AI Security Roundup

** Jan 08, 2026 ** Ravie Lakshmanan Network Security / Vulnerability Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity …

** Jan 08, 2026 ** Ravie Lakshmanan Malware / Threat Intelligence A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and …

** Jan 08, 2026 ** Ravie Lakshmanan Malware / Financial Crime Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking …

Recently, a new “breed” of IP-based KVM devices has been released. In the past, IP-based KVM devices required dedicated “server-grade” hardware using IPMI. They often cost …

Featuring: Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply …

ISC Stormcast For Tuesday, January 6th, 2026 https://isc.sans.edu/podcastdetail/9754

** Jan 05, 2026 ** Ravie Lakshmanan Hacking News / Cybersecurity The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or …

** Jan 06, 2026 ** The Hacker News SaaS Security / Enterprise Security The Invisible Half of the Identity Universe Identity used to live in one place - an LDAP directory, an HR system, a single IAM …

** Jan 05, 2026 ** Ravie Lakshmanan Cyber Espionage / Windows Security The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by …

** Jan 06, 2026 ** Ravie Lakshmanan Vulnerability / DevOps A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an …

** Jan 05, 2026 ** Ravie Lakshmanan IoT Security / Mobile Security The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, …

** Jan 06, 2026 ** Ravie Lakshmanan Vulnerability / Web Security Users of the " @adonisjs/bodyparser " npm package are being advised to update to the latest version following the disclosure …

Telegram Hosting World’s Largest Darknet Market Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging …

** Jan 05, 2026 ** Ravie Lakshmanan Threat Intelligence / Windows Security Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as …

ISC Stormcast For Monday, January 5th, 2026 https://isc.sans.edu/podcastdetail/9752

** Jan 05, 2026 ** Ravie Lakshmanan Cryptocurrency / Financial Crime Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive …

Introduction In October 2025, a work colleague documented a cryptocurrency scam using a fake chatbot . After investigating this, I was able to receive messages from the campaign, and these emails have …

One of my holiday projects was to redo and optimize part of my home network. One of my homelab servers failed in November. I had only thrown the replacement in the rack to get going, but some cleanup …

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants …

Friday Squid Blogging: Squid Found in Light Fixture Probably a college prank . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog …

Attack Surface Management (ASM) tools promise reduced risk. What they usually deliver is more information. Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill …

Flock Exposes Its AI-Enabled Surveillance Cameras 404 Media has the story : Unlike many of Flock’s cameras, which are designed to capture license plates as people drive by, Flock’s Condor cameras are …

** Jan 02, 2026 ** Ravie Lakshmanan Cloud Security / Email Security Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate …

As web browsers evolve into all-purpose platforms, performance and productivity often suffer. Feature overload, excessive background processes, and fragmented workflows can slow down browsing sessions …

** Jan 01, 2026 ** Ravie Lakshmanan Cybersecurity / Hacking News The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past …