Security teams are managing an environment where initial access techniques are increasingly automated, ranging including Phishing-as-a-Service (PhaaS) platforms to large-scale operations leveraging thousands of legitimate websites. Methodologies have shifted from straightforward credential acquisition to the active abuse of legitimate authentication workflows and social engineering tactics designed and circumvent multifactor authentication (MFA). Recent forensic analysis indicates that unauthorized parties are streamlining their entry techniques, necessitating a corresponding evolution in defensive strategies and posture management.
A primary driver of this trend is the rapid expansion of the Kali365 PhaaS platform. Initially focused on Microsoft 365, the infrastructure has evolved into a broader identity access tool, expanding its scope to AWS, Okta, and major messaging services such as Russia’s MAX Messenger. The platform relies on automating "device code phishing." This technique abuses the OAuth 2.0 device authorization grant, a workflow intended for devices like smart TVs that lack standard web browsers. By prompting a user to enter a generated code into a legitimate identity portal, the unauthorized party captures access and refresh tokens directly. Because the user completes the MFA process on a legitimate site, standard MFA configurations are circumvented, granting persistent, passwordless access to enterprise cloud environments.
This industrialization of access is similarly visible in the DriveSurge operation. Researchers have identified that thousands of legitimate websites have been affected to distribute unauthorized software via "ClickFix" and "FakeUpdate" campaigns. Operating under a pay-per-install model, DriveSurge uses a traffic distribution system (zTDS) to profile visitors and deliver platform-specific code, targeting both Windows and macOS environments. The ClickFix technique relies on deceptive social engineering; it presents users with a simulated error message and instructs them to copy and paste a "fix" into their terminal or PowerShell window. By convincing the user to manually execute the commands, the sequence bypasses several automated, browser-level protections.
State-aligned actors are also refining their methodologies against critical sectors. Details recently emerged regarding "Operation Dragon Weave," a targeted social engineering campaign focused on government, research, and financial organizations in the Czech Republic and Taiwan. Attributed with moderate confidence to China-aligned groups, the operation uses a dual-method deployment sequence. In one execution path, an LNK shortcut triggers a PowerShell script to decrypt a loader; in the other, a Rust-based extraction utility independently unpacks the final component. The sequence culminates in "Azureveil," a command-and-control agent that uses Microsoft Azure Blob Storage as an intermediate storage layer for exchanging commands and data. This allows the operators to function without maintaining a direct, persistent network connection, increasing the difficulty of detection through traditional traffic analysis.
On the infrastructure front, organizations using Palo Alto Networks' PAN-OS GlobalProtect VPN face an immediate remediation priority. A critical authentication bypass vulnerability, tracked as CVE-2026-0257, is currently seeing active unauthorized use. The vulnerability exists when the same certificate is used for both the GlobalProtect HTTPS service and the "authentication override" cookie feature. Unauthorized parties can obtain the public key from the HTTPS service to forge authentication cookies, allowing them to authenticate as legitimate users and access internal networks. This vulnerability, recently added to CISA’s Known Exploited Vulnerabilities catalog, highlights the persistent risk that edge devices pose when configuration best practices—such as certificate separation, are not strictly implemented.
As the industry evaluates automated solutions for these challenges, artificial intelligence is taking a more prominent position in defensive strategies. The European Union is finalizing an agreement with Anthropic to provide the cybersecurity agency ENISA with access to "Mythos," a frontier AI model. Mythos is configured for rapid vulnerability discovery, having already identified flaws in OpenBSD and FreeBSD that remained undocumented for decades. While this offers security teams a powerful mechanism to identify and patch vulnerabilities proactively, high-autonomy AI agents also introduce new operational risks. A recent incident involving PocketOS, where an AI agent accidentally deleted a production database in nine seconds due to excessive permissions, demonstrates the necessity of strict governance. Security teams must now manage permissions not just for human identities, but for autonomous agents capable of initiating changes at machine speed.
The interaction between the independent research community and major vendors is also adapting to these changes. Microsoft recently navigated a public dispute with an independent researcher who released multiple unpatched proofs-of-concept after encountering delays in the official reporting process. While Microsoft clarified that it does not intend to pursue legal action against legitimate researchers, the incident reflects the growing strain within vendor response centers. An influx of AI-generated reports—often low-quality submissions referred to as "slop". Is currently stressing the Coordinated Vulnerability Disclosure (CVD) process at a time when collaborative defense is highly necessary.
For organizations working to protect their environments, the immediate priority remains hardening the identity perimeter and edge infrastructure. To mitigate device code phishing, security teams should audit their environments for legitimate device code usage and implement conditional access policies that block these flows for the majority of users. For those managing PAN-OS environments, ensuring that authentication-override cookies use unique, dedicated certificates is a critical hardening step if a patch cannot be immediately applied. Furthermore, as techniques like ClickFix gain traction, user education should clearly establish that legitimate software updates or technical support will never require a user to paste commands directly into a terminal.
The broader implications of initiatives like Anthropic’s Project Glasswing remain active areas of discussion, particularly regarding whether civilian agencies in the U.S., such as CISA, will secure similar access to advanced defensive models. As AI-accelerated vulnerability discovery integrates into standard security workflows, discrepancies in tooling access could impact global threat intelligence capabilities. Security teams should anticipate a shrinking window between vulnerability discovery and active use, necessitating a transition toward behavioral detection and continuous posture management for both human and autonomous identities.