AI Security Roundup

** Ravie Lakshmanan ** Apr 16, 2026 Malware / Threat Intelligence The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and …

ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894

[This is a Guest Diary by Alec Jaffe, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1]. Security cameras are great at monitoring physical …

** Ravie Lakshmanan ** Apr 15, 2026 Threat Intelligence / Cloud Security Threat actors have been observed weaponizing n8n , a popular artificial intelligence (AI) workflow automation platform, to …

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives …

** Ravie Lakshmanan ** Apr 15, 2026 Vulnerability / Data Breach A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in …

** Ravie Lakshmanan ** Apr 15, 2026 Web Security / Vulnerability A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active …

Defense in Depth, Medieval Style This article on the walls of Constantinople is fascinating. The system comprised four defensive lines arranged in formidable layers: The brick-lined ditch, divided by …

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 …

** Ravie Lakshmanan ** Apr 15, 2026 Vulnerability / Secure Coding OpenAI on Tuesday unveiled GPT-5.4-Cyber , a variant of its latest flagship model, GPT‑5.4 , that’s specifically optimized for …

Starting March 10, 2026, my DShield sensor started getting probe for various AI models such as claude, openclaw, huggingface, etc. Reviewing the data already reported by other DShield sensors to ISC, …

ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly …

Microsoft Patch Tuesday April 2026. Published 2026-04-14. Last Updated 2026-04-14 17:46:09 UTC by Johannes Ullrich (Version: 1) 0 comment(s) This month’s Microsoft Patch Tuesday looks like a …

** Ravie Lakshmanan ** Apr 14, 2026 Vulnerability / DevSecOps Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, …

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at DemocracyXChange 2026 in Toronto, Ontario, Canada, on April 18, 2026. I’m speaking at …

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push …

** Ravie Lakshmanan ** Apr 14, 2026 Mobile Security / Network Security Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its …

A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, …

How Hackers Are Thinking About AI Interesting paper: “ What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation. ” Abstract: The rapid expansion of artificial …

** The Hacker News ** Apr 14, 2026 Application Security / DevSecOps OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: …

** Ravie Lakshmanan ** Apr 14, 2026 Data Theft / Browser Security Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to …

** Ravie Lakshmanan ** Apr 14, 2026 Vulnerability / Network Security A critical security vulnerability impacting ShowDoc , a document management and collaboration service popular in China, has come …

** Ravie Lakshmanan ** Apr 14, 2026 Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited …

ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890