AI Security Roundup

** Ravie Lakshmanan ** Apr 23, 2026 Artificial Intelligence / SaaS Security Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of …

** Ravie Lakshmanan ** Apr 23, 2026 Threat Intelligence / Malware Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat …

** Ravie Lakshmanan ** Apr 23, 2026 Vulnerability / Encryption Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for …

ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904

** Ravie Lakshmanan ** Apr 22, 2026 Cloud Security / Software Security Cybersecurity researchers have warned of malicious images pushed to the official " checkmarx/kics " Docker Hub …

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply …

** Ravie Lakshmanan ** Apr 22, 2026 Cyber Espionage / Malware The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely …

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across …

ICE Uses Graphite Spyware ICE has admitted that it uses spyware from the Israeli company Graphite. Tags: homeland security , Israel , privacy , spyware , surveillance Posted on April 22, 2026 at 7:02 …

** Ravie Lakshmanan ** Apr 22, 2026 Malware / Critical Infrastructure Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela …

** Ravie Lakshmanan ** Apr 22, 2026 Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary …

** Ravie Lakshmanan ** Apr 22, 2026 Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related …

** Ravie Lakshmanan ** Apr 22, 2026 Vulnerability / Cryptography Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate …

ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1].] Introduction A few weeks ago, my honeypot logged an …

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC . According to new research published …

A 24-year-old British national and senior member of the cybercrime group “ Scattered Spider ” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted …

** Ravie Lakshmanan ** Apr 21, 2026 Insider Threat / Cybercrime A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. …

** Ravie Lakshmanan ** Apr 21, 2026 Network Security / Vulnerability Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and …

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, …

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point …

** Ravie Lakshmanan ** Apr 21, 2026 Mobile Security / Artificial Intelligence Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to …

Mexican Surveillance Company Grupo Seguritech is a Mexican surveillance company that is expanding into the US. Tags: Mexico , privacy , surveillance Posted on April 21, 2026 at 7:04 AM • 1 Comments

** Ravie Lakshmanan ** Apr 21, 2026 Vulnerability / Artificial Intelligence Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment …

There have been reports of threat actors using a .wav file as a vector for malware . It’s a proper .wav file, but they didn’t use staganography. The .wav file will play, but you’ll …