AI Security Roundup

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply …

** Ravie Lakshmanan ** Apr 22, 2026 Cyber Espionage / Malware The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely …

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across …

ICE Uses Graphite Spyware ICE has admitted that it uses spyware from the Israeli company Graphite. Tags: homeland security , Israel , privacy , spyware , surveillance Posted on April 22, 2026 at 7:02 …

** Ravie Lakshmanan ** Apr 22, 2026 Malware / Critical Infrastructure Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela …

** Ravie Lakshmanan ** Apr 22, 2026 Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary …

** Ravie Lakshmanan ** Apr 22, 2026 Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related …

** Ravie Lakshmanan ** Apr 22, 2026 Vulnerability / Cryptography Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate …

ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1].] Introduction A few weeks ago, my honeypot logged an …

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC . According to new research published …

A 24-year-old British national and senior member of the cybercrime group “ Scattered Spider ” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted …

** Ravie Lakshmanan ** Apr 21, 2026 Insider Threat / Cybercrime A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. …

** Ravie Lakshmanan ** Apr 21, 2026 Network Security / Vulnerability Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and …

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, …

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point …

** Ravie Lakshmanan ** Apr 21, 2026 Mobile Security / Artificial Intelligence Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to …

Mexican Surveillance Company Grupo Seguritech is a Mexican surveillance company that is expanding into the US. Tags: Mexico , privacy , surveillance Posted on April 21, 2026 at 7:04 AM • 1 Comments

** Ravie Lakshmanan ** Apr 21, 2026 Vulnerability / Artificial Intelligence Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment …

There have been reports of threat actors using a .wav file as a vector for malware . It’s a proper .wav file, but they didn’t use staganography. The .wav file will play, but you’ll …

** Ravie Lakshmanan ** Apr 21, 2026 Network Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known …

ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900

** Ravie Lakshmanan ** Apr 20, 2026 Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution …

** Ravie Lakshmanan ** Apr 20, 2026 Cybersecurity / Hacking Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted …

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of …