Latest news as of 3/7/2026, 8:29:22 PM
The Hacker News
OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that's designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a research preview to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex web with free usage for the next month. "It builds deep context about your project to identify
Bleeping Computer
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. [...]
Bleeping Computer
Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack. [...]
The Hacker News
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in Firefox 148, released late last month. The vulnerabilities were identified over a two-week period in
The Register
Now if only device makers would deliver higher quality components Thanks to Anthropic's AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can't help.…
Bleeping Computer
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people. [...]
The Register
Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew Hamas-linked attackers are dropping spyware disguised as an emergency-alert app on Israelis' smartphones via SMS messages, according to security researchers.…
Graham Cluley
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA - one of the world's most prolific phishing-as-a-service platforms - has been dismantled. Read more in my article on the Hot for Security blog.
Dark Reading
DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.
Bleeping Computer
CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. [...]