CyberPulse

The Death of Human Error

The Agent Internet Is Already Leaking

The AI You Learned in January No Longer Exists

When Cloud Break-Ins Move at AI Speed

When Your AI Agent Becomes the Attack Surface

The Criminal Marketplace Youre Not Monitoring

The 17 Billion Warning Sign

The Ghost With Admin Access

Your Face Is Not Your Own

Your AI Takes Instructions From Strangers

The Malware That Thinks

Your AI Read Your Secrets

The Machine Underground

A low-skill, Russian-speaking hacker used commercial AI services to breach over 600 enterprise firewalls across 55 countries in five weeks. No zero-days required. Amazon just showed us what the automation of mediocrity looks like at scale.

CyberPulse — February 24, 2026: "They Poisoned the Bot That Guards the Code" A supply chain attack on the Cline AI coding assistant used prompt injection against an AI triage bot to steal npm publishing credentials and silently install the OpenClaw autonomous agent on ~4,000 developer machines in an 8-hour window. The first real-world case of prompt injection weaponized into a software supply chain compromise.

A stolen civil servant credential gave an attacker weeks of unrestricted access to FICOBA — France's national bank account registry containing every bank account opened in the country. 1.2 million accounts were browsed, exposing IBANs, names, addresses, and tax IDs. No MFA, no anomaly detection, no rate limiting. The breach creates immediate SEPA direct debit fraud risk across the EU. Phishing campaigns targeting affected customers were already detected within days.

Scattered LAPSUS$ Hunters — the cybercrime supergroup behind over 1.5 billion stolen records and the Jaguar Land Rover ransomware attack — is now recruiting women for voice phishing campaigns targeting IT help desks, paying $500-$1,000 per call with scripts provided. CISA simultaneously issued an emergency directive giving federal agencies 48 hours to patch actively exploited Cisco SD-WAN vulnerabilities, while a former U.S. defense contractor executive was sentenced to 7+ years for selling zero-day exploits to a Russian broker.

Check Point Research disclosed critical vulnerabilities in Anthropic's Claude Code where simply opening an untrusted repository could silently execute commands on a developer's machine, steal API credentials, and compromise an entire team's workspace — all through configuration files treated as harmless metadata. Separately, Google and Mandiant dismantled GRIDTIDE, a China-linked espionage campaign that used Google Sheets as command-and-control infrastructure to breach 53 organizations across 42 countries, targeting telecoms and governments for surveillance. Both stories reveal the same pattern: trusted, inert-looking data becoming active attack surfaces.

North Korea's ScarCruft built Ruby Jumper, a five-component toolchain that breaches air-gapped networks by installing a disguised Ruby runtime, weaponizing USB drives as bidirectional command channels, and deploying full-spectrum surveillance including keylogging, audio, and video capture inside physically isolated environments. Separately, Aeternum C2 is a new botnet that writes encrypted commands to smart contracts on the Polygon blockchain, eliminating all traditional takedown mechanisms — no servers to seize, no domains to sinkhole, and $1 of MATIC funds 150 command transactions. Together with the week's coverage of AI supply chain attacks, government database breaches, vishing recruitment, and cloud-based espionage, a clear pattern emerges: every assumption of isolation — physical, logical, legal, and operational — is being systematically dissolved.