AI Security Roundup

[This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor’s degree in Applied Cybersecurity (BACS) program.] Introduction One day at work, a friend messaged me, …

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable …

We recently published an exploit chain for the Google Pixel 9 that demonstrated it was possible to go from a zero-click context to root on Android in just two exploits. The Dolby 0-click vulnerability …

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of …

** Ravie Lakshmanan ** May 13, 2026 Software Supply Chain / Data Exfiltration Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems …

** The Hacker News ** May 13, 2026 Cloud Security / Automation Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. …

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 …

** Ravie Lakshmanan ** May 13, 2026 Cyber Espionage / Malware A threat actor with affiliations to China has been linked to a “multi-wave intrusion” targeting an unnamed Azerbaijani oil and …

** The Hacker News ** May 13, 2026 AppSec / Webinar TL;DR: Stop chasing thousands of “toast” alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a “Lethal …

** Ravie Lakshmanan ** May 13, 2026 Vulnerability / Artificial Intelligence Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability …

A few months ago, I implemented Cloudflare’s Turnstile CAPTCHA on some pages. The reason for implementing these CAPTCHAs is obvious: Bots make up a large percentage of traffic and affect site …

Apple Patches Everything Published 2026-05-11. Last Updated 2026-05-11 22:19:13 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Apple today released its typical feature update across it’s …

Microsoft May 2026 Patch Tuesday Published 2026-05-12. Last Updated 2026-05-12 18:29:36 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Today’s Microsoft patch Tuesday fixes 137 different …

ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928

.. if “unproxyable” is a word that is .. I had a recent engagement where I had to look at the network traffic generated by a Windows executable. Unfortunately, it was all TLS, and all TLS1.3 to boot. …

ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930

Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling that the Rust, C, and C++ ecosystems offer with LibAFL and AFL++. Path constraints are hard to solve. Structured inputs …

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer …

LLMs and Text-in-Text Steganography Turns out that LLMs are really good at hiding text messages in other text messages. Tags: academic papers , LLM , steganography Posted on May 11, 2026 at 7:04 AM • …

** Ravie Lakshmanan ** May 12, 2026 Vulnerability / AI Security OpenAI has launched Daybreak , a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model …

** Ravie Lakshmanan ** May 12, 2026 Vulnerability / Network Security American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with …

Copy.Fail Linux Vulnerability This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 …

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from …

TeamPCP , the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI …

** The Hacker News ** May 12, 2026 Threat Detection / AI Security Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn’t …