Security Advisories

CyberStash Advisory Agentic AI Risk and Cybersecurity: Separating Fact from Fiction A strategic advisory on agentic AI risk, shadow AI, autonomous agents, AI governance and the future of digital defence. May 2026 Download Full Report View Cyber Security Advisories → Agentic AI risk is becoming a strategic cybersecurity issue as AI systems move beyond chat interfaces and begin accessing data, connecting to systems, triggering workflows and influencing business decisions. This CyberStash advisory examines the real impact of AI on cybersecurity and separates practical risk from vendor hype. It explores how AI is accelerating vulnerability discovery, reconnaissance, phishing, code analysis, fraud preparation, security operations and defensive triage. The report also examines the rise of personal AI agents, browser agents, desktop AI tools, MCP-based integrations and embedded SaaS AI capabilities. These systems are shifting AI from a simple productivity interface into an operating layer that can touch enterprise data, applications and business workflows. AI will not remove the need for cybersecurity fundamentals. It will make weak fundamentals more expensive. Why Agentic AI Risk Matters Agentic AI risk is different from traditional software risk because AI agents may be able to retrieve context, call tools, use permissions and take actions across business systems.…

Threat Intelligence Advisory Arkanix and the Rise of AI-Accelerated Stealer Frameworks AI-assisted malware development may be compressing the traditional cybercrime lifecycle from years to weeks. Download Full Report Subscribe for weekly briefings → The emergence of Arkanix Stealer highlights a significant shift in cybercrime operations. Rather than being notable for technical sophistication, the campaign demonstrated how quickly a fully functional malware-as-a-service platform can now be developed, marketed, and monetised. Appearing in late 2025, Arkanix rapidly delivered modular credential-stealing capabilities including browser data harvesting, cryptocurrency wallet extraction, encrypted exfiltration, and configurable payload modules. Evidence suggests the framework may have been built using AI-assisted coding workflows, dramatically accelerating the traditional malware development lifecycle. Although the infrastructure was dismantled after only a short operational period, the campaign reveals a broader trend: attackers leveraging AI-driven tooling to rapidly build and iterate malware frameworks. This acceleration may significantly shrink defenders’ response windows and increase the volume of rapidly evolving threats. This advisory examines the Arkanix architecture, operational tradecraft, and the strategic implications of AI-accelerated malware development, along with practical detection opportunities and defensive recommendations for modern security operations. Read more: Download the full report

Advisory • High Priority APT28 Campaign Uses Office Security Bypass (CVE-2026-21509) Russia-linked APT28 rapidly weaponised CVE-2026-21509 following disclosure, combining phishing, evasive execution chains, and cloud-hosted infrastructure to accelerate compromise. Download Full Report Subscribe for weekly briefings → Since its disclosure and patch release in January 2026, CVE-2026-21509 has been actively exploited by the Russia-linked advanced persistent threat group APT28. The campaign combines spear phishing, evasive execution chains, and cloud-hosted command-and-control infrastructure to minimise detection opportunities and accelerate initial compromise. This activity reflects a broader shift in advanced threat operations: rapidly operationalising newly disclosed vulnerabilities, leveraging trusted cloud services to blend malicious activity with legitimate traffic, and using multi-stage payload delivery to bypass traditional endpoint defences. The speed of exploitation highlights the diminishing window between patch release and real-world attacks. This advisory summarises the observed tradecraft, outlines the strategic implications for enterprise security programs, and provides practical recommendations to strengthen detection, response, and resilience against rapidly evolving nation-state tactics. Read more: Download the full report