Daily AI security roundup covering malware, vulnerabilities, defensive research, cloud risk, and incident response signals from trusted technical sources.
** Ravie Lakshmanan ** Mar 23, 2026 Cybersecurity / Hacking Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, …
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via …
ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856
This activity was found and reported by BACS student Adam Thorman as part of one of his assignments which I posted his final paper [ 1 ] last week. This activity appeared to only have occurred on the …
ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858
Yesterday, I discovered a malicious Bash script that installs a GSocket backdoor on the victim’s computer. I don’t know the source of the script not how it is delivered to the victim. GSocket[ 1 ] is …
ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of …
Hacking a Robot Vacuum Someone tries to remote control his own DJI Romo vacuum, and ends up controlling 7,000 of them from all around the world. The IoT is horribly insecure, but we already knew that …
Proton Mail Shared User Information with the Police 404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It’s metadata—payment …
** The Hacker News ** Mar 20, 2026 Artificial Intelligence / Data Protection Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how …
** Ravie Lakshmanan ** Mar 20, 2026 Data Privacy / Mobile Security Google on Thursday announced a new “advanced flow” for Android sideloading that requires a mandatory 24-hour wait period …
Friday Squid Blogging: Jumbo Flying Squid in the South Pacific The population needs better conservation. As usual, you can also use this squid post to talk about the security stories in the news that …
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published …
The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages …
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets. …
** Ravie Lakshmanan ** Mar 21, 2026 Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, …
** Ravie Lakshmanan ** Mar 21, 2026 Vulnerability / Threat Intelligence Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager …
** Ravie Lakshmanan ** Mar 21, 2026 Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial …
ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854
A very popular target of attackers scanning our honeypots is “phpmyadmin”. phpMyAdmin is a script first released in the late 90s, before many security concepts had been discovered. …
Meta’s AI Glasses and Privacy Surprising no one, Meta’s new AI glasses are a privacy disaster . I’m not sure what can be done here. This is a technology that will exist, whether we like it or not. …
** Ravie Lakshmanan ** Mar 18, 2026 Linux / Endpoint Security A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate …
** Ravie Lakshmanan ** Mar 18, 2026 Vulnerability / Zero-Day Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, …
Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understand …
