AI Security Roundup

ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, …

Smart Glasses for the Authorities ICE is developing its own version of smart glasses, with facial recognition tied to various databases. Tags: biometrics , DHS , face recognition Posted on May 7, 2026 …

Insider Betting on Polymarket Insider trading is rife on Polymarket: Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—­defined as …

Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about …

** Ravie Lakshmanan ** May 08, 2026 Malware / Threat Intelligence Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub …

** Ravie Lakshmanan ** May 08, 2026 Linux / DevOps A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as …

The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report …

** The Hacker News ** May 08, 2026 Artificial Intelligence / Threat Detection The hardest part of cybersecurity isn’t the technology, it’s the people. Every major breach you’ve read about lately …

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that’s capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is …

Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users …

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory. …

** Ravie Lakshmanan ** May 09, 2026 Vulnerability / Web Hosting cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve …

Introduction This diary describes a Remcos RAT infection that I generated in my lab on Thursday, 2026-03-11. This infection was from the SmartApeSG campaign that used a ClickFix-style fake CAPTCHA …

Cybersecurity researchers have exposed a new Mirai -derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge ( ADB ) to enlist them in a …

The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false …

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, …

** The Hacker News ** May 06, 2026 Security Leadership / Industry Recognition For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, …

Rowhammer Attack Against NVIDIA Chips A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks against …

** Ravie Lakshmanan ** May 06, 2026 Endpoint Security / Threat Intelligence Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) …

** Ravie Lakshmanan ** May 06, 2026 Android / Data Security Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. “This new …

** Ravie Lakshmanan ** May 06, 2026 Vulnerability / Network Security Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been …

ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are …

** Ravie Lakshmanan ** May 05, 2026 Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, …