AI Security Roundup

ISC Stormcast For Tuesday, February 24th, 2026 https://isc.sans.edu/podcastdetail/9822

In 2010, OWASP added “Unvalidated Redirects and Forwards” to its Top 10 list and merged it into “Sensitive Data Exposure” in 2013 [owasp1] [owasp2]. Open redirects are often …

ISC Stormcast For Wednesday, February 25th, 2026 https://isc.sans.edu/podcastdetail/9824

On the Security of Password Managers Good article on password managers that secretly have a backdoor. New research shows that these claims aren’t true in all cases, particularly when account recovery …

Is AI Good for Democracy? Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip exports, latest model releases from each …

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. …

** Ravie Lakshmanan ** Feb 23, 2026 Malware / Threat Intelligence The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in …

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian …

** Ravie Lakshmanan ** Feb 24, 2026 Artificial Intelligence / Anthropic Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) …

** Ravie Lakshmanan ** Feb 24, 2026 Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack …

** Ravie Lakshmanan ** Feb 24, 2026 Cyber Espionage / Malware A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to …

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence …

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being …

[This is a Guest Diary contributed by John Moutos] Overview In this post, I’m going over my analysis of DynoWiper, a wiper family that was discovered during attacks against Polish energy …

ISC Stormcast For Friday, February 20th, 2026 https://isc.sans.edu/podcastdetail/9818

Introduction For at least the past year or so, I’ve been receiving Japanese-language phishing emails to my blog email addresses at @malware-traffic-analysis.net. I’m not Japanese, but I …

Before launching their Comet browser, Perplexity hired us to test the security of their AI-powered browsing features. Using adversarial testing guided by our TRAIL threat model, we demonstrated how …

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a …

Ring Cancels Its Partnership with Flock It’s a demonstration of how toxic the surveillance-tech company Flock has become when Amazon’s Ring cancels the partnership between the two companies. As …

Malicious AI Interesting : Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation …

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow …

Friday Squid Blogging: Squid Cartoon I like this one . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Tags: …

** Ravie Lakshmanan ** Feb 20, 2026 Cybercrime / Law Enforcement A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North …

Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the …

** Ravie Lakshmanan ** Feb 20, 2026 Financial Crime / Banking Security The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading …