AI Security Roundup

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are …

** The Hacker News ** Mar 17, 2026 Artificial Intelligence / Security Leadership A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the …

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. …

** Ravie Lakshmanan ** Mar 14, 2026 Artificial Intelligence / Endpoint Security China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the …

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM GMT …

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a “significant escalation” in how it propagates through the Open VSX registry. …

Disclaimer : This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research …

** Ravie Lakshmanan ** Mar 13, 2026 VPN Security / Malware Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through …

** Ravie Lakshmanan ** Mar 13, 2026 Encryption / Data Protection Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. “If …

** Ravie Lakshmanan ** Mar 13, 2026 Ransomware / Cybercrime INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and …

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 …

Friday Squid Blogging: Increased Squid Population in the Falklands Some good news squid stocks seem to be recovering in the waters off the Falkland Islands. As usual, you can also use this squid post …

Academia and the “AI Brain Drain” In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher …

** Ravie Lakshmanan ** Mar 13, 2026 Linux / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel’s AppArmor module that could be …

** Ravie Lakshmanan ** Mar 13, 2026 Browser Security / Vulnerability Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said …

On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because …

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for …

** Ravie Lakshmanan ** Mar 13, 2026 Vulnerability / Enterprise Security Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, …

ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware …

iPhones and iPads Approved for NATO Classified Data Apple announcement : …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO …

** Ravie Lakshmanan ** Mar 12, 2026 Vulnerability / Malware Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as …

** Ravie Lakshmanan ** Mar 12, 2026 Cybersecurity / Hacking News Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is …

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking …

** Ravie Lakshmanan ** Mar 12, 2026 Artificial Intelligence / Malware Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly …