AIs Exploiting Smart Contracts I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here’s some interesting research on training AIs to …
AI Security Roundup
Daily feed of AI security, malware, and defensive research updates.
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories
** Dec 11, 2025 ** Ravie Lakshmanan This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software …
** Dec 11, 2025 ** The Hacker News Automation / Compliance As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool …
** Dec 11, 2025 ** Ravie Lakshmanan Cyber Espionage / Windows Security Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google …
** Dec 11, 2025 ** Ravie Lakshmanan Cyberwarfare / Threat Intelligence An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities …
** Dec 11, 2025 ** Ravie Lakshmanan Vulnerability / Cloud Security A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances …
** Dec 11, 2025 ** Ravie Lakshmanan Zero-Day / Vulnerability Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under …
Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution
** Dec 11, 2025 ** Ravie Lakshmanan Vulnerability / Encryption Huntress is warning of a new actively exploited vulnerability in Gladinet’s CentreStack and Triofox products stemming from the use …
** Dec 10, 2025 ** Ravie Lakshmanan Hardware Security / Vulnerability Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data …
FBI Warns of Fake Video Scams The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their …
** Dec 10, 2025 ** Ravie Lakshmanan Enterprise Security / Web Services New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade …
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of …
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet …
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
** Dec 10, 2025 ** The Hacker News Cloud Security / Threat Detection Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your …
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
** Dec 10, 2025 ** Ravie Lakshmanan Vulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and …
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild. Of the 56 flaws, …
AI vs. Human Drivers Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times . In an op-ed that honestly sounds like it was paid for by Waymo, the author …
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don’t share signals reliably. 88% …
Google on Monday announced a set of new security features in Chrome, following the company’s addition of agentic artificial intelligence (AI) capabilities to the web browser. To that end, the …
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
** Dec 09, 2025 ** Ravie Lakshmanan Ransomware / Endpoint Security The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more …
Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously …
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
** Dec 09, 2025 ** Ravie Lakshmanan Cybersecurity / Malware Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader , strengthening the previous …
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565 . Cybersecurity company Sophos said it investigated almost 40 …
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
** Dec 09, 2025 ** Ravie Lakshmanan Malware / Threat Analysis Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to …
Substitution Cipher Based on The Voynich Manuscript Here’s a fun paper: “ The Naibbe cipher: a substitution cipher that encrypts Latin and Italian as Voynich Manuscript-like ciphertext “: Abstract: In …