AI Security Roundup

Hacked App Part of US/Israeli Propaganda Campaign Against Iran Wired has the story : Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not …

Claude Used to Hack Mexican Government An unknown hacker used Anthropic’s LLM to hack the Mexican government: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite …

Anthropic and the Pentagon OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US …

** Ravie Lakshmanan ** Mar 11, 2026 Artificial Intelligence / Browser Security Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across …

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker , a global medical technology company based in Michigan. News reports …

** Ravie Lakshmanan ** Mar 11, 2026 Vulnerability / Application Security Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, …

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, …

** Ravie Lakshmanan ** Mar 11, 2026 Cybercrime / Artificial Intelligence Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a …

** Ravie Lakshmanan ** Mar 11, 2026 Vulnerability / Enterprise Security SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code …

Account abstraction transforms fixed “private key can do anything” models into programmable systems that enable batching, recovery and spending limits, and flexible gas payment. But that …

Canada Needs Nationalized, Public AI Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute …

** Ravie Lakshmanan ** Mar 11, 2026 DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely …

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are …

A new vulnerability (CVE-2026-0866) has been published : Zombie Zip . It’s a method to create a malformed ZIP file that will bypass detection by most anti-virus engines. The malformed ZIP file …

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to …

ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day” flaws this month (compared to …

Microsoft Patch Tuesday March 2026 Published 2026-03-10. Last Updated 2026-03-10 17:33:47 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Microsoft today released patches for 93 vulnerabilities, …

Cybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first …

** Ravie Lakshmanan ** Mar 10, 2026 Network Security / Vulnerability Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation …

** Ravie Lakshmanan ** Mar 10, 2026 Database Security / Vulnerability Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted …

You can’t control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing …

** The Hacker News ** Mar 10, 2026 Artificial Intelligence / Threat Detection Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called …

** Ravie Lakshmanan ** Mar 10, 2026 Cyber Espionage / Threat Intelligence The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and …

Jailbreaking the F-35 Fighter Jet Countries around the world are becoming increasingly concerned about their dependencies on the US. If you’ve purchase US-made F-35 fighter jets, you are dependent on …