AI Security Roundup

** The Hacker News ** Feb 03, 2026 Threat Detection / Enterprise Security Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor …

Last week, a new AI agent framework was introduced to automate “live”. It targets office work in particular, focusing on messaging and interacting with systems. The tool has gone viral not …

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down …

Microsoft is Giving the FBI BitLocker Keys Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s possible for users to store those …

** Ravie Lakshmanan ** Feb 03, 2026 Vulnerability / Malware The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed …

** Ravie Lakshmanan ** Feb 03, 2026 Artificial Intelligence / Privacy Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn …

** Ravie Lakshmanan ** Feb 03, 2026 Malware / Open Source A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the …

ISC Stormcast For Tuesday, February 3rd, 2026 https://isc.sans.edu/podcastdetail/9792

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is …

** Ravie Lakshmanan ** Feb 02, 2026 Vulnerability / Artificial Intelligence A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow …

Yesterday, a single IP address ( 204.76.203.210 ) scanned a number of our sensors for what looks like an anthropic API node. The IP address is known to be a Tor exit node. The requests are pretty …

** Ravie Lakshmanan ** Feb 02, 2026 Kerberos / Enterprise Security Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows …

** The Hacker News ** Feb 02, 2026 Threat Detection / Endpoint Security For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential …

** Ravie Lakshmanan ** Feb 02, 2026 Hacking News / Cybersecurity Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while …

AI Coding Assistants Secretly Copying All Code to China There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they …

** Ravie Lakshmanan ** Feb 02, 2026 Threat Intelligence / Malware The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect …

** Ravie Lakshmanan ** Feb 02, 2026 Developer Tools / Malware Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat …

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent …

ISC Stormcast For Monday, February 2nd, 2026 https://isc.sans.edu/podcastdetail/9790

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent …

** Ravie Lakshmanan ** Jan 31, 2026 Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent …

** Ravie Lakshmanan ** Jan 31, 2026 Network Security / SCADA CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and …

Friday Squid Blogging: New Squid Species Discovered A new species of squid . pretends to be a plant: Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in …

Charlie, one of our readers, has forwarded an interesting phishing email. The email was sent to users of the Vivladi Webmail service. While not overly convincing, the email is likely sufficient to …

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of …