AI Security Roundup

Introduction This diary describes a Remcos RAT infection that I generated in my lab on Thursday, 2026-03-11. This infection was from the SmartApeSG campaign that used a ClickFix-style fake CAPTCHA …

Disclaimer : This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research …

** Ravie Lakshmanan ** Mar 13, 2026 VPN Security / Malware Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through …

** Ravie Lakshmanan ** Mar 13, 2026 Encryption / Data Protection Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. “If …

** Ravie Lakshmanan ** Mar 13, 2026 Ransomware / Cybercrime INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and …

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 …

Friday Squid Blogging: Increased Squid Population in the Falklands Some good news squid stocks seem to be recovering in the waters off the Falkland Islands. As usual, you can also use this squid post …

Academia and the “AI Brain Drain” In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher …

** Ravie Lakshmanan ** Mar 13, 2026 Linux / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel’s AppArmor module that could be …

** Ravie Lakshmanan ** Mar 13, 2026 Browser Security / Vulnerability Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said …

On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because …

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for …

** Ravie Lakshmanan ** Mar 13, 2026 Vulnerability / Enterprise Security Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, …

ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware …

iPhones and iPads Approved for NATO Classified Data Apple announcement : …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO …

** Ravie Lakshmanan ** Mar 12, 2026 Vulnerability / Malware Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as …

** Ravie Lakshmanan ** Mar 12, 2026 Cybersecurity / Hacking News Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is …

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking …

** Ravie Lakshmanan ** Mar 12, 2026 Artificial Intelligence / Malware Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly …

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five …

** Ravie Lakshmanan ** Mar 12, 2026 Malware / Cybercrime Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a …

[This is a Guest Diary by Adam Thorman, an ISC intern as part of the SANS.edu BACS program] Introduction Have you ever installed a new device on your home or company router? Even when setup …

ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846

** Ravie Lakshmanan ** Mar 12, 2026 Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to …