Daily feed of AI security, malware, and defensive research updates.
[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program] The internet is under constant, automated siege. Every publicly reachable IP address is probed continuously …
ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836
Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a …
** Ravie Lakshmanan ** Mar 05, 2026 Malware / Dark Web A joint law enforcement operation has dismantled LeakBase , one of the world’s largest online forums for cybercriminals to buy and sell …
Tycoon 2FA , one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a …
** Ravie Lakshmanan ** Mar 05, 2026 Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two …
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. …
** Ravie Lakshmanan ** Mar 05, 2026 Cybersecurity / Hacking News Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how …
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country’s Ministry of Foreign Affairs to deliver a set of …
** The Hacker News ** Mar 05, 2026 Encryption / Data Protection Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be …
** Ravie Lakshmanan ** Mar 05, 2026 Vulnerability / Enterprise Security Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under …
ISC Stormcast For Monday, March 2nd, 2026 https://isc.sans.edu/podcastdetail/9830
** Ravie Lakshmanan ** Mar 02, 2026 Cybersecurity / Hacking This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all …
Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the …
** Ravie Lakshmanan ** Mar 02, 2026 Cryptography / Browser Security Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed …
It’s Friday, let’s have a look at another simple piece of malware to close a busy week! I received a Fedex notification about a delivery. Usually, such emails are simple phishing attacks that redirect …
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf , the world’s largest and most disruptive botnet. Since then, the …
Why Tehran’s Two-Tiered Internet Is So Dangerous Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January’s …
Phishing Attacks Against People Seeking Programming Jobs This is new. North Korean hackers are posing as company recruiters, enticing job candidates to participate in coding challenges. When they run …
** Ravie Lakshmanan ** Feb 27, 2026 Endpoint Security / Windows Security Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat …
Friday Squid Blogging: Squid Fishing in Peru Peru has increased its squid catch limit. The article says “giant squid,” but they can’t possibly mean that. As usual, you can also use this squid post to …
** Ravie Lakshmanan ** Feb 27, 2026 Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive …
** Ravie Lakshmanan ** Feb 27, 2026 Malware / Linux Security Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent …
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply chain risk.” “This …
** Ravie Lakshmanan ** Feb 27, 2026 Financial Crime / Social Engineering The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly …
