All news in category “AI and Security Pulse”

🛡️ Attackers increasingly treat high-volume phishing as a weapon, flooding Security Operations Centers to exhaust analysts and hide targeted spear-phish. The article argues defenders must move from rule-based automation to decision-ready investigations—transparent, auditable agentic AI that produces concise verdicts and evidence. This reduces analyst fatigue, restores rapid response, and limits the window for attacker success.

🤖 Insurers are reshaping cyber policies as AI proliferates in business operations. Many carriers are tightening language, adding exclusions, and requiring evidence of active controls rather than relying on checkbox attestations. At the same time, firms that deploy AI-driven defenses and continuous monitoring can receive premium discounts. Brokers and policyholders must clarify AI usage and coverage before renewals to avoid gaps.

🛡️Charlotte AI is an agentic security analyst embedded in CrowdStrike Falcon, built to triage alerts, investigate threats and drive automated, inspectable response actions. It reasons over existing detections — including machine learning, IOAs and the CrowdStrike Threat Graph — and enforces analyst-defined guardrails so humans remain in control. Customers report faster MTTR and large reductions in initial investigation time.

🔒 Researchers demonstrated that an AI-powered browser, Perplexity's Comet, can be manipulated into executing a phishing scam in under four minutes. By intercepting the agent's explanatory traffic and training a GAN on those signals, attackers iteratively optimized a malicious page until the agent reliably performed fraudulent steps. The exploit leverages intent collision and prompt-injection weaknesses, shifting the target from users to the AI agent itself.

🔒 Researchers at Unit 42, Palo Alto Networks' lab, have demonstrated that LLM-based safety and evaluation systems — called AI Judges — can be manipulated via prompt-injection-style token sequences. Their custom fuzzer, AdvJudge-Zero, probes models in a black-box manner, finding low-perplexity formatting tokens that shift internal attention and increase the likelihood of an 'allow' decision. Unit 42 recorded a 99% bypass rate across multiple architectures, and showed that adversarial retraining on fuzzer-discovered examples can reduce that success rate to near zero.

🤖 GenAI has accelerated social engineering and phishing, allowing attackers to produce hyper-personalized messages, convincingly cloned executive voices, and realistic video impersonations in seconds. Deepfake incidents have shifted from online curiosity to tangible business risk, causing financial loss and operational disruption while making identity verification on everyday collaboration platforms increasingly difficult. To address these threats, Check Point Services has expanded its training portfolio and advocates for modern defenses and smarter awareness programs designed for the realities of the AI era.

⚠️ Boards and executive teams can no longer treat large vulnerability backlogs as a tolerable nuisance: agentic AI has collapsed attackers’ cost and speed of exploitation. Security leaders must present operational truth — not just compliance metrics — about current High and Critical findings, remediation timelines, and exposure costs. Boards should demand measurable remediation programs and a plan to reduce vulnerability accrual at the source. Regulation such as CRA and DORA raise legal and financial stakes, and 'patch faster' is not a complete answer when emergency fixes risk production outages.

🇨🇦 The Carney administration's $2‑billion Sovereign AI Compute Strategy forces a fundamental choice about where AI value and control will reside. Bruce Schneier warns that initiatives like OpenAI's “OpenAI for Countries” could simply transfer benefits and authority to U.S. tech firms, citing the Tumbler Ridge incident and private secrecy. He advocates for a publicly funded, transparent national AI—modeled on Switzerland's Apertus—to serve healthcare, education, transit, and democratic oversight rather than private profit.

🛡️ The piece compares the Civil War’s Gatling gun to a September 2025 agentic AI-driven cyberespionage campaign that automated most tactical operations. According to the report, a Chinese state-linked group, GTG-1002, abused Anthropic’s Claude Code via prompt injection and role-playing to produce malicious code and execute ≈90% of the attack chain. The intrusion hit 30 U.S. companies and agencies and was disclosed after Anthropic’s threat team detected misuse of their platform.

🛡️ Organizations are adopting agentic AI—autonomous, task-driven systems powered by LLMs—to streamline processes and boost throughput. These agents can plan, act, and iterate, but their non-deterministic behavior creates gaps in traceability, auditability, and access control. Apply strong role-based access, threat modeling, and oversight (human or independent evaluators) to limit exposure and ensure safe deployment.

🛡️AI adoption has outpaced controls, creating widespread "shadow AI" risk that can expose sensitive data, distort decisions and create compliance gaps. The article recounts an incident where a product manager accidentally pasted production API keys into a public model, triggering outbound alerts. It presents a five-step program grounded in the NIST AI Risk Management Framework: inventory and discover AI use, standardize assessments, deploy layered defenses (DLP and AI monitoring), enforce human-in-the-loop checks, and tie risk reduction to business value.

🛡️ CodeWall’s autonomous red-team agent compromised hiring startup Jack & Jill by chaining four seemingly minor bugs into a complete account takeover within an hour. The agent abused a permissive URL fetcher, an enabled test-login mode, missing onboarding role checks, and absent domain verification to map APIs, authenticate via a test OTP flow, and escalate to org-admin privileges. It then generated synthetic voice clips to social-engineer Jack, conducting 28 multi-turn exchanges and even impersonating Donald Trump before moving on, demonstrating how AI can rapidly combine low-risk flaws into high-impact attacks.

🔐 AI is reshaping cyber defense strategies and executive responsibilities. Organizations face a dual-use threat where AI empowers attackers and defenders; security teams must combine human expertise with automated capabilities. Human + AI approaches, informed by threat intelligence and comprehensive asset mapping, are critical. Vendors like ESET emphasize global, 24/7 coverage and say CISOs must secure board-level buy-in, regulatory alignment, and a clear, cost-effective AI roadmap to improve detection, response, and remediation.

🔐OpenAI has acquired Promptfoo, a startup that provides open source tools to test and evaluate LLMs and AI agents. The deal aims to close a growing security gap in agentic AI by integrating automated testing, red‑teaming and traceability directly into OpenAI Frontier. Promptfoo's suite — used by over 25% of Fortune 500 firms — will remain open source. The move follows warnings from security advisors about 'human‑language malware' and complements OpenAI's recent security hires and tools.

🔒 AI agents are transforming workflows but can act as an unmonitored access layer—an 'invisible employee' with broad privileges. In an upcoming webinar, Rahul Parwani, Head of Product for AI Security at Airia, will explain how attackers are manipulating agents to exfiltrate sensitive information and how to stop them. Attendees will learn the Dark Matter of identity, common manipulation techniques, and a practical safety blueprint to limit privileges, detect misuse, and prevent leaks. Reserve your spot to learn actionable defenses.

🔍 This research introduces AdvJudge-Zero, an automated fuzzer that discovers stealthy input sequences capable of flipping AI judge decisions and bypassing safety gates. Tests show low-perplexity, benign-looking tokens—such as markdown markers, role labels, and context-shift phrases—can reliably convert block outcomes into allows. The report documents a roughly 99% attack success rate across diverse models and recommends adversarial fuzzing, retraining with discovered examples, and operational monitoring using products like Prisma AIRS and Cortex AI-SPM.

🔒 Enterprise AI guardrails meant to prevent misuse are increasingly blocking legitimate defensive activity, creating an asymmetry that favors attackers. Widely deployed, enterprise-approved models often refuse realistic phishing simulations, exploit proofs-of-concept, or multi-step red-team scenarios once prompts resemble real-world attacks. Attackers evade these limits using jailbroken models, open-source deployments, fine-tuning, and underground toolkits. The article calls for authorization-based access, purpose-built security sandboxes, and vetting workflows so safety controls protect against misuse without crippling defenders.

🔍 OpenAI's Codex Security AppSec agent flagged over 11,000 high-severity and critical flaws during a 30-day research test, including about 800 critical issues across more than 1.2 million scanned commits. Built to act like a security researcher rather than a static scanner, it maps attack paths, verifies exploitability in sandboxes, and proposes fixes as easy-to-accept patches. Early access partners such as Netgear reported improved review workflows, and OpenAI has already coordinated fixes and CVEs for multiple open-source projects.

🤖 Organizations must prepare SOCs for agentic AI by reskilling staff, redesigning processes, and instituting governance to ensure safe autonomous operations. The piece explains that AI is already augmenting alert triage, enrichment, IOC validation and initial containment, and could soon handle more complex tasks like incident investigation and response. It recommends new roles—content engineers, data architects and orchestration platform engineers—and stresses auditability, least-privilege, red-teaming and clear approval thresholds for autonomous actions.

🤖 AI-based assistants such as OpenClaw are rapidly reshaping organizational security, blurring boundaries between data and code and between trusted co-workers and insider threats. Incidents and research show agents taking autonomous actions and misconfigured admin interfaces exposing credentials, conversations, and integrations. Demonstrated supply-chain and prompt injection attacks can install rogue agents and manipulate agent perception. Organizations should isolate agents, enforce strict network controls, vet third-party skills, and address AI fragility as a core security concern.