Security Check-in Quick Hits: Aisuru DDoS Record, Google AI Theft Conviction, eScan Supply Chain Attack, SonicWall Ransomware Fallout, AI Prompt Injection and Deepfake Surge
For February 2, 2026
Aisuru Botnet Shatters Records with 31.4 Tbps DDoS Assault
In a chilling escalation of cyber threats, the Aisuru botnet—also known as Kimwolf—has unleashed what is now the largest publicly disclosed DDoS attack in history. On December 19, 2025, as part of a campaign dubbed “The Night Before Christmas,” the botnet targeted telecommunications firms with overwhelming force, peaking at 31.4 terabits per second (Tbps) and over 200 million HTTP requests per second. This surpasses the previous record of 29.7 Tbps, also set by Aisuru, highlighting the botnet’s rapid evolution.
Cloudflare, which mitigated the assault, reported that 90% of Aisuru’s attacks range between 1-5 Tbps, with many lasting just one to two minutes—short but devastating bursts designed to evade detection. The botnet, responsible for prior massive strikes including a 15.72 Tbps attack from 500,000 IPs, continues to exploit vulnerabilities in IoT devices and unpatched systems.
This incident underscores the growing peril of hyper-volumetric DDoS attacks, which can cripple infrastructure and disrupt services globally. Organizations must prioritize advanced mitigation strategies, such as automated traffic scrubbing and zero-trust architectures, to counter these threats. As Aisuru evolves, staying vigilant isn’t optional—it’s essential for digital resilience.
Former Google Engineer Convicted in Major AI Espionage Case
A landmark verdict in the fight against intellectual property theft: Linwei Ding, a 38-year-old former Google software engineer also known as Leon Ding, has been convicted on 14 counts, including seven for economic espionage and seven for trade secret theft. The San Francisco federal jury’s decision, handed down on January 29, 2026, exposes a brazen scheme to siphon Google’s AI secrets for Chinese interests.
Between May 2022 and April 2023, Ding stole over 2,000 pages of confidential data on Google’s Tensor Processing Units (TPUs), Graphics Processing Units (GPUs), and SmartNIC technology, uploading them to his personal Google Cloud account. Prosecutors revealed Ding’s dual affiliations: He secretly served as CTO for a Chinese AI startup and founded his own firm, Rongshu, while funneling stolen tech to benefit PRC-controlled entities, including plans for an AI supercomputer.
Facing up to 15 years per espionage count and 10 years per theft count, Ding’s case highlights the intensifying U.S.-China tech rivalry. It serves as a stark reminder for tech giants to bolster insider threat detection, implement stricter access controls, and conduct regular audits. As AI becomes a geopolitical battleground, protecting innovation is paramount to national security.
eScan Antivirus Falls Victim to Supply Chain Compromise
In a ironic twist for cybersecurity tools, eScan antivirus—developed by India’s MicroWorld Technologies—has been hit by a sophisticated supply chain attack. On January 20, 2026, attackers breached a regional update server, distributing a trojanized “reload.exe” file to users, primarily in South Asia.
The multi-stage malware, signed with a forged certificate, executed PowerShell payloads to tamper with eScan’s registry, delete critical files, and modify the hosts file to block legitimate updates by redirecting domains to a non-routable IP. This self-sabotage prevented automatic remediation, forcing manual patches and leaving systems vulnerable to further exploitation. The attack, lasting about two hours, connected to attacker-controlled C2 servers for additional payloads.
MicroWorld isolated the servers and urged users to contact support for fixes, emphasizing it was unauthorized access, not a vulnerability. This incident echoes SolarWinds and MOVEit breaches, stressing the need for end-to-end supply chain verification, code signing audits, and behavioral monitoring. When security software turns against you, trust nothing—verify everything.
SonicWall Breach Fuels Ransomware Wave Across US Banks
A lingering nightmare from 2025 has resurfaced: A SonicWall firewall vulnerability exploited in August enabled a ransomware attack on fintech firm Marquis Software Solutions, impacting over 74 U.S. banks and credit unions. The breach exposed personal data of more than 400,000 customers, including names, addresses, and financial details.
Attackers stole SonicWall SSL VPN credentials (via CVE-2025-53704, which leaks swap cookies and session IDs), then pivoted to Marquis’ systems for a full ransomware deployment. Marquis confirmed the link in a memo, noting the initial SonicWall hack affected cloud backups, leading to widespread data exfiltration.
With over 100 SonicWall accounts compromised in the broader campaign, this highlights the cascading risks of third-party vulnerabilities. Financial institutions should enforce multi-factor authentication, patch aggressively, and segment networks. As supply chains intertwine, one weak link can devastate an entire sector—proactive defense is the only safeguard.
AI’s Dark Side: Rising Risks from Prompt Injection and Deepfakes
As AI integrates deeper into operations, 2026 is shaping up as the year of reckoning for its vulnerabilities. Agentic AI—autonomous systems with broad access—is emerging as a prime attack surface, with “agency abuse” surpassing traditional prompt injection as a top threat. Experts warn of goal-hijacking via memory poisoning or overrides, potentially causing more breaches than human error.
Deepfakes are exploding, enabling hyper-personalized scams and impersonation crises that erode digital trust—29% of pros see them targeting high-value entities like CEOs and governments. Prompt injection remains the #1 LLM vulnerability, with exploits like EchoLeak (CVE-2025-32711) enabling data exfiltration.
Add in AI-amplified phishing, model poisoning, and non-human identity sprawl (agents outnumbering humans 80:1), and the risks compound. Mitigation demands outcome assurance, red-teaming, zero-trust for AI, and deepfake detection tools. Embrace AI’s power, but secure it fiercely— complacency invites catastrophe.