Daily Security Briefing #188
- DjediTech
- Security , Newsletter
- March 9, 2026
Table of Contents
March 9, 2026 | Read Online
GRIDTIDE disrupted, Chinese espionage campaigns exposed, and AI training data poisoning…
Executive Summary
Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent GRIDTIDE campaign disruption highlights collaborative efforts between industry partners. Meanwhile, critical vulnerabilities in various systems have been exposed, including a new attack against Wi-Fi and a Chinese-linked espionage campaign targeting critical infrastructure across Asia. Additionally, AI training data poisoning has become a growing concern.
Top Articles
Accelerate Attack Surface Discovery with New AI-Powered Connectors Rapid7’s Command Platform provides comprehensive attack surface management, offering teams the visibility they need to detect security issues from endpoint to cloud. This 360° view of all assets and associated risks enables proactive exposure management. rapid7.com
New Attack Against Wi-Fi: AirSnitch AirSnitch exploits core features in Layers 1 and 2, allowing attackers to view sensitive information. This cross-layer identity desynchronization enables powerful bidirectional machine-in-the-middle attacks. schneier.com
China-Nexus Activity Against Qatar Observed Amid Expanding Regional Tensions Check Point Research has observed increased activity by Chinese-nexus APT actors in the region, particularly targeting Qatar. The attackers leveraged ongoing war tensions to deploy a variant of PlugX malware. checkpoint.com
MaaS VIP Keylogger Campaign Uses Steganography to Steal Credentials at Scale A large-scale spear-phishing campaign distributing a VIP Keylogger variant sold as Malware-as-a-Service (MaaS) employs steganography, in-memory execution, and modular payload design to evade defenses. gbhackers.com
Fake AI Browser Extensions Expose Chat Data Across 20,000 Enterprises Microsoft Defender researchers have warned about malicious browser extensions impersonating AI assistant tools that secretly collect chat histories and browsing data from enterprise users. cyberpress.org
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. thehackernews.com
How AI Assistants are Moving the Security Goalposts AI-based assistants or “agents” are growing in popularity, but also rapidly shifting security priorities for organizations. These powerful tools blur the lines between data and code. krebsonsecurity.com
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.