DJBSEC's CyberNews 2026-03-10

1. Actively Exploited macOS and iOS Vulnerabilities Discovered

Researchers have identified several vulnerabilities affecting both macOS and iOS that are reportedly being actively exploited in the wild. The flaws allow attackers to bypass security protections and potentially execute malicious code on targeted devices. Apple has released security updates to address the issues and is urging users to install the latest patches immediately. Because these vulnerabilities affect core system components, exploitation could allow attackers deep access to compromised devices. Security experts warn that delayed patching could expose millions of Apple users to potential attacks.

2. Codex Security Identifies 11,000 High-Impact Software Bugs in One Month

OpenAI reported that its Codex Security system discovered more than 11,000 high-impact vulnerabilities during its first month of operation. The AI-powered tool scans software repositories to identify potential security flaws before they reach production. Many of the discovered issues included injection vulnerabilities, authentication weaknesses, and insecure dependencies. The findings demonstrate how AI can significantly accelerate vulnerability discovery in modern development environments. Experts believe AI-driven security analysis will become a core part of secure software development.

3. Dutch Intelligence Warns Russian Cybercriminals Linked to State Operations

Dutch intelligence officials have warned that Russian cybercriminal groups are increasingly cooperating with government-backed cyber operations. According to investigators, these groups sometimes carry out attacks that indirectly benefit state objectives. The collaboration blurs the line between criminal cyber activity and state-sponsored operations. Analysts say this relationship allows governments to maintain plausible deniability while still leveraging criminal talent. The warning highlights growing concerns about hybrid cyber threats emerging from Russia.

4. M365Pwned Toolkit Gives Red Teams Graphical Interface for Microsoft 365 Attacks

Security researchers have released a new red-team toolkit called M365Pwned, designed to simulate attacks against Microsoft 365 environments. Unlike many offensive security tools, the toolkit includes a graphical interface that simplifies testing and automation. The platform allows security teams to assess defenses against phishing, privilege escalation, and account takeover techniques. While intended for legitimate testing, experts warn that attackers could also adopt the tool. Organizations are encouraged to strengthen monitoring of Microsoft 365 environments.

5. Microsoft Introduces Copilot Cowork for Collaborative AI Workflows

Microsoft has introduced Copilot Cowork, a new feature designed to support collaborative workflows powered by AI assistants. The capability allows multiple users and AI agents to work together within shared productivity environments. While the feature promises improved productivity, security experts warn that collaborative AI tools could introduce new data exposure risks. Organizations will need to carefully manage permissions and audit AI-driven actions. Microsoft says additional safeguards are being added to address enterprise security concerns.

6. Chinese Cyber Threat Activity Targeting Critical Asian Sectors

Security analysts report an increase in Chinese cyber operations targeting key sectors across Asia. The campaigns appear focused on energy, telecommunications, and financial institutions. Researchers believe the attacks are part of long-term intelligence gathering efforts tied to geopolitical interests. The activity includes spear-phishing, malware deployment, and supply-chain compromises. Regional governments are strengthening defenses as the threat landscape continues to evolve.

7. Iran-Linked MuddyWater Hackers Deploy DINDoor Backdoor in U.S. Networks

The Iran-linked MuddyWater hacking group has been observed deploying a new backdoor called DINDoor against U.S. networks. The malware enables attackers to maintain persistent access and conduct espionage activities within compromised systems. Researchers say the campaign targets government agencies and critical infrastructure organizations. MuddyWater often uses spear-phishing and credential theft to gain initial access. Security teams are advised to monitor for indicators associated with the new malware.

8. Fake Claude Code Install Pages Deliver Infostealer Malware

Cybercriminals are distributing malware through fake websites posing as download pages for Claude Code, an AI development tool. The malicious installers target both Windows and macOS users and deploy infostealer malware designed to harvest credentials and system data. Victims searching for AI development tools may unknowingly install the compromised software. Researchers say the campaign relies heavily on search engine manipulation and phishing techniques. Users are urged to download software only from official sources.

9. Government Agencies Warn of Emerging Cyber Threat Trends

Government cybersecurity agencies are warning organizations about a rise in sophisticated cyber threats targeting both public and private sectors. The advisory highlights increasing activity from nation-state actors, ransomware groups, and financially motivated cybercriminals. Officials say attackers are leveraging automation and AI to accelerate attacks and evade detection. The warning encourages organizations to strengthen defenses through improved patching, monitoring, and threat intelligence sharing. Experts say proactive security measures are critical as the threat landscape continues to evolve.