AI Security Roundup

** Dec 19, 2025 ** Ravie Lakshmanan Vulnerability / Network Security WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world …

** Dec 19, 2025 ** Ravie Lakshmanan Cybercrime / Law Enforcement Authorities in Nigeria have announced the arrest of three “high-profile internet fraud suspects” who are alleged to have …

** Dec 19, 2025 ** Ravie Lakshmanan Firmware Security / Vulnerability Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability …

ISC Stormcast For Friday, December 19th, 2025 https://isc.sans.edu/podcastdetail/9746

Someone Boarded a Plane at Heathrow Without a Ticket or Passport I’m sure there’s a story here : Sources say the man had tailgated his way through to security screening and passed security, meaning he …

** Dec 18, 2025 ** Ravie Lakshmanan Cybersecurity / Hacking News This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small …

Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and …

ISC Stormcast For Thursday, December 18th, 2025 https://isc.sans.edu/podcastdetail/9744

** Dec 18, 2025 ** Ravie Lakshmanan Vulnerability / Enterprise Security Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully …

** Dec 18, 2025 ** Ravie Lakshmanan Malware / Cloud Security A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting …

Since the end of the year is quickly approaching, it is undoubtedly a good time to look back at what the past twelve months have brought to us… And given that the entire cyber security profession is …

Threat actors with ties to the Democratic People’s Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at …

** Dec 18, 2025 ** Ravie Lakshmanan Vulnerability / Network Security Cisco has alerted users to a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a …

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking …

** Dec 18, 2025 ** Ravie Lakshmanan Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to …

I have already talked about various React2Shell exploit attempts we have observed in the last weeks. But new varieties of the exploit are popping up, and the most recent one is using this particular …

** Dec 17, 2025 ** Ravie Lakshmanan Vulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, …

** Dec 17, 2025 ** Ravie Lakshmanan Email Security / Threat Intelligence The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a …

** Dec 17, 2025 ** Ravie Lakshmanan Vulnerability / Network Security SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been …

A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, …

ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742

** Dec 17, 2025 ** Ravie Lakshmanan Ad Fraud / Browser Security A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious …

Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for …

Deliberate Internet Shutdowns For two days in September, Afghanistan had no internet . No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It …

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. …