Issue #188 - March 2, 2026
- Mar 2
- 2 min read
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Source: The Hacker News
Attackers are abusing legitimate OAuth redirection behavior to route victims from seemingly trusted identity-provider URLs to attacker-controlled pages. Campaigns target public-sector organizations and use links that trigger malware delivery via ZIP payloads, PowerShell execution, and DLL sideloading. Key mitigations include tightening user consent and reviewing OAuth app permissions.
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
Source: BleepingComputer
A maximum-severity FreeScout flaw enables zero-click remote code execution by sending a single crafted email to a configured mailbox. Researchers describe a bypass using a zero-width space to evade filename validation and land malicious files as dotfiles, leading to command execution. Organizations should patch promptly and harden server configurations.
Bug in Google's Gemini AI Panel Opens Door to Hijacking
Source: Dark Reading
A Chrome Gemini side panel vulnerability could have let a basic-permission extension escalate privileges and access sensitive resources such as camera, microphone, screenshots, and local files. The issue highlights how AI-integrated browser components expand the attack surface beyond traditional tabs. It underscores the need for strict extension governance in enterprises.
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild
Source: SecurityWeek
Cisco updated advisories to warn that additional Catalyst SD-WAN vulnerabilities are being actively exploited. The flaws include issues that can be used for post-compromise activity and privilege gains, raising the urgency for patching and monitoring. Teams should validate device exposure, apply fixed releases, and review logs for suspicious access patterns.
Rethinking Security for Agentic AI
Source: SecurityWeek
As organizations begin deploying autonomous or semi-autonomous AI agents capable of executing tasks, interacting with APIs, and accessing enterprise data, the security model must shift from static controls to real-time behavioral governance. The article explains how agentic AI introduces new risks such as action-level exploits, context-injection attacks, and automated misuse of privileged workflows. Security leaders are urged to treat agentic AI as a new attack surface requiring policy enforcement, monitoring, and strong access controls.