Security Digest — 2026-03-07

AI is reshaping both sides of cybersecurity today: defenders are deploying models to find vulnerabilities at scale, while threat actors are leveraging AI to accelerate and broaden every stage of their attacks.

---

AI Security Research

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues The Hacker News

OpenAI launched Codex Security, an AI-powered agent that finds, validates, and proposes fixes for vulnerabilities in codebases. In a research preview for Pro, Enterprise, Business, and Edu users, it scanned 1.2 million commits and surfaced over 10,000 high-severity issues.

Microsoft: Hackers Abusing AI at Every Stage of Cyberattacks BleepingComputer

Microsoft reports that threat actors are increasingly integrating AI across the full cyberattack lifecycle — accelerating reconnaissance, scaling phishing, and lowering technical barriers for less-skilled attackers. The trend signals a structural shift in offensive capabilities.

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model The Hacker News

In a two-week security research partnership with Mozilla, Anthropic used Claude Opus 4.6 to discover 22 previously unknown Firefox vulnerabilities — 14 rated high severity. All issues were patched in Firefox 148, demonstrating AI-assisted fuzzing and code analysis at production scale.

---

Vulnerabilities & Exploits

Termite Ransomware Breaches Linked to ClickFix CastleRAT Attacks BleepingComputer

The ransomware group tracked as Velvet Tempest is combining the ClickFix social-engineering technique with legitimate Windows utilities to drop DonutLoader malware and the CastleRAT backdoor, linking a wave of recent breaches to coordinated Termite ransomware campaigns.