AI Security Roundup

Google has addressed a maximum severity security flaw in Gemini CLI – the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions …

ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912

[This is a Guest Diary by James Roberts, an ISC intern as part of the SANS.edu BACS program] Over the last few months, I have gained valuable experience working with the Internet Storm Center (ISC) …

** Ravie Lakshmanan ** Apr 29, 2026 Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with …

Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic’s Claude Opus large language model (LLM). The …

Today, two different “new” requests hit our honeypots. Both appear to be recon requests and not associated with specific vulnerabilities. But as always, please let me know if you have …

** The Hacker News ** Apr 29, 2026 Artificial Intelligence / Exposure Validation In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI …

LibAFL is all the rage in the fuzzing community these days, especially with LLVM’s libFuzzer being placed in maintenance mode . Written in Rust, LibAFL claims improved performance, modularity, …

Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: …

** Ravie Lakshmanan ** Apr 29, 2026 Vulnerability / Web Hosting cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to …

Claude Mythos Has Found 271 Zero-Days in Firefox That’s a lot . No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI models to find …

** Ravie Lakshmanan ** Apr 29, 2026 Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise …

** Ravie Lakshmanan ** Apr 29, 2026 Vulnerability / Cloud Security In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in …

ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910

** Ravie Lakshmanan ** Apr 28, 2026 Vulnerability / Software Security Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise …

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). …

Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, …

This weekend, we saw a few requests to our honeypot that included an “X-Vercel-Set-Bypass-Cookie” header. A sample request: GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; …

Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. …

What Anthropic’s Mythos Means for the Future of Cybersecurity Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software …

** Ravie Lakshmanan ** Apr 28, 2026 Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot , Hugging Face’s open-source …

When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to …

** Ravie Lakshmanan ** Apr 28, 2026 Cyber Espionage / Vulnerability A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, …

** Ravie Lakshmanan ** Apr 28, 2026 Vulnerability / Identity Management An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation …

** Ravie Lakshmanan ** Apr 28, 2026 Vulnerability / Threat Intelligence Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge …