AI Security Roundup

** Ravie Lakshmanan ** May 15, 2026 Microsoft / Vulnerability Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active …

** The Hacker News ** May 15, 2026 Endpoint Security / Threat Detection In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust , we made a simple argument: the most …

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production …

** Ravie Lakshmanan ** May 15, 2026 Vulnerability / AI Security Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege …

** Ravie Lakshmanan ** May 15, 2026 Botnet / Threat Intelligence The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) …

ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932

Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when it comes to identifying malicious messages. …

How Dangerous Is Anthropic’s Mythos AI? Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software …

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting …

Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / Linux Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local …

AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / API Security Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI , an open-source …

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been …

** Ravie Lakshmanan ** May 14, 2026 Hacking News / Cybersecurity News Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, …

Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc. According to Socket and StepSecurity , three …

** Ravie Lakshmanan ** May 14, 2026 Vulnerability / Network Security Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has …

[This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor’s degree in Applied Cybersecurity (BACS) program.] Introduction One day at work, a friend messaged me, …

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable …

We recently published an exploit chain for the Google Pixel 9 that demonstrated it was possible to go from a zero-click context to root on Android in just two exploits. The Dolby 0-click vulnerability …

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of …

** Ravie Lakshmanan ** May 13, 2026 Software Supply Chain / Data Exfiltration Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems …

** The Hacker News ** May 13, 2026 Cloud Security / Automation Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. …

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 …

** Ravie Lakshmanan ** May 13, 2026 Cyber Espionage / Malware A threat actor with affiliations to China has been linked to a “multi-wave intrusion” targeting an unnamed Azerbaijani oil and …