AI-Powered Amateur Hacks 600+ FortiGate Devices While Nation-State Groups Keep Busy

I’ve been following some concerning developments this week that really highlight how the threat environment is shifting in ways we need to pay attention to. The most eye-catching story involves a Russian-speaking hacker who managed to compromise over 600 FortiGate firewalls using generative AI tools - and this person appears to be an amateur, not some sophisticated APT group.

When Mental Health Apps Become Security Nightmares: The Trust Problem We Can’t Ignore

I’ve been tracking some concerning developments this week that highlight a disturbing pattern in our industry - the gap between when breaches happen and when people actually find out about them. But what really caught my attention was how this plays out in one of the most sensitive areas imaginable: mental health applications.

The Mental Health App Crisis

Here’s something that should make us all uncomfortable: several Android mental health apps with a combined 14.7 million downloads are riddled with security vulnerabilities that could expose users’ most private medical information. Android mental health apps with 14.7M installs filled with security flaws

When Firmware Becomes the Enemy: The Keenadu Backdoor Shows Why We Need to Rethink Mobile Security

I’ve been following the mobile malware space for years, and every time I think I’ve seen it all, something like Keenadu comes along to remind me why firmware-level threats keep me up at night. This isn’t your typical Android malware that users accidentally install from sketchy app stores – we’re talking about a sophisticated backdoor that’s baked right into device firmware and hiding in plain sight on Google Play.

AI-Powered Attacks Hit FortiGate Firewalls While Healthcare Systems Reel from Ransomware

The past week has been a stark reminder that our security challenges are getting more sophisticated – and more personal. While we’re seeing AI being weaponized against network infrastructure, healthcare systems are facing devastating ransomware attacks that directly impact patient care. Let me walk you through what’s happening and why it matters for all of us.

When AI Becomes the Attacker’s Tool

The most concerning development this week comes from AWS researchers who’ve identified hundreds of FortiGate firewalls being compromised through AI-powered attacks. This isn’t just another vulnerability disclosure – it’s a glimpse into how threat actors are evolving their methods.

Supply Chain Attacks and State Network Breaches: Why This Week’s Security News Should Keep You Up at Night

I’ve been digging through this week’s security incidents, and honestly, the pattern emerging here is pretty concerning. We’re seeing attackers hit critical infrastructure from multiple angles – from state government networks to the semiconductor supply chain – and they’re getting more sophisticated about it.

Romanian Hacker Exposes How Easy State Networks Really Are

Let’s start with the most straightforward case: Catalin Dragomir just pleaded guilty to selling access to an Oregon state government office’s network. Now, we don’t have all the technical details yet, but this case highlights something I’ve been worried about for years – state and local government networks are often sitting ducks.

AI Is Changing the Attack Game: From Voice Phishing to Compromised Firewalls

Last week brought some sobering reminders that threat actors are getting creative with AI tools, and frankly, they’re moving faster than many of us expected. While we’ve been debating the theoretical risks of AI in cybersecurity, attackers are already putting these tools to work in ways that should make every security team take notice.

When AI Meets Social Engineering

The Optimizely breach caught my attention not because voice phishing is new – we’ve all seen our share of vishing campaigns – but because of how it highlights the human element that AI is starting to amplify. The New York-based ad tech company confirmed that attackers successfully compromised their systems through a voice phishing attack, affecting an undisclosed number of customers.

When Server-Side Control Breaks Password Manager Security: What This Week’s Research Really Means

You know that moment when someone challenges something you’ve always believed to be true? That’s exactly what happened to me reading Bruce Schneier’s latest post about password manager security research. We’ve all been telling users that password managers with zero-knowledge architecture are bulletproof – that even if the company gets compromised, your data stays safe. Turns out, it’s more complicated than that.

That Shai-Hulud Worm Shows Why Our Supply Chain Problem Just Got Worse

I’ve been watching the security feeds this week, and honestly, the npm ecosystem attack that’s been making rounds has me more concerned than usual. We’re dealing with a supply chain worm that researchers are calling “Shai-Hulud-like” – and if you’re thinking Dune references in malware naming have gotten out of hand, you’re not wrong. But the technical implications here are genuinely unsettling.

AI Poisoning and Zero-Days: Why This Week’s Security News Should Have Your Attention

I’ve been digging through this week’s security news, and there are a few stories that really caught my eye. Between Google patching their first Chrome zero-day of the year and Microsoft uncovering a clever new way to manipulate AI chatbots, we’re seeing some interesting attack vectors emerge alongside the usual suspects.

The Chrome Zero-Day That Started 2026 Off Right

Let’s start with the big one: Google just patched a high-severity Chrome vulnerability that was actively being exploited in the wild. This marks the first zero-day patch of 2026, and honestly, I’m surprised it took this long. We typically see Chrome zero-days pop up pretty regularly, so having a relatively quiet start to the year was almost suspicious.

When AI Gets Too Helpful: Microsoft’s Copilot Bug Shows Why Zero Trust Matters More Than Ever

I’ve been tracking some concerning developments this week that really highlight how our threat landscape is shifting. The most eye-catching story involves Microsoft Copilot accidentally summarizing confidential emails, but when you look at it alongside the other incidents, there’s a bigger pattern here about trust boundaries and how they’re breaking down.

The Copilot Problem: When Your AI Assistant Becomes a Data Leak

Let’s start with the Microsoft issue because it’s probably affecting some of you right now. Since late January, Microsoft 365 Copilot has been summarizing confidential emails that should have been blocked by data loss prevention policies. Microsoft calls it a bug, but honestly, this feels like an inevitable collision between AI convenience and security controls.