Fortibleed campaign impact, Cisco Unified CM flaw exploited

Here’s an overview of last week’s most compelling news, articles, interviews, and videos covering cybersecurity, AI, and infrastructure.

Encrypted DNS still leaks valuable information to eavesdroppers. While DNS over TLS, HTTPS, and QUIC effectively hide query content, the packet headers remain in plaintext. These headers clearly mark network traffic as DNS, giving observers a starting point for surveillance.

A new open-source project, Agent Beacon, provides a telemetry layer for AI agents like Claude Code, Codex CLI, Cursor, and Claude Cowork. Developed by Asymptote Labs, Beacon runs on developer laptops, CI jobs, and cloud environments, capturing a normalized record of agent actions across all surfaces.

In an interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, debates the pros and cons of gating cyber-capable AI models. She presents the strongest case for restricting access but explains why this approach fails for security teams that need the same tools for defense.

Researchers have built EVOHUNT, a system that teaches AI agents to find software bugs using plain-text audit methods. This $1,400 experiment outperformed OpenAI’s Codex Security by keeping the underlying AI model fixed and improving only an external playbook.

Scam websites are targeting gamers with promises of GTA 6 early access. These pages ask for a few hundred dollars in cryptocurrency, then fail to deliver the game, effectively stealing funds from eager buyers.

A new open-source tool, Praxen, verifies that AI agents behave as claimed. It compares an agent’s declared policy with its actual operations, highlighting every point of deviation.

Jorge Aldegunde, Global Head of Railway Services at DNV, discusses the cybersecurity challenges in monorail systems where old operational technology meets modern IT. He explains how open networks expand the attack surface, the difficulty of patching signaling flaws without stopping trains, and the complex liability questions that arise.

FrontierCyber, a benchmark from Irregular, evaluates AI models on real systems instead of relying on known vulnerabilities. This approach keeps tests relevant as models solve increasingly common offensive security benchmarks.

Mattias Geniar, CTO at Oh Dear, argues that most outages start with subtle signs like creeping latency or a slow rise in errors. He advises teams to alert on changes and real user outcomes rather than isolated endpoints and absolute numbers.

The 2026 Healthcare IT Landscape Report from Omega Systems reveals that most healthcare practices have experienced operational disruptions linked to outside vendors. With EMR systems, billing platforms, and telehealth tools all dependent on third parties, many leaders see a fatal cyber incident as inevitable.

SuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps for MSPs. In a Q&A, CEOs Arvind Parthiban and Dor Eisner explain how this connected stack reduces tool-switching, lowers costs, and helps close the margin gap between average MSPs (8%) and top performers (18%).

A massive credential-harvesting campaign, the Fortibleed campaign, has targeted FortiGate firewalls, exposing thousands of organizations to potential compromise. Researchers gained an unusually detailed view of the operation after attackers left tools, scripts, and credentials exposed on a server.

CVE-2026-20230, a server-side request forgery vulnerability in Cisco Unified Communications Manager, is being actively exploited. Attackers are dropping webshells to achieve remote code execution on the underlying server.

Operation Endgame, the largest international law enforcement operation against ransomware and cybercrime, has claimed new targets: StealC and Amadey malware networks.

Kaspersky researchers have uncovered a novel campaign using the SharkLoader dropper to compromise government organizations and software development companies in multiple countries.

Synology has released a critical fix for MailPlus Server vulnerabilities, though details remain under wraps. The software runs private email on Synology NAS devices.

The agentic SOC market is crowded, but Prophet Security offers an AI platform that autonomously triages, investigates, and responds to alerts. It also helps strengthen detection by identifying tuning opportunities and enabling natural-language threat hunting.

23 ClawHub plugins were found squatting official scopes, exposing registry security gaps. Ax Sharma, Head of Research at Manifold Security, explains how code-executing plugins ended up under official scopes while owned by unrelated accounts.

Cyber insurance is increasingly rewriting security programs at renewal time, as explained by Michael Loewy, co-founder of Tide Foundation.

Researchers from Wake Forest University analyzed 444 iOS apps with LLM features and found 282 that exposed exploitable credentials or backend access mechanisms.

Malwarebytes identified dozens of websites claiming to offer free FIFA World Cup streams. Instead of games, they direct visitors through advertising chains designed to generate revenue.

Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine. Fortra notes that group names, descriptions, or welcome messages create urgency around payroll updates, contract renewals, or mandatory training.

Two members of Scattered Spider have pleaded guilty to charges related to a 2024 cyberattack on Transport for London that caused £29 million in losses.

A Cornell Tech study found that a short Reddit comment, sometimes as little as 13 words, can influence the output of AI deep-research agents, raising concerns about the reliability of AI-generated reports.

LastPass disclosed that attackers used OAuth tokens compromised in a supply chain attack on Klue to access customer data in its Salesforce environment.

Xsolis, a healthcare technology company, confirmed a phishing attack that impacted 1.4 million people. The company serves over 600 hospitals and health insurers.

An Algerian national accused of running cybercrime marketplaces has been extradited from Spain to the US to face bank fraud conspiracy charges.

WhatsApp is rolling out a warning screen that appears before users open chats with unfamiliar phone numbers, helping to protect against scammers.

A 21-year-old hacker known as “Snoopy” was sentenced to 18 months in prison for hacking 60,000 betting accounts on a fantasy sports website.

A new backdoor called Mistic has been deployed in attacks targeting insurance, education, IT, and professional services sectors since April 2026, according to Symantec.

Burnyard, a research project from The Ohio State University, offers a privacy-first approach to local malware analysis. It runs suspicious binaries on the analyst’s own hardware, keeping samples local and avoiding public repositories.

Microsoft has given Windows 10 users another year of free security updates, extending the consumer ESU program until October 12, 2027.

Four suspected members of a SIM-swapping gang have been arrested in Poland for cryptocurrency theft and money laundering.

The Mirage2FA phishing kit uses HTML smuggling and obfuscated JavaScript to steal Microsoft 365 credentials during MFA prompts, according to Fortra.

The systemd 261 release introduces a software TPM, a new OS installer, a cloud metadata subsystem, and improved process state handling through kexec reboots.

Avira Mobile Security for iOS combines security, privacy, and device optimization tools in a single app, also available for Android, macOS, and Windows.

Veeam Software’s Data and AI Trust Gap report reveals that only 7% of organizations are ready for the AI agents they’ve deployed, with 88% now running or piloting such agents.

Spur Intelligence scanned 6,038 apps on LG webOS and Samsung Tizen smart TVs and found 2,058 containing residential proxy software, potentially sending other people’s internet traffic through home connections.

OpenAI expanded its Daybreak cybersecurity initiative, combining AI models, Codex Security, and security researchers to find and fix software vulnerabilities.

The 2026 State of AI Security Testing report from Aikido Security found that 76% of organizations have had to stop, restrict, or roll back AI-driven behavior in the past 12 months.

Google Workspace is expanding its password reset alerts to all admins, improving visibility into security changes.

Anthropic introduced an agent identity model for Claude Tag, giving the AI assistant its own identity, permissions, and tool access within shared workspaces.

Most organizations will ship AI-written infrastructure code with minimal review, as developers move from idea to working code in hours, leaving DevOps teams to catch up.

The Software Freedom Conservancy has issued recommendations for open-source contributors using AI coding assistants like Claude Code and Copilot CLI.

A new benchmark called HelpBench tests how well chatbots handle security worries typed directly into the chat window, revealing gaps in the advice they provide.

Google Wallet has joined the TSA PreCheck Touchless ID program, allowing travelers to pass through security using facial comparison technology.

Upbound released Modelplane, an open-source control plane for managing GPU fleets across clouds, neoclouds, and on-premise data centers for AI inference.

Black Kite’s 2026 European Cyber Risk Report shows that ransomware attacks against European organizations are increasing, with third-party suppliers becoming a major entry point.

The Linux Foundation has launched Akrites, an industry initiative to support vulnerability remediation and disclosure for critical open-source software as AI accelerates the timeline from discovery to exploitation.

We’ve also compiled a weekly selection of cybersecurity jobs available right now, spanning various skill levels.

Finally, here’s a look at the most interesting new infosec products from the past month, featuring releases from AISLE, Asimily, Blue Planet, depthfirst, Diligent, Drata, Elastic, Filigran, Flip, Hyland, IDnow, Legit Security, MazeBolt, Noma, Qodo, Ridge Security, Tigera, and WitnessAI.