AI Security Roundup

** The Hacker News ** May 06, 2026 Security Leadership / Industry Recognition For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, …

Rowhammer Attack Against NVIDIA Chips A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks against …

** Ravie Lakshmanan ** May 06, 2026 Endpoint Security / Threat Intelligence Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) …

** Ravie Lakshmanan ** May 06, 2026 Android / Data Security Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. “This new …

** Ravie Lakshmanan ** May 06, 2026 Vulnerability / Network Security Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been …

ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are …

** Ravie Lakshmanan ** May 05, 2026 Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, …

** Ravie Lakshmanan ** May 05, 2026 Network Security / Endpoint Security A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities …

Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic …

** Ravie Lakshmanan ** May 05, 2026 Vulnerability / Network Security Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as …

Yup, that is for real. For me, this started with a post in X at hxxps://x.com/intcyberdigest/status/2051406295828250963?s=61 , which highlighted research by @L1v1ng0ffTh3L4N that found exactly this …

I just got an email from SSL.com last night, they are rotating out their root certificate today (May 5,2026). This is normal, business as usual stuff for a CA, but certificates get used for all kinds …

While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption is putting that progress at risk. Businesses are moving …

DarkSword Malware DarkSword is a sophisticated piece of malware —probably government designed—that targets iOS. Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that …

We recently added a C/C++ security checklist to the Testing Handbook and challenged readers to spot the bugs in two code samples a deceptively simple Linux ping program and a Windows driver registry …

** Ravie Lakshmanan ** May 05, 2026 Cyber Espionage / Surveillance The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain …

** Ravie Lakshmanan ** May 05, 2026 Vulnerability / Network Security A critical security vulnerability in Weaver (Fanwei) E-cology , an enterprise office automation (OA) and collaboration platform, …

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to …

ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918

TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03) Published 2026-05-04. Last Updated 2026-05-04 17:12:18 UTC by Kenneth Hartman (Version: 1) 0 comment(s) Summary The most significant …

** Ravie Lakshmanan ** May 04, 2026 Vulnerability / Enterprise Software Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could …

** Ravie Lakshmanan ** May 04, 2026 Network Security / Endpoint Security An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote …

This week, I will release a few updates to our DShield honeypot. The update should happen automatically if you have “automatic updates” enabled on your system. There will be two major …

** Ravie Lakshmanan ** May 04, 2026 Cybersecurity / Hacking This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned …