AI Security Roundup

** Nov 20, 2025 ** Ravie Lakshmanan Malvertising / Artificial Intelligence Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part …

Legal Restrictions on Vulnerability Disclosure Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure muzzle …

The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to …

** Nov 19, 2025 ** Ravie Lakshmanan Vulnerability / Threat Intelligence A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, …

Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named …

** Nov 19, 2025 ** Ravie Lakshmanan Vulnerability / Threat Intelligence A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory …

** Nov 19, 2025 ** Ravie Lakshmanan AI Security / SaaS Security Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform …

** Nov 19, 2025 ** Ravie Lakshmanan Vulnerability / Network Security Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the wild. The medium-severity …

** Nov 19, 2025 ** Ravie Lakshmanan Cyber Espionage / Malware The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to …

The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued …

Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging …

** Nov 18, 2025 ** Ravie Lakshmanan Malware / Web Security Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service …

** Nov 18, 2025 ** Ravie Lakshmanan Malware / Social Engineering Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the …

** Nov 18, 2025 ** The Hacker News Cloud Security / Compliance You’ve probably already moved some of your business to the cloud—or you’re planning to. That’s a smart move. It helps …

** Nov 18, 2025 ** Ravie Lakshmanan Cyber Espionage / Malware Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued …

Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management …

** Nov 17, 2025 ** Ravie Lakshmanan Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT …

** Nov 17, 2025 ** Ravie Lakshmanan Vulnerability / Mobile Security Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the …

More Prompt||GTFO The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4 , #5 , and #6 . Well worth watching. Tags: AI , cybersecurity , …

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The …

Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in …

This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause …

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office Building in Washington, DC …

Friday Squid Blogging: Pilot Whales Eat a Lot of Squid Short-finned pilot wales ( Globicephala macrorhynchus ) eat at lot of squid: To figure out a short-finned pilot whale’s caloric intake, Gough …

** Nov 15, 2025 ** Ravie Lakshmanan Malware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow …