AI Security Roundup

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. …

Friday Squid Blogging: Jurassic Fish Chokes on Squid Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum the hard, internal shell of an extinct, squid-like …

Company that Secretly Records and Publishes Zoom Meetings WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link ) the …

New Mexico’s Meta Ruling and Encryption Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general: If …

Google Wants to Transition to Post-Quantum Cryptography by 2029 Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not because I think we will …

Hong Kong Police Can Force You to Reveal Your Encryption Keys According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, …

** Ravie Lakshmanan ** Apr 07, 2026 Artificial Intelligence / Vulnerability Threat actors are exploiting a maximum-severity security flaw in Flowise , an open-source artificial intelligence (AI) …

Cybersecurity in the Age of Instant Software AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: …

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take …

** Ravie Lakshmanan ** Apr 07, 2026 Vulnerability / Threat Intelligence A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of …

When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. …

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. “A …

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn …

** Ravie Lakshmanan ** Apr 07, 2026 Vulnerability / DevSecOps A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins ( …

** The Hacker News ** Apr 07, 2026 SaaS Security / Enterprise Security In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity …

** Ravie Lakshmanan ** Apr 02, 2026 Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection …

US Bans All Foreign-Made Consumer Routers This is for new routers ; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) …

** Ravie Lakshmanan ** Apr 02, 2026 Network Security / Vulnerability Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully …

From its GitHub repo: “Vite (French word for “quick”, pronounced /vi?t/, like “veet”) is a new breed of frontend build tooling that significantly improves the frontend …

** Ravie Lakshmanan ** Apr 02, 2026 Cybersecurity / Hacking News The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or …

** Ravie Lakshmanan ** Apr 02, 2026 Surveillance / Mobile Security Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS …

In December 2025 , we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of …

** Ravie Lakshmanan ** Apr 02, 2026 Cryptomining / Malware A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and …

Possible US Government iPhone Hacking Tool Leaked Wired writes (alternate source ): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly …

A lot of the information seen on DShield honeypots [1] is repeated bot traffic, especially when looking at the Cowrie [2] telnet and SSH sessions. However, how long a session lasts, how many commands …