AI Security Roundup

** The Hacker News ** Mar 04, 2026 Artificial Intelligence / SaaS Security As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the …

Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit …

Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran , codenamed Epic Fury and Roaring Lion. …

CrushFTP is a Java-based open source file transfer system. It is offered for multiple operating systems. If you run a CrushFTP instance, you may remember that the software has had some serious …

On Moltbook The MIT Technology Review has a good article on Moltbook, the supposed AI-only social network: Many people have pointed out that a lot of the viral comments were in fact posted by people …

** Ravie Lakshmanan ** Mar 03, 2026 Malware / Phishing The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical …

** Ravie Lakshmanan ** Mar 03, 2026 Vulnerability / Mobile Security Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices …

Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It’s …

** Ravie Lakshmanan ** Mar 03, 2026 Phishing / Malware Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing …

The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, …

** Ravie Lakshmanan ** Mar 03, 2026 Vulnerability / Artificial Intelligence The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate …

Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts …

ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data …

Wireshark 4.6.4 Released Published 2026-03-02. Last Updated 2026-03-02 11:11:45 UTC by Didier Stevens (Version: 1) 0 comment(s) Wireshark release 4.6.4 fixes 3 vulnerabilities and 15 bugs. Didier …

In diary entry " Quick Howto: Extract URLs from RTF files " I mentioned ZIP files. There are OLE objects inside this RTF file: They can be analyzed with oledump.py like this:

** Ravie Lakshmanan ** Mar 02, 2026 Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat …

LLM-Assisted Deanonymization Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, …

** Ravie Lakshmanan ** Mar 02, 2026 Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat …

Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API …

YARA-X 1.14.0 Release Published 2026-03-07. Last Updated 2026-03-07 09:56:54 UTC by Didier Stevens (Version: 1) 0 comment(s) YARA-X’s 1.14.0 release brings 4 improvements and 2 bugfixes. One of …

ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838

** Ravie Lakshmanan ** Mar 06, 2026 Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and …

[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program] The internet is under constant, automated siege. Every publicly reachable IP address is probed continuously …

ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836