AI Security Roundup

Friday Squid Blogging: Bigfin Squid Article about the bigfin squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation …

** Ravie Lakshmanan ** May 17, 2026 Server Security / Vulnerability A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its …

** Ravie Lakshmanan ** May 17, 2026 Data Breach / Cybercrime Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s …

** Ravie Lakshmanan ** May 16, 2026 Vulnerability / Website Security A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild …

ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934

This is a Guest Diary by Gokul Prema Thangavel, an ISC intern as part of the SANS.edu Bachelor Degree Program. Introduction The SHA-256 a8460f446be540410004b1a8db4083773fa46f7fe76fa84219c93daa1669f8f2 …

** Ravie Lakshmanan ** May 15, 2026 Vulnerability / Credential Theft The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco …

Bypassing On-Camera Age-Verification Checks Some AI-based video age-verification checks can be fooled with a fake mustache . Tags: AI , biometrics Posted on May 15, 2026 at 7:06 AM • 14 Comments

** Ravie Lakshmanan ** May 15, 2026 Microsoft / Vulnerability Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active …

** The Hacker News ** May 15, 2026 Endpoint Security / Threat Detection In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust , we made a simple argument: the most …

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production …

** Ravie Lakshmanan ** May 15, 2026 Vulnerability / AI Security Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege …

** Ravie Lakshmanan ** May 15, 2026 Botnet / Threat Intelligence The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) …

ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932

Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when it comes to identifying malicious messages. …

How Dangerous Is Anthropic’s Mythos AI? Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software …

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting …

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / Linux Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local …

AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / API Security Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI , an open-source …

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been …

** Ravie Lakshmanan ** May 14, 2026 Hacking News / Cybersecurity News Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, …

Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc. According to Socket and StepSecurity , three …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / Network Security Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has …