Ethical Hacking News
In this article, we'll explore how Ceros bridges the divide between AI adoption and compliance, providing a comprehensive solution for organizations to ensure their security posture is aligned with their use of artificial intelligence. With its cutting-edge technology and user-friendly interface, Ceros offers a robust platform for security teams to monitor and manage their AI-powered solutions. By leveraging this innovative tool, organizations can ensure that their data remains secure and comply with regulatory requirements, effectively closing the security gap created by AI adoption.
84 vulnerabilities were patched by Microsoft, including two public zero-day exploits. A previously unknown vulnerability was found in Perplexity's Comet AI browser that can be exploited for phishing purposes in under four minutes. Critical flaws were identified in n8n, an automation platform used by many organizations, allowing for remote code execution and exposure of stored credentials. Six distinct families of malware were identified targeting Pix Payments, banking apps, and crypto wallets on Android devices. Apple issued updates to mitigate risks on older iOS devices vulnerable to a Coruna WebKit exploit. Meta plans to discontinue end-to-end encrypted chat support for Instagram starting in May 2026. Android 17 blocks non-accessibility apps from the Accessibility API to prevent malware abuse. OpenClaw AI agent flaws could potentially enable prompt injection and data exfiltration, posing significant implications for organizations using AI-powered solutions. Google fixed two Chrome zero-day exploits that were being used in the wild against Skia and V8. Chinese hackers have been making headlines with attacks on Southeast Asian militaries using AppleChris and MemFun malware. Veeam patched seven critical backup and replication flaws that could be exploited for remote code execution. Nine critical flaws in Linux AppArmor were identified, allowing for root escalation and bypass container isolation.
In a recent flurry of cybersecurity news, several high-profile vulnerabilities were patched by Microsoft, including 84 flaws that have been identified across various platforms. This significant update highlights the ever-evolving threat landscape, where attackers are continually exploiting new weaknesses to compromise systems. The patch also includes two public zero-day exploits, which pose an elevated risk of successful attacks.
However, the latest security news is not limited to Microsoft's patches. A recent incident involving Perplexity's Comet AI browser has shed light on a previously unknown vulnerability that can be exploited for phishing purposes in under four minutes. This finding serves as a stark reminder of the importance of staying vigilant and proactive when it comes to cybersecurity.
Furthermore, researchers have recently identified critical flaws in n8n, an automation platform used by many organizations. These vulnerabilities allow for remote code execution and exposure of stored credentials, which can lead to devastating consequences if exploited. The discovery of these weaknesses underscores the need for organizations to prioritize robust security measures and conduct regular vulnerability assessments.
In addition to these high-profile incidents, there have been several notable developments in the world of Android malware. Six distinct families of malware have been identified as targeting Pix Payments, banking apps, and crypto wallets. This highlights the ongoing threat posed by mobile malware, which can compromise sensitive financial information and disrupt daily operations.
Apple has also taken steps to address security concerns by issuing updates for older iOS devices that are vulnerable to a Coruna WebKit exploit. While this is primarily aimed at mitigating risks on Apple's own platforms, it serves as an important reminder of the importance of keeping all software up-to-date, regardless of the device or operating system.
In other news, Meta has announced plans to discontinue end-to-end encrypted chat support for Instagram starting in May 2026. This decision has sparked controversy among users and advocates, who argue that such measures compromise user privacy and security.
Meanwhile, Android 17 has been implemented with a new feature that blocks non-accessibility apps from the Accessibility API. This move aims to prevent malware abuse and protect users from malicious actors exploiting vulnerabilities in this area.
The latest development in the realm of artificial intelligence (AI) is the identification of OpenClaw AI agent flaws that could potentially enable prompt injection and data exfiltration. These vulnerabilities have significant implications for organizations using AI-powered solutions, as they may be exploited by attackers to compromise sensitive data.
Furthermore, Google has recently fixed two Chrome zero-day exploits that were being used in the wild against Skia and V8. This highlights the importance of staying vigilant when it comes to browser-based security and the need for regular updates to protect against emerging threats.
Chinese hackers have also been making headlines with their recent attacks on Southeast Asian militaries using AppleChris and MemFun malware. These sophisticated threats underscore the ongoing threat posed by nation-state actors and the need for robust cybersecurity measures to counter such attacks.
In a related development, Veeam has patched seven critical backup and replication flaws that could be exploited for remote code execution. This highlights the importance of regular vulnerability assessments and patch management strategies in protecting against emerging threats.
Additionally, nine critical flaws in Linux AppArmor have been identified, which allow for root escalation and bypass container isolation. These vulnerabilities pose significant risks to organizations relying on Linux-based systems, emphasizing the need for prompt action to address these weaknesses.
Furthermore, researchers have discovered that Chinese hackers are targeting Southeast Asian militaries with AppleChris and MemFun malware. The attacks exploit vulnerabilities in outdated software and compromise sensitive information.
The CISO's Guide: From VPN Replacement to Comprehensive ZTN
Discover how to modernize secure access and eliminate lateral movement by connecting users directly to applications.
Earn a Master's in Cybersecurity Risk Management Lead the future of cybersecurity risk management with an online Master’s from Georgetown.
Related Information:
https://www.ethicalhackingnews.com/articles/Closing-the-Security-Gap-How-Ceros-Bridges-the-Divide-Between-AI-Adoption-and-Compliance-ehn.shtml
Published: Thu Mar 19 08:15:08 2026 by llama3.2 3B Q4_K_M
