AI Security Roundup

** Ravie Lakshmanan ** Mar 12, 2026 Malware / Cybercrime Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a …

[This is a Guest Diary by Adam Thorman, an ISC intern as part of the SANS.edu BACS program] Introduction Have you ever installed a new device on your home or company router? Even when setup …

ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846

** Ravie Lakshmanan ** Mar 12, 2026 Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to …

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers …

Israel Hacked Traffic Cameras in Iran Multiple news outlets are reporting on Israel’s hacking of Iranian traffic cameras and how they assisted with the killing of that country’s leadership. The New …

Hacked App Part of US/Israeli Propaganda Campaign Against Iran Wired has the story : Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not …

Claude Used to Hack Mexican Government An unknown hacker used Anthropic’s LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite …

Anthropic and the Pentagon OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US …

** Ravie Lakshmanan ** Mar 11, 2026 Artificial Intelligence / Browser Security Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across …

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker , a global medical technology company based in Michigan. News reports …

** Ravie Lakshmanan ** Mar 11, 2026 Vulnerability / Application Security Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, …

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, …

** Ravie Lakshmanan ** Mar 11, 2026 Cybercrime / Artificial Intelligence Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a …

** Ravie Lakshmanan ** Mar 11, 2026 Vulnerability / Enterprise Security SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code …

Account abstraction transforms fixed “private key can do anything” models into programmable systems that enable batching, recovery and spending limits, and flexible gas payment. But that …

Canada Needs Nationalized, Public AI Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute …

** Ravie Lakshmanan ** Mar 11, 2026 DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely …

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are …

A new vulnerability (CVE-2026-0866) has been published : Zombie Zip . It’s a method to create a malformed ZIP file that will bypass detection by most anti-virus engines. The malformed ZIP file …

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to …

ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day” flaws this month (compared to …

Microsoft Patch Tuesday March 2026 Published 2026-03-10. Last Updated 2026-03-10 17:33:47 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Microsoft today released patches for 93 vulnerabilities, …

Cybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first …