AI Security Roundup

Side-Channel Attacks Against LLMs Here are three papers describing different side-channel attacks against LLMs. “ Remote Timing Attacks on Efficient Language Model Inference “: Abstract: Scaling up …

AI Found Twelve New Vulnerabilities in OpenSSL The title of the post is” What AI Security Research Looks Like When It Works ,” and I agree: In the latest OpenSSL security release> on January 27, …

Malicious AI Interesting : Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation …

We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a “temporary” API key for …

Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover ( DTO ) attacks for financial theft. The malware, according …

Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST , likely targeting supporters of Iran’s ongoing protests to conduct information theft and long-term …

** Ravie Lakshmanan ** Feb 19, 2026 Cybersecurity / Hacking News The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up …

** Ravie Lakshmanan ** Feb 19, 2026 Vulnerability / Network Security Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their …

** Ravie Lakshmanan ** Feb 19, 2026 Financial Crime / Cybercrime An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an …

** Ravie Lakshmanan ** Feb 20, 2026 Insider Threat / Corporate Espionage Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret …

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow …

** Ravie Lakshmanan ** Feb 13, 2026 Cloud Security / Cyber Espionage A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its …

** Ravie Lakshmanan ** Feb 13, 2026 Malware / Critical Infrastructure Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained …

ISC Stormcast For Wednesday, February 11th, 2026 https://isc.sans.edu/podcastdetail/9804

** Ravie Lakshmanan ** Feb 13, 2026 Threat Intelligence / Malware A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL …

Today’s patch Tuesday addresses 59 different vulnerabilities (plus two Chromium vulnerabilities affecting Microsoft Edge). While this is a lower-than-normal number, this includes six …

WSL or “Windows Subsystem Linux”[ 1 ] is a feature in the Microsoft Windows ecosystem that allows users to run a real Linux environment directly inside Windows without needing a traditional virtual …

Apple Patches Everything: February 2026 Published 2026-02-11. Last Updated 2026-02-11 19:36:59 UTC by Johannes Ullrich (Version: 1) 0 comment(s) Today, Apple released updates for all of its operating …

[This is a Guest Diary by Johnathan Husch, an ISC intern as part of the SANS.edu BACS program] Weak SSH passwords remain one of the most consistently exploited attack surfaces on the Internet. Even …

ISC Stormcast For Thursday, February 12th, 2026 https://isc.sans.edu/podcastdetail/9806

ISC Stormcast For Friday, February 13th, 2026 https://isc.sans.edu/podcastdetail/9808

In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets you run queries across thousands of projects using pre-built databases and drastically reduces the …

Unstructured text to interactive knowledge graph via LLM & SPO triplet extraction Courtesy of TLDR InfoSec Launches & Tools again, another fine discovery in Robert McDermott’s AI Powered …

We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for developers to detect tampering and unauthorized uses of their identities in the Rekor transparency log. This work, …

Memory safety bugs like use-after-free and buffer overflows remain among the most exploited vulnerability classes in production software. While AddressSanitizer (ASan) excels at catching these bugs …