilla, with 14 classified as high severity, 7 moderate, and 1 low. All issues were patched in Firefox 148 released in January, demonstrating AI's growing capability in automated vulnerability discovery.

  2. 2
    0
    The Hacker News general
    OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

    OpenAI launched Codex Security, an AI-powered security agent that scanned 1.2 million commits and identified 10,561 high-severity vulnerabilities while proposing fixes. The tool is now available in research preview to ChatGPT Pro, Enterprise, Business, and Edu customers with free usage for one month.

  3. 3
    0
    BleepingComputer general
    Termite ransomware breaches linked to ClickFix CastleRAT attacks

    Velvet Tempest ransomware operators are using ClickFix social engineering techniques combined with legitimate Windows utilities to deploy DonutLoader malware and CastleRAT backdoor in Termite ransomware attacks. This campaign demonstrates the evolution of ransomware delivery methods through deceptive user interaction.

  4. 4
    0
    SecurityWeek general
    US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies

    Trump's new cybersecurity strategy emphasizes stronger deterrence against cyber adversaries, federal network modernization, critical infrastructure protection, and investment in AI and post-quantum cryptography. The comprehensive strategy addresses emerging technology challenges while strengthening national cyber defenses.

  5. 5
    0
    BleepingComputer general
    Microsoft: Hackers abusing AI at every stage of cyberattacks

    Microsoft reports threat actors are increasingly integrating artificial intelligence across all stages of cyberattacks to accelerate operations, scale malicious activities, and lower technical barriers for less sophisticated attackers. This trend represents a significant shift in how AI is being weaponized by cybercriminals.

  6. 6
    1
    SecurityWeek general
    Over 100 GitHub Repositories Distributing BoryptGrab Stealer

    Security researchers discovered over 100 GitHub repositories distributing the BoryptGrab stealer malware, which targets browser data, cryptocurrency wallets, system information, and user files. The campaign abuses GitHub's trusted platform to distribute malware at scale through legitimate-appearing repositories.

  7. 7
    1
    BleepingComputer general
    Fake Claude Code install guides push infostealers in InstallFix attacks

    Cybercriminals are using a new InstallFix social engineering variant that tricks users into running malicious commands disguised as legitimate CLI tool installation guides for Anthropic's Claude Code. This technique represents an evolution of ClickFix attacks targeting developers and technical users.

  8. 8
    0
    The Hacker News general
    Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

    Securonix identified the VOID#GEIST malware campaign using multi-stage batch scripts to deliver encrypted RAT payloads including XWorm, AsyncRAT, and Xeno RAT. The attack chain employs obfuscated batch scripts as the initial infection vector for deploying multiple remote access trojans.

  9. 9
    1
    Ars Technica Security general
    CISA adds 3 iOS flaws to its catalog of known exploited vulnerabilities

    CISA added three iOS vulnerabilities to its Known Exploited Vulnerabilities catalog, indicating active exploitation of these flaws in real-world attacks. The addition signals that these iOS security issues pose immediate risks to organizations and require urgent patching.

  10. 10
    0
    Dark Reading general
    North Korean APTs Use AI to Enhance IT Worker Scams

    North Korean APT groups are enhancing their IT worker infiltration scams using AI tools for face swapping and automated email communication to better impersonate legitimate remote workers. These DPRK operations continue generating revenue while placing malicious actors inside organizations' technical teams.