< ciso
brief />
AI and Security Pulse Banner

All news in category “AI and Security Pulse

1118 articles · page 2 of 56

Governing Identity for Agentic AI Operations

🛡️ Existing security controls weren’t built for autonomous AI agents, and static credentials and standing privileges are insufficient. Organizations must define agentic identity, secure agent-to-agent communication, adopt dynamic secrets management, enforce least privilege for delegated workflows, and unify workforce identity. Governance across the identity lifecycle is essential to ensure auditable, revocable, and context-aware access for agents.
read more →

Operationalizing agentic AI: From assistants to operators

🤖 Stephen Wilson of HashiCorp explains how enterprise AI is evolving from human-assisted tools to autonomous agents and operators, and why governance must mature accordingly. He describes three adoption patterns—AI as assistant, AI as agent, and AI as operator—and details the increasing needs for identity, access controls, auditability, and accuracy at each stage. As organizations grant agents more autonomy, security controls must expand from user-level boundaries to team and organizational governance.
read more →

NCA warns parents on risks of AI-generated content

🔒 The National Crime Agency (NCA) and Internet Watch Foundation (IWF) have launched a campaign to warn parents about the dangers of oversharing images and videos of their children online. The IWF reported a dramatic rise in AI-generated child sexual abuse material in 2025, prompting social media outreach and new guidance to help parents manage image consent and protect children. The campaign includes advice on privacy settings, discussing consent with family and schools, and steps to take if abuse is suspected.
read more →

Anthropic: Claude Fable 5 will return to subscriptions

📰 Anthropic says access to Claude Fable 5 is being moved off standard subscriptions after July 7 and shifted to usage-based billing due to unpredictable high demand. The model remains available globally via the Claude API and consumption-based Enterprise plans, while subscription access is being rolled out conservatively. Anthropic expects to restore Fable 5 to subscriptions once sufficient capacity is available, clarifying the change is not intended to be permanent.
read more →

Claude Fable relaunch disappoints users

🤖 Anthropic's Claude Fable has been restored for all users, including Max subscribers, but comes with strict usage caps and degraded behavior. Users report frequent fallbacks to Opus 4.8 and tighter guardrails that block or reduce performance on security‑adjacent and systems‑level prompts. The model will shift to a pay‑to‑play usage credits system after July 7, further limiting access.
read more →

Identity lifecycle challenges posed by AI agents

🔒 This article explains how traditional identity lifecycle management — built around HR-driven joiner, mover, and leaver events — fails to govern AI agents. It describes how agents are created outside HR and IGA workflows, arrive with embedded credentials, and expand access dynamically at runtime. The piece highlights gaps in provisioning, access reviews, and offboarding when agents proliferate across parallel instances and orchestration layers.
read more →

Google’s June 2026 AI product and research updates

🧭 In June 2026 Google highlighted a broad set of AI advances spanning local models like Gemma 4 12B, Gemini 3.5 Flash integrations, new Android 17 and Pixel Drop features, and multimodal APIs for developers. The update covers consumer devices, developer tools, education and climate applications, as well as efforts to counter AI-enabled scams and support public services.
read more →

Anthropic redeploys Mythos 5 and Fable 5 with safeguards

🛡️ Anthropic has redeployed Claude Mythos 5 and Claude Fable 5 globally after a brief suspension linked to US export controls, adding new security limitations. Fable 5 now includes an improved safety classifier that blocks reported jailbreaks in over 99% of cases, though it may increase false positives for benign coding tasks. The models will be available across major clouds and selected subscription tiers, and Anthropic is collaborating with government and industry partners on AI security testing and a HackerOne program.
read more →

Papa John’s Uses Shopping Data to Target Ads

🍕Papa John’s partnered with NBCUniversal, Instacart, and media agency Carat to target consumers when they’re likely low on groceries by analyzing Instacart purchase patterns. The campaign creates custom audiences based on purchases of staples like eggs, milk, and produce, then serves tailored creatives on NBCU streaming with prompts such as “Light on groceries?” and QR codes. Carat framed the approach as learning what’s in consumers’ fridges without being “too creepy.” The author notes historical parallels and ethical concerns about such predictive advertising.
read more →

Anthropic restores Claude Fable 5 after export pull

🔒 Anthropic has restored Claude Fable 5 globally after the U.S. Commerce Department lifted export controls on June 30 that had forced the company to suspend the model two and a half weeks earlier. The suspension followed a reported jailbreak discovered by Amazon researchers that bypassed Fable 5's safety rules and demonstrated potential exploit code. Anthropic trained a new classifier that blocks the reported technique in over 99% of attempts and routes blocked requests to the weaker Claude Opus 4.8, while Mythos 5 remains more tightly restricted for now.
read more →

Anthropic to restore Claude Fable access Wednesday

📰 Anthropic confirmed the US Department of Commerce lifted export controls on its top models, Fable 5 and Mythos 5, and said it will begin restoring access to Fable 5 on Wednesday. The company noted Mythos 5 will remain available only to select partners, while broader rollout details — including availability outside the United States — remain unclear. Recent site references to KYC have raised concerns that access may initially be limited to US users.
read more →

Anthropic launches Sonnet 5, near Opus 4.8 performance

🧭 Anthropic has released Claude Sonnet 5, a more agentic Sonnet-class model designed to bring many of the planning and tool-usage capabilities previously reserved for Opus 4.8 to a lower-cost tier. The company says Sonnet 5 improves coding, research, automation, and multi-step task handling, and can check its own outputs more reliably. Introductory API pricing runs through August 31, 2026, with lower rates than Opus 4.8, and the model is available to Free, Pro, and Max subscribers.
read more →

BioShocking prompt attack tricks AI browsers

🧩 Researchers at LayerX demonstrated a prompt injection called BioShocking that trains AI-powered browsers to treat risky real-world actions as fictional, bypassing safety controls. The PoC used a themed puzzle game to reward 'wrong' behavior and culminated in instructing agents to copy sensitive data from a GitHub repo. Six mainstream agentic browsers were tested; only one vendor implemented a working fix after disclosure. LayerX recommends explicit user confirmations, stricter context checks, and session scope limits.
read more →

AlphaEvolve speeds molecular discovery by 4x

🧪 Schrödinger partnered with Google Cloud and DeepMind to deploy AlphaEvolve, an evolutionary AI coding agent that iteratively generates and refines algorithms to remove bottlenecks in MLFF training pipelines. The team targeted neighbor list computation and the Ewald summation in PyTorch, replacing slow for-loops with a batched parallel matrix multiplication implementation. This optimization increased the success rate of correct and faster programs from under 1% to over 60% and delivered a 4× speedup in training and inference, accelerating workflows in drug discovery, catalyst design, and materials development.
read more →

New Gemini models for fast image and video creation

🖼️ Google Cloud adds two new Gemini models—Nano Banana 2 Lite and Gemini Omni Flash—to the Gemini Enterprise Agent Platform, offering faster, cost-efficient image generation and advanced conversational video editing. Nano Banana 2 Lite is generally available and optimized for low-latency image generation and rapid iteration, while Gemini Omni Flash is in public preview for high-quality video generation, multimodal inputs, and conversational editing. Both models emphasize price-performance, content authenticity via C2PA and SynthID, and integration into creative workflows and partner tools.
read more →

Anthropic Claude Sonnet 5 available on AWS

🤖 AWS now offers Claude Sonnet 5, Anthropic’s latest Sonnet-generation model, delivering high capability at Sonnet pricing for coding, agents, and professional workflows. The model excels at navigating large codebases, performing multi-file changes, debugging, and refactoring with fewer corrections. For agentic use it maintains state, calls tools precisely, and recovers from errors to increase successful runs. Customers can access Sonnet 5 via Amazon Bedrock or the Claude Platform on AWS, with Bedrock providing AWS-managed features like guardrails and regional data residency.
read more →

Securing AI agents as tools shift from read to act

🛡️ This Microsoft Incident Response post examines an attack pattern targeting Model Context Protocol (MCP) tools, where poisoned tool metadata causes agentic AI to perform unauthorized actions. It outlines a playbook for detecting, containing, and preventing these attacks using Microsoft security controls and maps techniques to the OWASP Top 10 for Agentic Applications. The guidance emphasizes treating MCP servers as supply-chain dependencies, reviewing tool descriptions as prompts, and applying least agency controls.
read more →

GuardFall bypasses safety in open-source AI agents

🔒 New research from Adversa AI, dubbed GuardFall, shows a decades-old shell trick can bypass simple blocklist checks in open-source AI coding agents, letting hidden destructive commands run. The flaw arises because filters inspect the command as plain text while shells like bash rewrite and expand that text before execution. Ten of eleven tested agents were vulnerable; only Continue defended by parsing commands the same way the shell does.
read more →

AI Transforms Capabilities of Video Surveillance

🛰️ The Financial Times reports on how AI is transforming video surveillance, drawing on examples from Israel, Iran and Russia. These AI tools let analysts ask natural-language questions of video streams rather than rely on limited preset searches. Analysts can now search for behaviors—such as two people exchanging a bag, repeated vehicle movements, or changes in appearance—creating new investigative possibilities. Officials call this shift a major advancement in surveillance capability.
read more →

Claude Opus 4.8 now in AWS GovCloud (US)

🚀 AWS GovCloud (US) now offers Anthropic's Claude Opus 4.8, the vendor's most capable generally available model to date. Claude Opus 4.8 improves agentic coding, long-running autonomous tasks, and professional knowledge work by maintaining extended context, planning before edits, and recovering from errors. Amazon Bedrock delivers access while keeping data in AWS infrastructure and adding AWS-managed features such as Guardrails and Knowledge Bases.
read more →