AI Security Roundup

** Jan 10, 2026 ** Ravie Lakshmanan Cyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, …

** Jan 10, 2026 ** Ravie Lakshmanan Cybercrime / Financial Crime Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization …

Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the …

** Jan 09, 2026 ** Ravie Lakshmanan Virtualization / Vulnerability Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to …

** Jan 09, 2026 ** Ravie Lakshmanan Email Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals …

Palo Alto Crosswalk Signals Had Default Passwords Palo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords . Tags: hacking , infrastructure , …

** Jan 09, 2026 ** The Hacker News Artificial Intelligence / Enterprise Security As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by …

** Jan 09, 2026 ** Ravie Lakshmanan Vulnerability / Endpoint Security Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex …

** Jan 09, 2026 ** Ravie Lakshmanan Government / Vulnerability Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it’s retiring 10 emergency directives …

Reverse engineers must have a good understanding of the environment where malware are executed (read: the operating system). In a previous diary, I talked about malicious code that could be executed …

** Jan 09, 2026 ** Ravie Lakshmanan Mobile Security / Email Security The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat …

ISC Stormcast For Friday, January 9th, 2026 https://isc.sans.edu/podcastdetail/9760

In yesterday’s podcast, I mentioned “tailsnitch”, a new tool to audit Tailscale configurations. Tailscale is an easy-to-use overlay to Wireguard. It is probably best compared to STUN …

ISC Stormcast For Wednesday, January 7th, 2026 https://isc.sans.edu/podcastdetail/9756

Malicious use of QR codes has long been ubiquitous, both in the real world as well as in electronic communication. This is hardly surprising given that a scan of a QR code can lead one to a phishing …

I’m always looking for new ways of manipulating the data captured by my DShield sensor [ 1 ]. This time I used Gephi [ 2 ] and Graphiz [ 3 ] a popular and powerful tool for visualizing and …

ISC Stormcast For Thursday, January 8th, 2026 https://isc.sans.edu/podcastdetail/9758

The Wegman’s Supermarket Chain Is Probably Using Facial Recognition The New York City Wegman’s is collecting biometric information about customers. Tags: biometrics , face recognition , privacy , …

** Jan 08, 2026 ** Ravie Lakshmanan Privacy / Artificial Intelligence Artificial intelligence (AI) company OpenAI on Wednesday announced the launch of ChatGPT Health, a dedicated space that allows …

** Jan 08, 2026 ** Ravie Lakshmanan Vulnerability / Container Security Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify , an open-source, …

AI & Humans: Making the Relationship Work Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers …

A Cyberattack Was Part of the US Assault on Venezuela We don’t have many details : President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut …

** Jan 08, 2026 ** Ravie Lakshmanan Cybersecurity / Hacking News The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show …

Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a …

** Jan 08, 2026 ** Ravie Lakshmanan Malware / Cloud Security Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware …