AI Security Roundup

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting …

** Ravie Lakshmanan ** Feb 12, 2026 Cybersecurity / Hacking News Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new …

** The Hacker News ** Feb 12, 2026 Enterprise Security / Breach Prevention A new 2026 market intelligence study of 128 enterprise security decision-makers ( available here ) reveals a stark divide …

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the …

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as …

AI and Voter Engagement Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to forget it was not always that way. In 2008, social media was just …

ISC Stormcast For Monday, February 9th, 2026 https://isc.sans.edu/podcastdetail/9800

ISC Stormcast For Tuesday, February 10th, 2026 https://isc.sans.edu/podcastdetail/9802

ISC Stormcast For Thursday, February 5th, 2026 https://isc.sans.edu/podcastdetail/9796

** Ravie Lakshmanan ** Feb 04, 2026 Artificial Intelligence / Software Security Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large …

** Ravie Lakshmanan ** Feb 04, 2026 Malware / Endpoint Security Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of “disciplined …

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check …

US Declassifies Information on JUMPSEAT Spy Satellites The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually …

Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is …

An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access management …

** Ravie Lakshmanan ** Feb 04, 2026 Malvertising / Infostealer Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS …

Today, I received an interesting email with a malicious attachment. When I had a look at the automatic scan results, it seemed to be a malicious script to create a Chrome Injector to steal data. …

** Ravie Lakshmanan ** Feb 04, 2026 Supply Chain Security / Secure Coding The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft …

** Ravie Lakshmanan ** Feb 04, 2026 Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds …

ISC Stormcast For Wednesday, February 4th, 2026 https://isc.sans.edu/podcastdetail/9794

** Ravie Lakshmanan ** Feb 03, 2026 Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon , an artificial …

** Ravie Lakshmanan ** Feb 03, 2026 Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular …

** The Hacker News ** Feb 03, 2026 Threat Detection / Enterprise Security Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor …

Last week, a new AI agent framework was introduced to automate “live”. It targets office work in particular, focusing on messaging and interacting with systems. The tool has gone viral not …

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down …