Agentic AI in Classified Networks Has a Security Problem Already
Agentic AI is moving into defense networks fast. The security infrastructure underneath it isn't keeping pace.
Threats
Two npm Worms Are Stealing Secrets and Rewriting Code
IronWorm and a new Miasma variant have compromised over 50 npm packages, stealing credentials and self-propagating through GitHub repositories.
Hola Browser's Supply Chain Breach Quietly Installed a Monero Miner
A cryptominer was found inside the Windows version of Hola Browser after a supply chain compromise went undetected until routine certification checks flagged it
Android Spyware Asin Targets Arabic Journalists Through Fake Conflict Apps
ESET has identified Android spyware called Asin spreading through fake news, PDF, and war map apps targeting Arabic-speaking users since early 2025.
Cisco's Unified CM Has a File-Write Flaw and Public Exploit Code
CVE-2026-20230 lets unauthenticated attackers write files and escalate to root. A public PoC exists and the version 15 patch isn't due until September.