AI Coding Agents Triggering Security Alerts, GhostLock Flaw Exposed
Summary
Today's intelligence reveals a threat landscape where the tools designed to accelerate development are themselves creating new detection challenges. AI coding agents are now triggering endpoint security rules designed to catch human attackers, while a newly disclosed 15-year-old Linux kernel flaw, GhostLock, puts every unpatched distribution at risk of full root compromise. The volume of alleged data breaches remains high, with a notable concentration of activity from the DR4K7H CYBER TEAM targeting government entities across Indonesia, India, and Argentina, and high-profile claims against Binance, Nike, and Deloitte.
Today's developments
The intersection of AI and security is producing unexpected friction. Industry researchers at Sophos reported that AI coding agents such as Claude Code, Cursor, and OpenAI Codex are triggering endpoint detection rules by performing actions that mimic malicious behavior, such as decrypting browser credentials. This is not malicious activity, but it creates significant signal-to-noise problems for security operations centers. Separately, researchers have demonstrated a new attack vector called "HalluSquatting," where attackers register package names that AI coding assistants hallucinate, potentially leading to the installation of botnet malware. These developments underscore the need for security teams to tune their detection rules to account for legitimate AI tooling.
A critical infrastructure alert was issued regarding GhostLock (CVE-2026-43499), a 15-year-old Linux kernel vulnerability that allows any logged-in user to gain root access. The flaw has been present by default in essentially all mainstream Linux distributions since 2011. CISA also added four actively exploited flaws to its KEV catalog, including a critical path traversal in Adobe ColdFusion (CVE-2026-48282, CVSS 10.0) and vulnerabilities in Joomla and Langflow. Patching these should be an immediate priority.
The alleged data breach landscape is crowded, with several high-value targets surfacing:
- Binance: Actor "olvidado" claims to have breached the cryptocurrency exchange, targeting users in the United Kingdom and the United States. The alleged data includes 75,000 records.
- Nike and Alcon: Actor "Nocturne" claims breaches of the US apparel giant and the Swiss healthcare company, marking a dual-industry hit.
- Deloitte: Actor "grave" alleges a breach of the UK-based professional services firm.
- Government targets: The DR4K7H CYBER TEAM (D C T) is highly active, claiming breaches of the Indonesian Directorate General of Highways, the Indonesian National Police, the Kerala Farmers' Welfare Fund in India, and the San Juan provincial government in Argentina. This actor appears to be conducting a broad, politically motivated campaign.
- Other notable claims: Alleged breaches include NASA Earthdata (actor: Akatsuki cyber team), Saudi Capital Market Authority (actor: Exchange Markets), Heavy Industries Taxila in Pakistan (actor: Cyb3R_Shubh4M), and the French Equestrian Federation (actor: Apt90x).
Threat landscape signals
The data shows a clear concentration of activity from a small number of actors. Meta Yadro Legion accounted for 30 events, though its specific targeting is not detailed in the critical exposure list. DR4K7H CYBER TEAM, with 7 events, is demonstrating a focused and effective campaign against government and public sector entities in South and Southeast Asia. The United States remains the top victim country with 31 events, followed by Germany and France, indicating a persistent focus on Western targets.
The mix of tactics is notable. While data breaches dominate (60 events), the presence of 24 ransomware events and 14 DDoS attacks suggests a diversified threat landscape. The appearance of a "Combo List" and "Malware" event, while low in volume, indicates that credential stuffing and initial access brokering remain active underground markets. The alleged sale of "Emergency Data Requests" and "Virtual Credit Card (VCC) Data" further highlights the commoditization of access and financial fraud tools on dark web forums. Defenders should prioritize patching GhostLock and the newly added CISA KEV flaws, while tuning detection rules to differentiate between AI coding agents and actual malicious activity.