Applying security fundamentals to AI: Practical advice for CISOs | Microsoft Security Blog Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered environment.

Applying security fundamentals to AI isn’t optional - identity, least privilege, monitoring, and governance still win. New tech, same truths. 🤖🛡️ #AISecurity #CyberFundamentals

Top npm package backdoored to drop dirty RAT on dev machines Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios

A backdoored Axios npm package delivered a RAT - another reminder that even trusted libraries can turn into attack vectors. Verify before you trust. 📦⚠️ #OpenSourceSecurity #SupplyChainRisk

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

Claude code leaked via malicious npm packaging - the supply chain remains a soft target for high-impact breaches. Trust in dependencies must be continuously verified. 📦⚠️ #SupplyChainSecurity #OpenSourceRisk

Financial groups lay out a plan to fight AI identity attacks - Help Net Security Industry groups urge U.S. policymakers to fight AI identity fraud with a 20-point plan covering deepfakes, passkeys, and digital credentials.

Fighting AI-driven identity fraud requires layered defenses - biometrics alone won’t cut it. Combine signals, behavior, and context to restore trust. 🎭🔐 #IdentitySecurity #AIFraud

How to Categorize AI Agents and Prioritize Risk AI agent risk isn't equal, it scales with access to systems and level of autonomy. Token Security explains how CISOs should categorize agents and prioritize what to secure first.

Not all AI agents carry the same risk — categorization is key to prioritizing controls, from low-impact assistants to high-privilege autonomous actors. Treat agents like identities. 🤖🔐 #AISecurity #RiskManagement

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

OpenAI patches a ChatGPT data issue - even AI platforms aren’t immune. As adoption grows, so does the need for robust data safeguards. 🤖🔐 #AISecurity #DataProtection

AI-Powered 'DeepLoad' Steals Credentials, Evades Detection The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, researchers say.

AI-powered Deepload is stealing credentials while evading detection - attackers are blending automation with stealth. Traditional defenses are increasingly outpaced. 🤖🔐 #CredentialTheft #AIDrivenThreats

TeamPCP’s attack spree slows, but threat escalates with ransomware pivot - Help Net Security TeamPCP has shifted from supply chain expansion to monetization of existing credential harvests by partnering with ransomware attackers.

TeamPCP highlights how supply chain attacks are fueling ransomware - compromise once, impact many. The attackers scale faster than defenders. 🔗💥 #SupplyChainSecurity #Ransomware

Healthcare tech firm CareCloud says hackers stole patient data Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours.

CareCloud confirms hackers stole patient data — healthcare remains a high-value target where sensitive data meets operational urgency. Breaches here hit both privacy and care. 🏥⚠️ #Healthcare #DataBreach

Beyond Alert Fatigue: What European SOCs Actually Struggle With Results from a Survey among SOC professionals from the region on what is the state of AI in SecOps in Europe

Beyond alert fatigue, European SOCs are struggling with prioritization, visibility, and talent gaps - the challenge isn’t just volume, it’s making sense of the noise. 🎯⚠️ #SOC #CyberOperations

China Upgrades the Backdoor It Uses to Spy on Telcos Globally Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.

China-linked actors are upgrading backdoors to spy on telecom networks - persistence and stealth are reaching new levels. Critical infrastructure remains a prime target. 🕵️‍♂️📡 #CyberEspionage #TelcoSecurity

AFC Ajax drops ball as hackers transfer tickets, lift bans : Vulns in Dutch football club's systems didn't just expose data – they let outsiders play with accounts, and even lift stadium bans

AFC Ajax’s lapse highlights how even top-tier organizations can drop the ball on security basics - reputation doesn’t replace resilience. ⚽⚠️ #SecurityBasics #CyberRisk

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure - Help Net Security Exposed credentials continue to spread through code and internal systems, increasing risk as leaks persist longer and reach more tools.

Exposed credentials remain a top breach vector - leaked secrets in code, logs, and configs continue to open the door. If it’s in plaintext, assume it’s compromised. 🔑⚠️ #SecretsManagement #CredentialSecurity

FBI confirms hack of Director Patel's personal email inbox The Handala hackers associated with Iran have breached the personal email account of FBI Director Kash Patel and published photos and documents.

The FBI confirms the hack of Director Patel’s personal email - even top officials aren’t immune when personal and professional boundaries blur. Security must be consistent everywhere. 📧⚠️ #EmailSecurity #CyberRisk

Planning a spring break trip? Don’t fall for these 7 travel scams Spring break scams are out to ruin your vacation, but they don't have to. With a little awareness and Avast Free Antivirus protecting your devices, you can hit the beach without handing criminals an…

Planning a spring break trip? Scammers are too - fake bookings, phishing deals, and “too good to be true” offers are on the rise. Stay sharp before you pack. ✈️⚠️ #Scams #CyberAwareness

1K+ cloud environments infected via Trivy attack RSAC 2026: Crims 'creating a snowball effect' across open source projects

Over 1,000 cloud environments were infected following a supply-chain compromise — one weak link, massive blast radius. Cloud scale amplifies everything. ☁️💥 #SupplyChainRisk #CloudSecurity

www.theregister.com/2026/03/24/1...

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner FAUX#ELEVATE phishing deploys stealers and miners via fake resumes, targeting enterprise systems, enabling rapid credential theft in 25 seconds.

Hackers are using fake résumés to steal data and deploy malware - HR inboxes have become prime entry points. Hiring season is attack season. 📄🎯 #SocialEngineering #Malware

thehackernews.com/2026/03/hack...

Salt Typhoon Builds Out Malware Arsenal With GhostSpider The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.

A new threat intel snapshot highlights how fast attackers are evolving tactics — speed, stealth, and scale are redefining the battlefield. Standing still is the biggest risk. ⚡🕵️‍♂️ #ThreatIntelligence #CyberRisk

www.darkreading.com/threat-intel...

Your security stack looks fine from the dashboard and that's the problem - Help Net Security Enterprise endpoint security gaps cost companies $49M yearly in downtime as 1 in 5 devices runs outside enforceable protection.

CISOs report widening endpoint security gaps — visibility, patching, and control are struggling to keep pace with threat speed. Endpoints remain the weakest link. 💻⚠️ #EndpointSecurity #CyberRisk

www.helpnetsecurity.com/2026/03/25/c...

PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution.

PTC warns of an imminent threat from a critical Windchill FlexPLM RCE flaw — attackers are already circling. Patch now before exploitation scales. 🛠️🚨 #Vulnerability #RCE

www.bleepingcomputer.com/news/securit...

Cybercrime isn't just a cover for Iran's government goons : Ransomware, malware-as-a-service, infostealers benefit MOIS, too

Iran’s MOIS-linked cybercrime operations highlight how state actors blur lines between espionage, crime, and disruption. In cyberspace, attribution and intent rarely come clean. 🕵️‍♂️⚠️ #NationState #CyberEspionage

Middle East Conflict Highlights Cloud Resilience Gaps Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well.

Middle East tensions are exposing gaps in cloud resilience - geopolitics now tests digital infrastructure. Availability is a strategic asset. 🌍☁️ #CloudResilience #GeopoliticalRisk

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows Learn to audit AI agents and stop data leaks. Join our webinar to find hidden risks and secure your modern agentic workflows.

AI data leaks are becoming a real enterprise risk — prompts, plugins, and integrations can quietly expose sensitive information. Guardrails must grow with adoption. 🤖🔓 #AISecurity #DataProtection

HR, recruiters targeted in year-long malware campaign - Help Net Security An attack campaign targeting HR departments and job recruiters has been stealthily compromising company systems.

Recruiters are being targeted with malware-laced résumés — attackers know hiring inboxes are always open. Curiosity can be a compromise vector. 📄⚠️ #Malware #RecruitmentRisk

New ‘BlackSanta’ EDR killer spotted targeting HR departments For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

New BlackSanta EDR-killer malware is targeting HR departments — attackers are aiming where data and trust intersect. Even people teams are now frontline targets. 🎯💀 #EDREvasion #SocialEngineering

www.bleepingcomputer.com/news/securit...

How Deepfakes and Injection Attacks Are Breaking Identity Verification Deepfakes and injection attacks are targeting identity verification moments, from onboarding to account recovery. Incode explains why enterprises must validate the full session—media, device…

Deepfakes and injection attacks are breaking identity verification — synthetic voices and faces are outsmarting legacy checks. Trust now needs layered proof. 🎭🔐 #IdentityFraud #Deepfake

Tug-of-War Over Firewall Backlogs Between Security & Developers Speed and security historically clash, but as technology advances, it's increasingly important for developers and security teams to get on the same page.

AI-driven development is outpacing firewall backlogs — innovation is accelerating while security queues grow. Speed without alignment widens the gap. 🚀⚠️ #CloudSecurity #DevSecOps

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

A new Chrome vulnerability allowed malicious sites to bypass protections — browsers remain a prime battlefield. Patch fast, browse smart. 🌐⚠️ #BrowserSecurity #VulnerabilityAlert

CyberStrikeAI tool adopted by hackers for AI-powered attacks Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet…

Hackers are adopting the CyberStrikeAI tool to power AI-driven attacks — automation is accelerating reconnaissance and exploitation. Adversaries now code at machine speed. 🤖⚔️ #AIAttacks #ThreatInnovation

AI went from assistant to autonomous actor and security never caught up - Help Net Security AI agent security 2026: why autonomous systems are outpacing enterprise controls and what security teams need to do about it before a breach.

Enterprise AI agents in 2026 demand tighter controls — privilege boundaries, monitoring, and auditability must evolve with autonomy. Smart agents need smarter governance. 🤖🔐 #AIAgents #EnterpriseSecurity

www.helpnetsecurity.com/2026/03/03/e...