AI security Archives

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Winsage

November 19, 2025

Critics scoff after Microsoft warns AI feature can infect machines and pilfer data

User safety measures in AI security depend on user engagement with dialog windows that outline risks and require consent. However, users may not fully understand these prompts or may become habituated to clicking "yes," which diminishes the effectiveness of security measures. Earlence Fernandes, an AI security professor, highlighted that reliance on user interaction can compromise security boundaries. The rise of "ClickFix" attacks illustrates vulnerabilities when users are misled, and factors like user fatigue or emotional distress can lead to mistakes. Critics argue that companies like Microsoft use warnings more as legal safeguards than genuine protective measures, shifting liability to users. This concern extends to other major tech companies, which often change AI features from optional to default settings without user consent.

BetaBeacon

November 3, 2025

Google Declares Android as the Most Secure Mobile OS: A Game Changer in Mobile Cybersecurity

Android devices benefit from a robust, AI-powered security infrastructure that actively defends against billions of cyber threats each week.

AppWizard

November 1, 2025

Google’s analytical October Workspace Drop simplifies data in Sheets, bolsters AI security

Google has released updates for its Workspace suite in October, enhancing data comprehension, structure, and formatting in Sheets through Gemini AI. Key features include improved understanding of complex instructions for data manipulation. Google Drive has introduced a ransomware detection feature for desktop users, which alerts them to suspicious activity and pauses data synchronization. Gmail now includes end-to-end encryption for emails to enhance privacy and security. These updates build on August's enhancements, which featured file summaries for Chat, Video Overviews for NotebookLM, and the Veo 3 model in the Vids app, with the recent transition to Veo 3.1 providing greater creative control, improved sound capabilities, and more realistic textures.

AppWizard

August 24, 2025

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day

A study by Arizona State University and Citizen Lab found that three families of Android VPN apps, with over 700 million downloads, have significant security vulnerabilities. Apple has released a fix for a zero-day vulnerability (CVE-2025-43300) that was being exploited in targeted attacks. Researchers from the University of Melbourne and Imperial College London developed a method using lightweight large language models to improve incident response planning. The FBI and Cisco warned about a Russian threat group exploiting an old Cisco vulnerability (CVE-2018-0171) to compromise critical infrastructure. Fog Security researchers discovered a flaw in AWS’s Trusted Advisor tool that could mislead users about the security of their data. AI is now being used in security operations centers to reduce alert noise and assist analysts. U.S. federal prosecutors charged an individual linked to the Rapper Bot DDoS botnet. Nikoloz Kokhreidze discussed the strategic choice between hiring a fractional or full-time Chief Information Security Officer for B2B companies. Commvault patched four vulnerabilities that risked remote code execution. Jacob Ideskog highlighted security risks posed by AI agents. VX Underground released an exploit for two SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999). Healthcare organizations are preparing for new password security risks in 2025 that may threaten HIPAA compliance. Researchers identified a spear-phishing campaign using the Noodlophile infostealer. Financial institutions are increasingly using open-source intelligence tools to combat money laundering. Greg Bak discussed security risks for DevOps teams in the cloud. NIST released guidelines for detecting morph attacks. Organizations face six challenges in implementing machine learning and AI security. Recep Ozdag discussed vulnerabilities in airport and airline systems. Google introduced new AI and cloud security capabilities at the Cloud Security Summit 2025. Cybersecurity myths continue to complicate the security landscape. LudusHound is an open-source tool that replicates an Active Directory environment for testing. Buttercup is an AI-powered platform for automated vulnerability management in open-source software. The book "Data Engineering for Cybersecurity" addresses challenges in managing logs and telemetry data. A selection of current cybersecurity job openings has been compiled. A forthcoming webinar will discuss AI and SaaS security risks. The iStorage datAshur PRO+C is a USB-C flash drive with AES-XTS 256-bit hardware encryption. New infosec products were released by companies such as Doppel, Druva, LastPass, and StackHawk.

AppWizard

July 15, 2025

Google is doubling down on cybersecurity using AI

Google's AI security agent, Big Sleep, has identified a vulnerability in SQLite, designated as CVE-2025-6965, which was being exploited by hackers. Enhancements have been made to Google's open-source forensics tool, now operating on the upgraded Sec-Gemini platform for improved log analysis and threat detection. Google is set to unveil FACADE, an insider threat detection system that has monitored billions of daily events since 2018 using contrastive learning. At DEF CON 33, Google will co-host a Capture the Flag event with Airbus, involving AI assistants in security challenges. Google is contributing data from its Secure AI Framework to the Coalition for Secure AI to enhance research in cybersecurity. The AI Cyber Challenge, a DARPA-led competition supported by Google, is nearing its conclusion, with winners showcasing AI tools for identifying and rectifying vulnerabilities in open-source software.