Daily Security Briefing #186

March 7, 2026 | Read Online

AI-driven security solutions and vulnerabilities exposed, US Cyber Strategy unveiled, and ransomware attacks linked to ClickFix CastleRAT…

Executive Summary

Artificial intelligence (AI) continues to play a crucial role in cybersecurity, with both positive and negative implications. OpenAI’s Codex Security has been introduced, aiming to automate vulnerability discovery and remediation. Meanwhile, AI-powered security research has identified 22 major vulnerabilities in Firefox Browser. Additionally, Microsoft warns that hackers are increasingly using AI at every stage of cyberattacks.

Top Articles

OpenAI’s Codex Security Built to Automate Vulnerability Discovery and Remediation OpenAI has officially introduced Codex Security, an advanced application security agent designed to automate vulnerability discovery and remediation. Formerly known as Aardvark, the tool is now available in a research preview. It aims to eliminate the bottleneck of manual security reviews by combining state-of-the-art AI models with automated validation. GBHackers

Malicious Browser Add‑on Targets imToken Users’ Private Keys A highly deceptive Google Chrome extension, named “lmΤoken Chromophore,” has been discovered to steal private keys and seed phrases from cryptocurrency users. The malicious add-on disguises itself as a harmless hex color visualizer for developers and digital artists. GBHackers

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues OpenAI’s Codex Security has scanned over 1.2 million commits and identified 10,561 high-severity issues in a research preview. The feature is available to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex web with free usage for the next month. The Hacker News

OpenAI Rolls Out Codex Security in Research Preview for Context‑Aware Vulnerability Detection OpenAI has officially introduced Codex Security, an advanced application security agent designed to automate vulnerability discovery and remediation. Formerly known as Aardvark, the tool is now available in a research preview. CyberPress

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model Anthropic’s frontier AI model, Claude Opus 4.6, successfully identified 22 novel vulnerabilities in Mozilla Firefox over a two-week period in February 2026. The issues were addressed in Firefox 148, released late last month. The Hacker News

Microsoft: Hackers abusing AI at every stage of cyberattacks Threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack. Bleeping Computer

Termite ransomware breaches linked to ClickFix CastleRAT attacks Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. Bleeping Computer

Claude AI Discovers 22 Major Vulnerabilities in Firefox Browser in 14 Days Anthropic’s frontier AI model, Claude Opus 4.6, successfully identified 22 novel vulnerabilities in Mozilla Firefox over a two-week period in February 2026. CyberPress

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies The Trump administration has released its long-awaited cyber strategy, calling for stronger deterrence against cyber adversaries, modernization of federal networks, protection of critical infrastructure, and investment in technologies such as AI and post-quantum cryptography. SecurityWeek

Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare The Pentagon’s CTO, Emil Michael, said the military is developing procedures for enabling different levels of autonomy in warfare depending on the risk posed. SecurityWeek

The long-awaited Trump cyber strategy has arrived The administration also released an executive order on cybercrime and fraud. CyberScoop

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.