AI Security Roundup

ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842

ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840

** Ravie Lakshmanan ** Mar 09, 2026 Threat Intelligence / Web Security High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a …

New Attack Against Wi-Fi It’s called AirSnitch : Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and …

Last week, two related RFCs were published: RFC 9848 : Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings RFC 9849 : TLS Encrypted Client Hello These TLS extensions have been discussed …

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer , offering attackers a way to push malware to downstream customers, inject arbitrary code, and …

** The Hacker News ** Mar 09, 2026 Endpoint Security / Security Operations Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With …

** Ravie Lakshmanan ** Mar 09, 2026 Cybersecurity / Hacking Another week in cybersecurity. Another week of “you’ve got to be kidding me.” Attackers were busy. Defenders were busy. …

** Ravie Lakshmanan ** Mar 09, 2026 DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a …

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The …

Friday Squid Blogging: Squid in Byzantine Monk Cooking This is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules. At …

** Ravie Lakshmanan ** Mar 06, 2026 Endpoint Security / Browser Security Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows …

New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies’ networks, …

** Ravie Lakshmanan ** Mar 06, 2026 Cyber Espionage / Threat Intelligence A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South …

** The Hacker News ** Mar 06, 2026 Artificial Intelligence / Enterprise Security Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers …

** Ravie Lakshmanan ** Mar 06, 2026 Threat Intelligence / Cyber Espionage The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial …

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that …

** Ravie Lakshmanan ** Mar 07, 2026 DevSecOps / Artificial Intelligence OpenAI on Friday began rolling out Codex Security , an artificial intelligence (AI)-powered security agent that’s designed …

** Ravie Lakshmanan ** Mar 07, 2026 Browser Security / Artificial Intelligence Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security …

ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834

And another XWorm[ 1 ] wave in the wild! This malware family is not new and heavily spread but delivery techniques always evolve and deserve to be described to show you how threat actors can be …

Manipulating AI Summarization Features Microsoft is reporting : Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands …

** Ravie Lakshmanan ** Mar 04, 2026 Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting …

** Ravie Lakshmanan ** Mar 04, 2026 Malware / Windows Security Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked …

** Ravie Lakshmanan ** Mar 04, 2026 Threat Intelligence / Application Security Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a …