All news in category “AI and Security Pulse”

🤖 AI agents are shifting the Tier 1 SOC analyst role from manual triage to oversight and decision-making. Instead of spending hours pivoting across logs and telemetry, analysts can delegate evidence collection to agentic AI that queries systems, correlates signals and builds evidence chains in real time. The human role becomes orchestration—reviewing outcomes, validating uncertainty and aligning actions with business risk. Trust is earned via transparency, staged deployments and practitioner-led adoption.

🔒Attackers are increasingly hijacking legitimate AI agents and compromised credentials to extract sensitive information, turning in-house assistants into active threats. These agents become 'agentic endpoints'—autonomous identities with broad privileges that often evade traditional controls by using plugins, extensions, and stolen API tokens. Organizations need a consolidated security platform, continuous verification through PAM and Zero Trust, and board-level governance to manage this accelerated, AI-driven risk.

🔒 The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos, while other government bodies do. Anthropic has restricted preview access through Project Glasswing to a select set of agencies, industry groups, and software providers over concerns the model could be misused to find and exploit vulnerabilities. Bloomberg reports members of a private Discord channel obtained unauthorized access and have been using Mythos for non-cybersecurity purposes, supplying screenshots to support their claim.

🔒 Mandiant VP Jurgen Kutscher warns the rush to deploy AI in enterprises is reviving old cybersecurity failures as organizations neglect basic controls. During red-team engagements, Mandiant uncovered unencrypted streams, misclassified data and AI-enabled policy changes that allowed exfiltration. He urges firms to implement AI governance, revisit secure architectures and run red-team validation before uncontrolled adoption.

🔒 The contributor reframes AI agents as delegated identities rather than independent actors, arguing enterprises cannot safely govern agents without first governing the identities that delegate authority to them. It calls out pervasive "identity dark matter"—unmanaged human and machine credentials that create hidden permissions and execution paths which agents can amplify. The piece recommends sequencing remediation: first illuminate and reduce identity dark matter across humans, bots, and service accounts, then feed continuous telemetry into a real‑time delegation authority engine. Orchid's continuous observability model is presented as that live feed, enabling dynamic decisions to allow, recommend, constrain, or block agent actions based on delegator posture, intent, application context, and scope.

🔎 Google Threat Intelligence scanned a large Common Crawl corpus to detect indirect prompt injection (IPI) patterns embedded in public web pages. The team combined signature-based pattern matching, Gemini-assisted classification, and manual review to reduce false positives and contextualize findings. Most observed injections were low-sophistication—pranks, benign guidance, or SEO-driven prompts—but a smaller and rising set attempted data exfiltration or destructive actions. The study excludes social media and login-protected content and reports a 32% increase in malicious samples between Nov 2025 and Feb 2026.

🔒 Palo Alto Networks' Unit 42 summarizes the ten most frequent CISO questions about frontier AI, outlining operational risks, strategic impacts, and prioritized mitigation steps. The piece characterizes frontier models (for example, Anthropic Mythos) as advanced foundational systems that can autonomously find vulnerabilities, chain exploits, and scale reconnaissance and social engineering at machine speed. Unit 42 urges organizations to prioritize findings by attacker reachability and AI exploitability, adopt machine-speed defenses, integrate frontier models into the SDLC, and consider the Unit 42 Frontier AI Defense service and a CISO checklist for immediate and long-term hardening.

🔍 AI-driven detection reduces alert noise and accelerates incident identification by building behavioral baselines across users, endpoints, identities, and cloud workloads. Platforms that combine behavioral models, cross-telemetry correlation, and automated triage suppress low-value alerts, enrich context, and prioritize what matters for lean security teams. Paired with managed detection and response, integrated automation shortens dwell time, limits lateral movement, and reduces operational impact when prevention fails.

🔒 At Google Cloud Next 26, COO Francis DeSouza said Google will not release a separate cyber‑focused frontier model and instead relies on the generalist Gemini3.1 Pro for security use cases. He advised pairing a strong general model with the right tooling, governance and access controls and training it on organisation‑specific context. Google plans to combine Gemini with agent and platform capabilities to support automated detection, triage and response. Competitors such as Anthropic and OpenAI are pursuing specialised variants like Claude Mythos and GPT‑5.4‑Cyber.

⚠️ Anthropic’s Project Glasswing, powered by the Mythos preview model, discovered pervasive, long-lived vulnerabilities across major operating systems and browsers — including chained exploit sequences, race-condition privilege escalations, and distributed ROP chains — and Anthropic paused a public release to give major vendors time to patch. Despite that cooperation, fewer than 1% of findings were patched, exposing a systemic remediation bottleneck. The author argues defenders must shift from scheduled, CVSS-driven processes to signal-driven validation, environment-specific context, and closed-loop remediation to act at machine speed against autonomous, AI-enabled attackers.

🔒 Unit 42 demonstrates Zealot, a multi-agent LLM proof of concept that autonomously chained well-known cloud exploits in an isolated GCP sandbox. The system coordinated specialist agents to perform reconnaissance, exploit an SSRF vulnerability, steal metadata service credentials, impersonate service accounts and exfiltrate BigQuery data without step-by-step human prompts. The report emphasizes that AI acts as a force multiplier—accelerating exploitation of misconfigurations rather than inventing novel techniques—and urges defenders to harden metadata access, enforce least privilege and adopt machine-speed detection and response.

🔒 Forcepoint researchers have uncovered 10 distinct indirect prompt injection (IPI) payloads embedded in web content that instruct AI agents to perform malicious real‑world actions such as financial fraud, data destruction and API key exfiltration. The attacks poison pages so that browsing or summarizing agents ingest and execute attacker directives, often overriding prior safeguards. Forcepoint warns risk scales with AI privilege and highlights threats to agentic tools integrated into IDEs, payment flows and automation pipelines.

🔍 Claude Mythos Preview uncovered 271 security flaws in Firefox 148, all addressed in Firefox 150, prompting claims that the model can match human researchers in vulnerability discovery. Mozilla and security experts say Mythos closed significant gaps left by fuzzing and automation, though Anthropic is investigating reported unauthorized access to the model. Teams are urged to adopt continuous AI-assisted testing and treat models as privileged infrastructure.

🔐 The shift from access-based controls to action-oriented outcome control is redefining application security as AI agents reason, act, and interact with systems. The blog outlines how Google Cloud’s Gemini Enterprise Agent Platform creates a centralized control point for agentic systems, enabling identity, access, policy enforcement, and observability. It frames outcome control as essential to manage the new operational risk posed by agents.

🔐 Researchers disclosed a major data exposure at Moltbook on January 31, 2026, revealing 35,000 emails and 1.5 million agent API tokens across 770,000 agents. Private messages contained plaintext third-party credentials, including OpenAI API keys, creating what the article calls a toxic combination — cross-app permissions that compound risk. The piece urges shifting review from single apps to the bridges between them and highlights procedural controls and dynamic SaaS security platforms like Reco to monitor runtime trust relationships and revoke risky tokens before exfiltration.

🔍 Anthropic warns that its AI vulnerability-discovery system Mythos will sharply increase the pace and volume of software flaws, forcing defenders to prioritize what to fix. The company recommended using the probabilistic EPSS model (developed by Empirical Security and published through FIRST) to triage vulnerabilities—patching CISA’s KEV list first, then addressing CVEs above a chosen EPSS threshold. Empirical Security leaders emphasize that EPSS is machine-driven and already integrated across many vendor products.

⚠️ Anthropic's reported Claude Mythos marks a shift: AI is compressing attack timelines by accelerating vulnerability discovery, exploit development, and multi-step attack planning. Attackers can now run malware, phishing, and vulnerability exploitation in parallel, reducing time to compromise and widening exposure. This trend demands prevention-first controls and real-time detection to identify and remediate gaps earlier, limiting impact.

⚠️ Google’s Antigravity IDE contained a prompt-injection flaw that could convert a file-search operation into remote code execution. Researchers at Pillar Security showed the agent’s find_my_name tool passed unsanitized Pattern strings to the underlying fd utility, allowing flag injection and execution of binaries. Google acknowledged and fixed the issue and awarded a VRP bounty, but the flaw underscores limits of shell-focused sanitization.

🔍 The new CrowdStrike Shadow AI Visibility Service delivers telemetry-based discovery of sanctioned and unsanctioned AI across endpoint, cloud and SaaS environments. Delivered by CrowdStrike experts and powered by the Falcon platform, it produces a comprehensive AI inventory and runtime evidence such as prompts, responses and agent activity. The service identifies visibility gaps, prioritizes findings and provides actionable remediation guidance to reduce exposure. It positions discovery as the foundational phase before adversarial testing and continuous frontier AI readiness scanning.

🔐 AI is compressing the timeline of cyber risk, turning vulnerabilities that once took weeks to exploit into issues weaponized in hours, while also enabling defenders to analyze and mitigate faster. Fortinet has used AI in FortiGuard Labs since 2015 and now leverages generative and frontier models—including early access to Anthropic’s Mythos preview—to scale code analysis, threat hunting, and automated remediation. The recommendation is clear: embed AI across development, detection, and response, shorten mitigation cycles with automation and virtual patches, and design systems for continuous, integrated security.