Daily feed of AI security, malware, and defensive research updates.
** Ravie Lakshmanan ** Mar 02, 2026 Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat …
LLM-Assisted Deanonymization Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, …
** Ravie Lakshmanan ** Mar 02, 2026 Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat …
Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API …
YARA-X 1.14.0 Release Published 2026-03-07. Last Updated 2026-03-07 09:56:54 UTC by Didier Stevens (Version: 1) 0 comment(s) YARA-X’s 1.14.0 release brings 4 improvements and 2 bugfixes. One of …
ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838
** Ravie Lakshmanan ** Mar 06, 2026 Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and …
[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program] The internet is under constant, automated siege. Every publicly reachable IP address is probed continuously …
ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836
Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a …
** Ravie Lakshmanan ** Mar 05, 2026 Malware / Dark Web A joint law enforcement operation has dismantled LeakBase , one of the world’s largest online forums for cybercriminals to buy and sell …
Tycoon 2FA , one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a …
** Ravie Lakshmanan ** Mar 05, 2026 Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two …
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. …
** Ravie Lakshmanan ** Mar 05, 2026 Cybersecurity / Hacking News Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how …
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country’s Ministry of Foreign Affairs to deliver a set of …
** The Hacker News ** Mar 05, 2026 Encryption / Data Protection Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be …
** Ravie Lakshmanan ** Mar 05, 2026 Vulnerability / Enterprise Security Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under …
ISC Stormcast For Monday, March 2nd, 2026 https://isc.sans.edu/podcastdetail/9830
** Ravie Lakshmanan ** Mar 02, 2026 Cybersecurity / Hacking This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all …
Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the …
** Ravie Lakshmanan ** Mar 02, 2026 Cryptography / Browser Security Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed …
It’s Friday, let’s have a look at another simple piece of malware to close a busy week! I received a Fedex notification about a delivery. Usually, such emails are simple phishing attacks that redirect …
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf , the world’s largest and most disruptive botnet. Since then, the …
Why Tehran’s Two-Tiered Internet Is So Dangerous Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January’s …
