Kevin Poireault

In a soon-to-be released interview, Jamieson O'Reilly, OpenClaw’s security advisor, warned that we need to develop more ways to “scan AI tools” for detecting “human-language malware.”

With the Promptfoo acquisition, OpenAI now wants to do just that.

www.infosecurity-magazine.com/news/openai-...

Unauthenticated Backup Download with Encryption Key Disclosure ## Summary The `/api/backup` endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the `X-Backup-Security` response header. This allow...

🔎 GitHub advisory: github.com/0xJacky/ngin...
💾 View JSON: cveawg.mitre.org/api/cve/CVE-...

VulnWatch Monday: CVE-2026-27944 🔓

A critical vulnerability in Nginx UI allows unauthenticated attackers to download and decrypt full system backups. It affects all versions before 2.3.2.

VulnWatch Monday: CVE-2025-71210 🔓

Trend Micro has issued patches addressing several vulnerabilities in Apex One, with severity levels ranging from high to critical.

Some of the issues impact the management console and could potentially allow RCE.

success.trendmicro.com/en-US/soluti...

The digital front: Iran’s internet down for second day amid reports of U.S.-Israel cyberattacks Iran is facing widespread internet disruptions following the U.S.-Israeli airstrikes over the weekend.

"Iran remains in .. near-total internet blackout as the US & Israel strike the country. National connectivity is at 1% of ordinary levels .. Iran often imposes blackouts during conflicts & unrest .. U.S. and Israeli cyberattacks may also be the cause." www.cnbc.com/2026/03/02/i... @cnbc.com

Le régulateur russe des télécoms, Roskomnadzor, a désormais banni 469 services VPN, d’après l’agence de presse russe Ria Novosti.

Courts-circuits | 23 février-1er mars 2026

coupecircuit.substack.com/p/469-vpn-bl...

Comment le blackout internet en Iran redessine le rôle du secteur privé

🇮🇷 La coupure internet en Iran a mis en avant le rôle du secteur privé dans la censure numérique.

Iran : analyse d’une coupure internet sans précédent - partie 2/3

coupecircuit.substack.com/p/comment-le...

𝐅𝐥𝐚𝐰𝐬 𝐢𝐧 𝐏𝐨𝐩𝐮𝐥𝐚𝐫 𝐒𝐨𝐟𝐭𝐰𝐚𝐫𝐞 𝐃𝐞𝐯𝐞𝐥𝐨𝐩𝐦𝐞𝐧𝐭 𝐀𝐩𝐩 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧𝐬 𝐀𝐥𝐥𝐨𝐰 𝐃𝐚𝐭𝐚 𝐄𝐱𝐟𝐢𝐥𝐭𝐫𝐚𝐭𝐢𝐨𝐧

Researchers at OX Security have detected four vulnerabilities in three of the most popular IDEs that could lead to cyber-attacks.

📰 www.infosecurity-magazine.com/news/vulnera...

La Russie a bloqué l’accès à Telegram, WhatsApp et YouTube.

Le Kremlin veut pousser l’utilisation de ses propres applications alternatives comme la messagerie instantanée Max et promeut un “internet souverain”...

coupecircuit.substack.com/p/spaciba-te...

VulnWatch Monday: CVE-2026-2441 🔓

Google has released a security update to patch a newly discovered zero-day in Chrome.

The tech giant also confirmed that it “is aware that an exploit for CVE-2026-2441 exists in the wild.”

www.infosecurity-magazine.com/news/google-...

🇺🇬 Des SMS pro-Museveni envoyés aux clients de MTN en plein blackout numérique

La nouvelle édition de Courts-circuits (2-8 février 2026), c'est par-ici : coupecircuit.substack.com/p/des-sms-pr...

𝐇𝐚𝐜𝐤𝐢𝐧𝐠 𝐂𝐚𝐦𝐩𝐚𝐢𝐠𝐧 𝐄𝐱𝐩𝐥𝐨𝐢𝐭𝐬 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐖𝐢𝐧𝐝𝐨𝐰𝐬 𝐖𝐢𝐧𝐑𝐀𝐑 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, researchers at Check Point have said.

www.infosecurity-magazine.com/news/hacking...

Comment l’Iran a coupé internet pour près de 90 millions de personnes

🇮🇷 On explore ce qu'il s'est passé, exactement, pour l'internet iranien en janvier. Chiffres, graphiques & chronologie à l'appui 📊

Iran : analyse d’une coupure internet sans précédent 1/3
coupecircuit.substack.com/p/comment-li...

𝐎𝐩𝐞𝐧𝐂𝐥𝐚𝐰 𝐚𝐧𝐝 𝐌𝐨𝐥𝐭𝐛𝐨𝐨𝐤 𝐖𝐞𝐧𝐭 𝐕𝐢𝐫𝐚𝐥 – 𝐒𝐨 𝐃𝐢𝐝 𝐓𝐡𝐞𝐢𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐒𝐡𝐨𝐫𝐭𝐜𝐨𝐦𝐢𝐧𝐠𝐬

New @6mile.githax.com findings reveal 386 fake crypto trading 'skills' linked to the viral OpenClaw AI assistant tool (aka Moltbot/Clawdbot) can lead users to install infostealers.

📰 www.infosecurity-magazine.com/news/malicio...

𝗖𝘆𝗯𝗲𝗿𝗰𝗿𝗶𝗺𝗲 𝗨𝗻𝗶𝘁 𝗼𝗳 𝗣𝗮𝗿𝗶𝘀 𝗣𝗿𝗼𝘀𝗲𝗰𝘂𝘁𝗼𝗿𝘀 𝗥𝗮𝗶𝗱 𝗘𝗹𝗼𝗻 𝗠𝘂𝘀𝗸’𝘀 𝗫 𝗢𝗳𝗳𝗶𝗰𝗲𝘀 𝗶𝗻 𝗙𝗿𝗮𝗻𝗰𝗲

🇫🇷 The cybercrime unit of the Paris Prosecutor’s Office raided X offices in Paris.

Musk and Linda Yaccarino were summoned for voluntary interviews in Paris on April 20.

📰 www.infosecurity-magazine.com/news/paris-p...

Notepad++ compromised in supply chain attack from June to December 2025 by “likely Chinese state-sponsored actor”. notepad-plus-plus.org/news/hijacke...

🚨Ivanti advisory: forums.ivanti.com/s/article/Se...
🔎 watchTowr analysis: labs.watchtowr.com/someone-know...
🐞 CISA KEV: www.cisa.gov/known-exploi...
💾 View JSON: cveawg.mitre.org/api/cve/CVE-...

🔓 𝗩𝘂𝗹𝗻𝗪𝗮𝘁𝗰𝗵 𝗙𝗿𝗶𝗱𝗮𝘆: 𝗖𝗩𝗘-𝟮𝟬𝟮𝟲-𝟭𝟮𝟴𝟭

Ivanti announced emergency patches for two critical vulnerabilities, tracked as CVE-2026-1281 and CVE-2026-1340, in EPMM that have been exploited in the wild as zero-days.

𝗡𝗲𝘄 𝗔𝗜-𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗱 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗖𝗮𝗺𝗽𝗮𝗶𝗴𝗻 𝗧𝗮𝗿𝗴𝗲𝘁𝘀 𝗜𝗿𝗮𝗻𝗶𝗮𝗻 𝗣𝗿𝗼𝘁𝗲𝘀𝘁𝘀

🇮🇷 HarfangLab has reported that a new malicious campaign is spreading malware against people in Iran, likely including NGOs and individuals involved in documenting recent human rights abuses.

📰 www.infosecurity-magazine.com/news/ai-malw...

𝗡𝗘𝗪 - 𝗙𝗿𝗮𝗻𝗰𝗲 𝗙𝗶𝗻𝗲𝘀 𝗡𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗘𝗺𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝗔𝗴𝗲𝗻𝗰𝘆 𝗮 €𝟱𝗺 𝗢𝘃𝗲𝗿 𝟮𝟬𝟮𝟰 𝗗𝗮𝘁𝗮 𝗕𝗿𝗲𝗮𝗰𝗵

France Travail has received a €5m fine from France's data protection regulator for security failures that led to the compromise of an estimated 43 million jobseekers.

📰 www.infosecurity-magazine.com/news/france-...

𝗡𝗘𝗪 - 𝗙𝗕𝗜 𝗧𝗮𝗸𝗲𝘀 𝗗𝗼𝘄𝗻 𝗥𝗔𝗠𝗣 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗙𝗼𝗿𝘂𝗺

RAMP's clear and dark web sites are down and have been replaced by an FBI banner.

@sophossecurity.bsky.social @curatedintel.bsky.social @ransomware.live @ransomlook.bsky.social

📰 www.infosecurity-magazine.com/news/fbi-tak...

Des signes montrent un fragile retour d'une certaine forme de connectivté depuis l'Iran 🇮🇷

Mais la réalité pourrait être plus complexe...

📰 coupecircuit.substack.com/p/retour-de-...

🚨 Broadcom/VMware advisory: support.broadcom.com/web/ecx/supp...
📢 CISA KEV entry: www.cisa.gov/known-exploi...
📋 View JSON: www.cisa.gov/known-exploi...

🔓 𝐕𝐮𝐥𝐧𝐖𝐚𝐭𝐜𝐡 𝐌𝐨𝐧𝐝𝐚𝐲: 𝐂𝐕𝐄-2024-37079

CISA added a critical vulnerability affecting VMware vCenter Server to its known exploited vulnerabilities (KEV) list despite the flaw being patched in June 2024.

Authentication Bypass to RCE in Versa Concerto — ProjectDiscovery Blog Introduction Versa Concerto is a widely used network security and SD-WAN orchestration platform, designed to provide seamless policy management, analytics, and automation for enterprises. With a grow...

🚨ProjectDiscovery alert: projectdiscovery.io/blog/versa-c...
🔎 Versa advisory: security-portal.versa-networks.com/emailbulleti...
📢 CISA KEV: www.cisa.gov/known-exploi...
💾 View JSON: cveawg.mitre.org/api/cve/CVE-...

🔓 𝗩𝘂𝗹𝗻𝗪𝗮𝘁𝗰𝗵 𝗙𝗿𝗶𝗱𝗮𝘆: 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟯𝟰𝟬𝟮𝟲

An authentication bypass in the Versa Networks Concerto SD-WAN orchestration platform that could allow an attacker to access administrative endpoints has been added to CISA's KEV catalog, confirming of active exploitation in the wild.

🚨 TP-Link advisory: www.tp-link.com/us/support/f...
💾 View JSON: cveawg.mitre.org/api/cve/CVE-...

🔓 VulnWatch Monday: CVE-2026-0629

TP-Link has released fixes for a major security vulnerability affecting 32 of its VIGI C and VIGI InSight professional surveillance cameras, which could allow attackers to seize full control of vulnerable devices.

%kb_name - %short_descr - Knowledge Portal

🚨 Sitecore advisory: support.sitecore.com/kb?id=kb_art...
🔎 Mandiant report: cloud.google.com/blog/topics/...
🆕 Cisco Talos report: blog.talosintelligence.com/uat-8837/
💾 View JSON: cveawg.mitre.org/api/cve/CVE-...

🔎 VulnWatch Friday: CVE-2025-53690 🔓

China-linked hacking group UAT-8837 is exploiting CVE-2025-53690 (Sitecore vulnerability) to breach North American critical infrastructure, deploying the WeepSteel backdoor, according to @talosintelligence.com.