< ciso
brief />
Tag Banner

All news with #agentic ai tag

622 articles · page 5 of 32

Amazon EC2 M9g and M9gd with Graviton5

🚀 Amazon EC2 M9g and M9gd instances powered by AWS Graviton5 processors are now generally available. M9g targets general-purpose workloads and agentic AI tasks, while M9gd adds local NVMe SSD storage for low-latency, high-throughput use cases. These instances offer up to 25% better compute performance over Graviton4-based M8g/M8gd and deliver sizable gains for databases, web apps, and ML. They run on the sixth-generation Nitro System and introduce the Nitro Isolation Engine for formally verified workload isolation.
read more →

Securing AI Agents as Enterprise Workforce

🛡️ An enterprise sales team built an AI agent to manage renewals; the agent reads emails, queries CRM data, drafts responses, and updates records. This workflow combines private data, untrusted input, and external communication, changing the security model. Traditional controls like IAM and DLP still matter but are insufficient alone. Runtime, context-aware controls that inspect prompts, outputs, and tool calls are required to prevent prompt injection, data exfiltration, and unsafe actions.
read more →

Autonomous AI Agents Vulnerable to Phishing Attacks

🔒 Varonis tested an OpenClaw-based AI agent named Pinchy with access to a controlled Google Workspace to see whether autonomous agents could be phished. The agent was given Gmail access plus mock AWS credentials, CRM exports, internal chats, and calendars, and it still leaked credentials and customer data in scenarios that mimicked routine colleague requests. A stricter safety profile improved performance, but the agent still failed when social trust cues were abused. Researchers say the problem stems from architecture and governance gaps, urging enforceable controls, identity segregation, and human review for sensitive requests.
read more →

Claude Fable 5 in Microsoft Foundry Empowers Agents

🤖 Microsoft has integrated Anthropic’s Claude Fable 5 into Foundry, bringing Mythos-level capabilities to GitHub Copilot and Foundry Agent Service with enterprise-grade safeguards. The model excels at long-running, multi-stage tasks—code refactors, deep research, and document-heavy workflows—while Foundry adds governance, observability, and deployment controls. Combined with Microsoft IQ, Fable 5 can reason across organizational data and applications to support production-grade autonomous agents.
read more →

Google Security Operations: Autonomous threat containment

🛡️ Google details how Google Security Operations pairs with Google AI Threat Defense to detect, investigate, and contain AI-accelerated attacks across cloud and enterprise environments. The post explains three specialized agents — Detection Engineering, Triage and Investigation, and Threat Hunting — that translate threat intelligence into custom detections, autonomously investigate alerts, and proactively hunt stealthy compromises. These agents use diverse telemetry, simulated events, and AI-driven automation to reduce time-to-detection and speed remediation, addressing gaps where patching is impossible or delayed.
read more →

AWS launches FinOps Agent preview for cost management

🔍 Today AWS announced the preview of AWS FinOps Agent, a frontier agent designed for FinOps practitioners and engineering teams to answer cost questions, surface optimization opportunities, and automate investigations of cost anomalies. The agent can generate cloud cost reports, surface rightsizing and Savings Plans recommendations from AWS Cost Optimization Hub and AWS Compute Optimizer, and create Jira tickets. It can post anomaly findings to Slack and run recurring FinOps workflows on a defined schedule. The preview is available in US East (N. Virginia) and covers cost and usage data from most Regions; it is offered at no additional charge during the preview.
read more →

AI-driven worm shows autonomous host-level exploitation

🧩 Researchers at the University of Toronto built and tested a proof-of-concept self-replicating worm driven by a locally hosted open-weight large language model. In isolated experiments on a deliberately vulnerable 33-host network, the agent identified dozens of vulnerabilities, gained elevated access across most targeted hosts, and autonomously replicated to a majority of the network without using any commercial AI API. The team highlights how runtime reasoning and ingestion of fresh advisories break single-CVE patching assumptions and argues containment must focus on host and network controls rather than vendor API measures.
read more →

AI-powered worm highlights urgent enterprise risk

🛡️ Researchers at the University of Toronto built an AI-driven worm prototype that autonomously discovered and exploited vulnerabilities across a simulated enterprise network. Using a locally hosted, free LLM and a custom agentic harness, the worm self-replicated to multiple systems by chaining old and recent CVEs and common misconfigurations. Over several days it spread to most targets, demonstrating that attackers do not need cutting-edge models to mount damaging, adaptive attacks. The findings underscore the need for faster patching, AI-assisted defensive testing, and improved architecture such as segmentation and zero trust.
read more →

Prompt injection remains an unsolved architectural problem

🛡️ Ariel Fogel warned at Infosecurity Europe 2026 that prompt injection is an unresolved architectural issue threatening AI development. He explained that LLMs treat inputs as a single token stream, preventing reliable privilege separation between system prompts, user inputs and agent-retrieved content. With agents gaining tool access, successful injections can escalate from bad outputs to real-world actions, outpacing traditional governance and controls.
read more →

Amazon OpenSearch Serverless Adds Agentic Search

🔍 Amazon OpenSearch Serverless now supports Agentic Search, enabling natural-language queries over users' data. The system interprets intent, plans searches, generates DSL queries, and returns results with transparent reasoning. A built-in QueryPlanningTool powered by LLMs translates requests and orchestrates retrieval; behavior can be customized via APIs or OpenSearch Dashboards. Agentic Search is available in all AWS Commercial Regions where OpenSearch Serverless operates.
read more →

Microsoft lists seven new agentic AI failure modes

🔍 Microsoft has expanded its Taxonomy of Failure Modes in Agentic AI Systems with seven newly identified ways agentic AI can be compromised. The update cites rapid adoption, maturation of the Model Context Protocol (MCP) ecosystem, proliferation of computer-use agents, and increased empirical evidence as drivers. New failure modes include supply chain compromise, goal hijacking, inter-agent trust escalation, visual attacks on CUAs, session context contamination, MCP/plugin abuse, and capability disclosure. Microsoft recommends inventorying agent supply chains, issuing cryptographic attestations, adding these modes to red-team exercises, and auditing human-in-the-loop controls.
read more →

Lloyds’ Practical Playbook for Agentic AI Security

🛡️ Lloyds Banking Group treats agentic AI as an engineering problem to be designed, constrained and tested at scale. At OWASP’s GenAI Security Summit, Lloyds’ security leads explained an “AI safe adoption” strategy spanning lifecycle governance, an internal agent marketplace, and multidisciplinary feature teams. Key challenges include agent identity, runtime observability and automated red‑teaming, while prioritizing low‑risk, high‑value use cases for customers.
read more →

OWASP Agentic AI Security Maturity Model Released

🛡️ The Open Worldwide Application Security Project (OWASP) published a new agentic AI security maturity framework in the GenAI Security Project paper "State of Agentic AI Security and Governance" on June 3, and introduced it at Infosecurity Europe 2026 on June 4. The Enterprise Adoption Maturity Model maps deployments (from shadow AI to multi-agent systems) against governance maturity (from ad hoc to continuous oversight). It provides a decision tool to identify mismatches and prescribes either tailored controls for agentic systems or constrained agent permissions until governance catches up.
read more →

Embed security within agentic AI coding tools

🔒 Ox Security urges that appsec be integrated directly into AI coding tools as agentic development accelerates code changes beyond traditional pipelines. Speaking at Infosecurity Europe, field CTO Boaz Barzel argued that security must become a continuous, contextual property of creation rather than a bolt-on stage. He outlined four agentic attack surfaces—input, tools, execution and output—and advocated autonomous security agents that pentest and validate every commit to reduce MTTR and achieve full coverage.
read more →

AWS MCP Server Adds Cross-Account Cross-Role Access

🚀 Today AWS introduced cross-account and cross-role access for the AWS Model Context Protocol (MCP) Server, part of the Agent Toolkit for AWS. This update lets AI coding agents such as Kiro, Claude Code, or Codex operate across multiple AWS accounts and IAM roles within a single session without restarts. Previously, changing accounts required stopping the session, updating local credentials, and restarting the MCP server; now agents can specify a profile per command. The feature is intended to streamline multi-account workflows and reduce context-switch friction. The MCP Server is available in US East (N. Virginia) and Europe (Frankfurt).
read more →

Updated Taxonomy of Agentic AI Failure Modes

🔎 The Microsoft AI Red Team released a v2.0 update to the Taxonomy of Failure Modes in Agentic AI Systems, grounded in twelve months of red team engagements and operational data. The revision adds seven new failure mode categories—such as agentic supply chain compromise, goal hijacking, and visual attacks against computer-use agents—expands mitigations, and emphasizes supply chain, zero‑trust, and session hardening.
read more →

AI and Evasion Force Rethink of Network Prevention

🔍 For years network security relied on content inspection and static threat intelligence, but the rise of agentic AI and evasive techniques has upended that model. Unit 42 research shows attackers exploit the IP layer and use anonymizers, rapid infrastructure rotation, and AI-enabled stealth to bypass legacy controls. Security strategies must augment deep inspection with real-time IP-layer monitoring and continuous verification to defend at machine speed.
read more →

Deploy ADK agents on GKE Autopilot securely

🚀 This tutorial shows how to build an AI agent with Google’s Agent Development Kit (ADK), containerize it, and deploy it to GKE Autopilot using Vertex AI (Gemini) as the model backend. It walks through local testing, creating a multi-stage Docker image, pushing to Artifact Registry, and configuring a Kubernetes Deployment and Service. The guide emphasizes secure authentication with Workload Identity and exposes the agent via the Kubernetes Gateway API with a Google-managed TLS certificate.
read more →

ECS Managed Instances Add Trainium and Inferentia

🚀 Amazon ECS Managed Instances now supports AWS Trainium and AWS Inferentia accelerators, enabling scalable training and inference for generative AI workloads. This fully managed compute option offloads infrastructure operations to AWS while preserving the full capabilities of Amazon EC2. You can select Inferentia2, Trainium1, or Trainium2 when creating a capacity provider and set NEURON_CORE=all to allocate the accelerator per task. Management charges apply in addition to standard EC2 costs.
read more →

SageMaker AI adds multi‑turn reinforcement learning

🧭 Amazon SageMaker AI introduces multi-turn reinforcement learning (RL), a serverless model customization method for fine-tuning models on multi-step, agentic tasks. The feature trains models against users' agent environments, rewarding entire decision sequences to improve task accuracy of smaller, cost‑effective models versus larger general-purpose models. It integrates with Amazon Bedrock AgentCore Runtime and other deployment targets, and handles rollout orchestration, trajectory collection, training, and checkpoints, with MLflow tracking and evaluation metrics. Multi-turn RL runs serverlessly and is available in SageMaker Studio and the SageMaker Python SDK, supporting several foundation models in specific regions.
read more →