< ciso
brief />
AI and Security Pulse Banner

All news in category “AI and Security Pulse

1118 articles · page 6 of 56

Anthropic launches Fable 5 with limited-time access

🔒 Anthropic has released Fable 5, a safer variant of its powerful Mythos-class model, intended to reduce misuse by blocking sensitive cybersecurity, biology, and chemistry queries. The company will route restricted prompts to Opus 4.8, while the unrestricted Claude Mythos 5 remains limited to highly vetted partners. Fable 5 is free temporarily for Pro, Max, and Enterprise users until June 22 but consumes tokens much faster than other models.
read more →

Adapting Security to the Frontier AI Era

🛡️ Frontier AI is accelerating cyber threats and outpacing traditional governance across JAPAC, forcing regulators and enterprises to shift from committee-based oversight to real-time defensive postures. Urgent regulatory action in Australia, Singapore, and South Korea has prompted organisations to modernise identity, access, and incident response frameworks. Real-time AI vs AI engagements now dominate the threat landscape.
read more →

OpenClaw AI Agent Susceptible to Phishing Risks

📧 Researchers at Varonis tested an OpenClaw AI email agent connected to Gmail, browser tools, and internal data sources and found it vulnerable to common phishing techniques. The agent ran in both generic and strict configurations and used Google Gemini 3.1 Pro and OpenAI GPT-5.4 models. While the agent detected malicious links and OAuth apps, it still exfiltrated credentials and CRM data in scenarios exploiting identity verification failures. Varonis recommends explicit sender verification, restricted external emailing, and human approval for high-risk actions.
read more →

Anthropic unveils Mythos-class Fable 5 with safeguards

🛡️ Anthropic released two Mythos-class models: the broadly available Claude Fable 5 and the restricted Claude Mythos 5 for select cybersecurity and infrastructure partners. Anthropic says Fable 5 outperforms prior Claude models across coding, research, vision, and long-form tasks while routing risky queries to a fallback, Claude Opus 4.8. The company stresses conservative safeguards to prevent misuse, but early tests suggest some benign cyber tasks are also being rerouted.
read more →

Anthropic’s Claude Fable 5 Now Available on Google Cloud

🟢 Claude Fable 5, Anthropic’s latest frontier model, is now generally available on Google Cloud. The model is designed for complex, multi-step reasoning and supports demanding use cases like advanced software development, long-horizon agents, and deep multimodal document analysis. Google Cloud highlights strong safeguards to make the model suitable for general use and positions it alongside other Anthropic offerings on the Agent Platform.
read more →

XBOW Evaluates Anthropic’s Mythos Preview Model

🔎 XBOW received early access to Anthos Mythos Preview and ran a structured evaluation across benchmarks, interactive workflows, and live-site integrations. The model excels at reading source code, finding vulnerability candidates, and aiding native-code analysis and reverse engineering. While powerful for generating leads and precise technical analysis, Mythos Preview is less effective at exploit validation and exhibits mixed judgment that benefits from human orchestration.
read more →

Measuring the Business Value of Generative AI

🧭 The post explains how technology and finance leaders can demonstrate the business value of generative AI to secure funding and drive adoption. It highlights the DORA: ROI of AI-assisted software development report and its findings, including the common J-curve of early adoption, causes of temporary productivity decline, and the need to budget for a learning phase. The article also describes an interactive ROI calculator and resources to build a defensible AI investment case.
read more →

Widespread AI Coding Use Outpaces Governance

🛠️ Nearly all software teams now use AI coding assistants, yet fewer than a third have formal governance in place. A UserEvidence survey for Black Duck of 831 developers and DevOps pros in March 2026 found 97% adoption but only 30% with full oversight. Popular tools include GitHub Copilot (83%) and Claude Code (63%). Teams report faster releases and an average of eight hours saved per developer weekly, but many face downstream friction in reviews, testing and rework.
read more →

Claude Fable 5 available on AWS with safeguards

🤖 Claude Fable 5 is now generally available on AWS, offering Mythos-level capabilities with built-in safety classifiers for broader use. The model advances autonomous knowledge work and coding for professional tasks across finance, legal, marketing, sales, data, and engineering. Customers can access it via Amazon Bedrock or the Claude Platform on AWS, with options for AWS-managed guardrails and regional data residency.
read more →

Security shifts to the human layer as AI scams surge

🛡️ Microsoft and Google warn that cybercriminals are repurposing familiar social-engineering tactics around AI tools and trusted cloud services, impersonating platforms like ChatGPT, Copilot, and Claude to distribute malware, steal credentials, and run investment scams. Both advisories note attackers rely on longstanding techniques—urgency, trusted-brand abuse, and redirection chains—while adapting lures to where AI is embedded in daily workflows. The trend shifts the threat surface from code to employee behavior, demanding resilience beyond blocking single phishing campaigns.
read more →

Defending Applications Against Frontier Model Threats

🔒 Cloudflare describes an architectural approach to defend applications and internal systems from high-speed attacks enabled by frontier AI models. The post explains how layered controls — including WAF, ML-based scoring, API Shield, Bot Management, Zero Trust, IdP federation, MCP server controls, and AI Gateway — work together to reduce discovery, limit exploit adaptation, and contain impact. It emphasizes deploying inspection ahead of public apps, defining valid API traffic, restricting automated probing, and enforcing per-request identity for internal tools.
read more →

OpenAI Lockdown Mode: Limits, Risks, and Governance

🔒 OpenAI’s Lockdown Mode aims to reduce AI-enabled data exfiltration by disabling web browsing, image support, Deep Research, Agent Mode, network access from generated code, and file downloads while still permitting manually uploaded file analysis. Experts say the feature is a pragmatic but imperfect mitigation that still allows side-channel exfiltration, complicates governance across multiple AI vendors, and shifts responsibility between providers and enterprise security teams.
read more →

White House EO Aligns AI Policy with Cybersecurity

🔒 The White House Executive Order on advanced AI seeks practical public–private coordination to address AI-driven cyber risks while preserving innovation. It prioritizes voluntary model assessments, improved federal defenses, faster vulnerability discovery and remediation, and expanded cybersecurity talent. Successful implementation will hinge on operationalizing AI-assisted defense, translating insights into timely guidance and mitigations, and supporting resource-constrained critical infrastructure operators.
read more →

Anthropic’s Project Glasswing: Status and Concerns

📰 Anthropic launched Project Glasswing in April to let companies use its Mythos model to discover and remediate software vulnerabilities. The project produced a status report claiming many findings, including some dangerous issues, yet most reported vulnerabilities appear unpatched. Anthropic’s reluctance to release detailed data and methodology — instead asking the public to "trust us" — raises questions about the accuracy and interpretation of the results.
read more →

Prompt injection remains an unsolved architectural problem

🛡️ Ariel Fogel warned at Infosecurity Europe 2026 that prompt injection is an unresolved architectural issue threatening AI development. He explained that LLMs treat inputs as a single token stream, preventing reliable privilege separation between system prompts, user inputs and agent-retrieved content. With agents gaining tool access, successful injections can escalate from bad outputs to real-world actions, outpacing traditional governance and controls.
read more →

Hands-on: Microsoft’s Intelligent Terminal for Windows

🧭 Microsoft has released an open-source fork of Windows Terminal named Intelligent Terminal, enabling AI assistance directly within the terminal without disrupting active sessions. The assistant can explain errors, draft commands, and propose fixes while remaining aware of current and past agent sessions. Users choose an AI agent (examples include GitHub Copilot, Claude, Codex, and Gemini) and can toggle Automatic error detection, Automatic error suggestion, and Session management. The terminal shows an AI pane beneath the shell for interactive planning, edits, and session resume features.
read more →

OpenAI introduces Lockdown Mode to limit ChatGPT tools

🔒 OpenAI has started rolling out a new Lockdown Mode for eligible ChatGPT personal accounts to reduce the risk of data exfiltration from prompt injection attacks. The optional security setting restricts capabilities that can connect to the web or external services, including live web browsing, image support, agent mode, deep research, Canvas networking, and file downloads. Lockdown Mode is available across Free, Go, Plus, Pro, and self-serve ChatGPT Business plans but cannot be used simultaneously with Developer Mode. OpenAI warns the feature reduces but does not eliminate exfiltration risk and also launched enhanced account session management to help detect and terminate unauthorized access.
read more →

Microsoft lists seven new agentic AI failure modes

🔍 Microsoft has expanded its Taxonomy of Failure Modes in Agentic AI Systems with seven newly identified ways agentic AI can be compromised. The update cites rapid adoption, maturation of the Model Context Protocol (MCP) ecosystem, proliferation of computer-use agents, and increased empirical evidence as drivers. New failure modes include supply chain compromise, goal hijacking, inter-agent trust escalation, visual attacks on CUAs, session context contamination, MCP/plugin abuse, and capability disclosure. Microsoft recommends inventorying agent supply chains, issuing cryptographic attestations, adding these modes to red-team exercises, and auditing human-in-the-loop controls.
read more →

Lloyds’ Practical Playbook for Agentic AI Security

🛡️ Lloyds Banking Group treats agentic AI as an engineering problem to be designed, constrained and tested at scale. At OWASP’s GenAI Security Summit, Lloyds’ security leads explained an “AI safe adoption” strategy spanning lifecycle governance, an internal agent marketplace, and multidisciplinary feature teams. Key challenges include agent identity, runtime observability and automated red‑teaming, while prioritizing low‑risk, high‑value use cases for customers.
read more →

OWASP Agentic AI Security Maturity Model Released

🛡️ The Open Worldwide Application Security Project (OWASP) published a new agentic AI security maturity framework in the GenAI Security Project paper "State of Agentic AI Security and Governance" on June 3, and introduced it at Infosecurity Europe 2026 on June 4. The Enterprise Adoption Maturity Model maps deployments (from shadow AI to multi-agent systems) against governance maturity (from ad hoc to continuous oversight). It provides a decision tool to identify mismatches and prescribes either tailored controls for agentic systems or constrained agent permissions until governance catches up.
read more →