AI Security Roundup

ISC Stormcast For Wednesday, January 14th, 2026 https://isc.sans.edu/podcastdetail/9766

January 2026 Microsoft Patch Tuesday Summary Published 2026-01-13. Last Updated 2026-01-13 19:05:41 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Today, Microsoft released patches for 113 …

** Jan 13, 2026 ** Ravie Lakshmanan Web Security / Data Theft Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major …

** Jan 13, 2026 ** Ravie Lakshmanan Web Security / Online Fraud Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys …

** Jan 13, 2026 ** The Hacker News Artificial Intelligence / Automation Security AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now …

** Jan 13, 2026 ** Ravie Lakshmanan Threat Intelligence / Cyber Espionage Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed …

** Jan 13, 2026 ** Ravie Lakshmanan Malware / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack …

1980s Hacker Manifesto Forty years ago, The Mentor— Loyd Blankenship —published “ The Conscience of a Hacker ” in Phrack . You bet your ass we’re all alike… we’ve been spoon-fed baby food at school …

** Jan 13, 2026 ** The Hacker News Threat Intelligence / Identity Security Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves …

** Jan 13, 2026 ** Ravie Lakshmanan Vulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an …

** Jan 13, 2026 ** Ravie Lakshmanan Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw …

ISC Stormcast For Tuesday, January 13th, 2026 https://isc.sans.edu/podcastdetail/9764

** Jan 12, 2026 ** Ravie Lakshmanan Vulnerability / Workflow Automation Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations …

** Jan 12, 2026 ** Ravie Lakshmanan Hacking News / Cybersecurity This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry …

A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user passwords for services such …

Corrupting LLMs Through Weird Generalizations Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs . Abstract LLMs are useful because they generalize so well. …

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) …

** Jan 12, 2026 ** Ravie Lakshmanan Artificial Intelligence / Healthcare Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of …

ISC Stormcast For Monday, January 12th, 2026 https://isc.sans.edu/podcastdetail/9762

YARA-X’s 1.11.0 release brings a new feature: hash function warnings. When you write a YARA rule to match a cryptographic hash (either the full file content or a part of it), what’s …

** Jan 10, 2026 ** Ravie Lakshmanan Cyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, …

** Jan 10, 2026 ** Ravie Lakshmanan Cybercrime / Financial Crime Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization …

Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the …

** Jan 09, 2026 ** Ravie Lakshmanan Virtualization / Vulnerability Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to …

** Jan 09, 2026 ** Ravie Lakshmanan Email Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals …