AI Security Roundup

** Ravie Lakshmanan ** Feb 21, 2026 Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail …

** Ravie Lakshmanan ** Feb 21, 2026 Artificial Intelligence / DevSecOps Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a …

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices …

Friday Squid Blogging: Do Squid Dream? An exploration of the interesting question. Tags: squid Posted on February 13, 2026 at 5:08 PM • 38 Comments

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, …

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. …

** The Hacker News ** Feb 13, 2026 Supply Chain Security / DevSecOps In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce …

Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, …

Friday Squid Blogging: Squid Cartoon I like this one . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Tags: …

** Ravie Lakshmanan ** Feb 20, 2026 Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and …

Before launching their Comet browser, Perplexity hired us to test the security of their AI-powered browsing features. Using adversarial testing guided by our TRAIL threat model, we demonstrated how …

** Ravie Lakshmanan ** Feb 20, 2026 Cybercrime / Law Enforcement A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North …

Ring Cancels Its Partnership with Flock It’s a demonstration of how toxic the surveillance-tech company Flock has become when Amazon’s Ring cancels the partnership between the two companies. As …

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw , a self-hosted autonomous AI …

** Ravie Lakshmanan ** Feb 20, 2026 Malware / Threat Intelligence Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a …

** The Hacker News ** Feb 20, 2026 Cyber Insurance / Password Security With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater …

** Ravie Lakshmanan ** Feb 20, 2026 Financial Crime / Banking Security The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading …

ISC Stormcast For Tuesday, February 17th, 2026 https://isc.sans.edu/podcastdetail/9812

This morning, I received an interesting phishing email. I’ve a “love & hate” relation with such emails because I always have the impression to lose time when reviewing them but sometimes it’s a …

ISC Stormcast For Wednesday, February 18th, 2026 https://isc.sans.edu/podcastdetail/9814

A few days ago I wrote a diary called “Malicious Script Delivering More Maliciousness”[ 1 ]. In the malware infection chain, there was a JPEG picture that embedded the last payload …

ISC Stormcast For Thursday, February 19th, 2026 https://isc.sans.edu/podcastdetail/9816

[This is a Guest Diary contributed by John Moutos] Overview In this post, I’m going over my analysis of DynoWiper, a wiper family that was discovered during attacks against Polish energy …

ISC Stormcast For Friday, February 20th, 2026 https://isc.sans.edu/podcastdetail/9818

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of …