AI Security Roundup

In one of his recent diaries, Johannes discussed how open redirects are actively being sought out by threat actors[ 1 ], which made me wonder about how commonly these mechanisms are actually misused… …

ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882

Webshells remain a popular method for attackers to maintain persistence on a compromised web server. Many “arbitrary file write” and “remote code execution” vulnerabilities are …

WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts to combine end-to-end encryption with AI-powered capabilities, such as message summarization. To make this …

Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind tangles of arithmetic and bitwise operators. Malware authors and software protectors rely on it because no …

An elusive hacker who went by the handle “ UNKN ” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil …

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. …

Friday Squid Blogging: Jurassic Fish Chokes on Squid Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum the hard, internal shell of an extinct, squid-like …

Company that Secretly Records and Publishes Zoom Meetings WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link ) the …

New Mexico’s Meta Ruling and Encryption Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general: If …

Google Wants to Transition to Post-Quantum Cryptography by 2029 Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not because I think we will …

Hong Kong Police Can Force You to Reveal Your Encryption Keys According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, …

** Ravie Lakshmanan ** Apr 07, 2026 Artificial Intelligence / Vulnerability Threat actors are exploiting a maximum-severity security flaw in Flowise , an open-source artificial intelligence (AI) …

Cybersecurity in the Age of Instant Software AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: …

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take …

** Ravie Lakshmanan ** Apr 07, 2026 Vulnerability / Threat Intelligence A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of …

When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. …

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. “A …

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn …

** Ravie Lakshmanan ** Apr 07, 2026 Vulnerability / DevSecOps A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins ( …

** The Hacker News ** Apr 07, 2026 SaaS Security / Enterprise Security In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity …

** Ravie Lakshmanan ** Apr 02, 2026 Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection …

US Bans All Foreign-Made Consumer Routers This is for new routers ; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) …

** Ravie Lakshmanan ** Apr 02, 2026 Network Security / Vulnerability Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully …

From its GitHub repo: “Vite (French word for “quick”, pronounced /vi?t/, like “veet”) is a new breed of frontend build tooling that significantly improves the frontend …