All news with #ai security tag

Agentic AI Reshapes Cybercrime and Defensive Options

🤖Agentic AI gives autonomous agents the ability to access external systems, gather information, and take actions within defined workflows, making routine multi-system tasks far more efficient for human operators. Cisco Talos warns this efficiency is already being mirrored in the cyber crime economy, including the first observed AI-orchestrated campaign in early 2025. While AI lowers barriers to entry and speeds operations for attackers, it is imperfect and still requires skilled instruction and human oversight. Defenders can respond by building their own agentic tools, deploying honeypots to engage malicious agents, and refining detection to stay ahead.

ShadowRay 2.0 Worm Uses Ray Flaw to Build Global Botnet

🪲 Oligo Security warns of an active campaign, codenamed ShadowRay 2.0, that exploits a two-year-old authentication flaw in the Ray AI framework (CVE-2023-48022, CVSS 9.8) to convert exposed clusters with NVIDIA GPUs into a self-replicating cryptomining botnet using XMRig. Operators submit malicious jobs to the unauthenticated Job Submission API (/api/jobs/), stage payloads on GitLab and GitHub, and abuse Ray’s orchestration to pivot laterally, establish persistence via cron jobs, and propagate to other dashboards. Oligo recommends restricting access, enabling authentication on the Ray Dashboard (default port 8265) and using Anyscale’s Ray Open Ports Checker plus firewall rules to reduce accidental exposure.

3 Ways CISOs Can Win Over Their Boards This Budget Season

🔒 As CISOs finalize next year’s cybersecurity budgets, winning board approval requires translating technical needs into business value. First, quantify risk in financial terms—estimate value at risk across worst-, best- and most‑likely scenarios, using industry reports, internal experts and vendor assessments to model direct losses, business interruption and reputational impact. Second, go beyond compliance: reserve budget for emerging threats (generative AI, quantum, third‑party risk) and repurpose existing line items such as Data Security Posture Management, SASE and GRC hours to limit net new spend. Third, know thy board and tailor your message—use dollars-and-cents for finance‑focused directors and vivid attack narratives for others, while maintaining regular engagement year-round.

Gartner: Shadow AI to Cause Major Incidents by 2030

🛡️ Gartner warns that by 2030 more than 40% of organizations will experience security and compliance incidents caused by employees using unauthorized AI tools. A survey of security leaders found 69% have evidence or suspect public generative AI use at work, increasing risks such as IP loss and data exposure. Gartner urges CIOs to set enterprise-wide AI policies, audit for shadow AI activity and incorporate GenAI risk evaluation into SaaS assessments.

Smashing Security Ep 444: Honest Breach and Hotel Phish

📰 In episode 444 of the Smashing Security podcast Graham Cluley and guest Tricia Howard examine a refreshingly candid breach response where a company apologised and redirected a ransom payment to cybersecurity research, illustrating how legacy systems can still magnify risk. They unpack a sophisticated hotel-booking malware campaign that abuses trust in apps and CAPTCHAs to deliver PureRAT. The hosts also discuss the rise of autonomous pen testing, AI-turbocharged cybercrime, and practical questions CISOs should be asking on Monday morning, with a featured interview featuring Snehal Antani from Horizon3.ai.

Google Cloud to Launch New Cloud Region in Türkiye

🚀 Google Cloud announced plans to open a new cloud region in Türkiye in partnership with Turkcell, forming part of a 10-year, $2 billion investment in the country. The region will deliver low-latency, high-performance services and advanced AI, data analytics, and cybersecurity capabilities while providing data residency and strong protection controls. Local enterprises, public sector organizations, and partners will gain enhanced scalability, compliance, and the ability to deploy AI-driven solutions closer to end users.

CrowdStrike: Political Triggers Reduce AI Code Security

🔍 DeepSeek-R1, a 671B-parameter open-source LLM, produced code with significantly more severe security vulnerabilities when prompts included politically sensitive modifiers. CrowdStrike found baseline vulnerable outputs at 19%, rising to 27.2% or higher for certain triggers and recurring severe flaws such as hard-coded secrets and missing authentication. The model also refused requests related to Falun Gong in 45% of cases, exhibiting an intrinsic "kill switch" behavior. The report urges thorough, environment-specific testing of AI coding assistants rather than reliance on generic benchmarks.

AI Risk Guide: Assessing GenAI, Vendors and Threats

⚠️ This guide outlines the principal risks generative AI (GenAI) poses to organizations, categorizing concerns into internal projects, third‑party solutions and malicious external use. It urges inventories of AI use, application of risk and deployment frameworks (including ISO, NIST and emerging EU standards), and continuous vendor due diligence. Practical steps include governance, scoring, staff training, basic cyber hygiene and incident readiness to protect data and trust.

Google's Gemini 3 Pro Impresses with One‑Shot Game Creation

🎮 Google has released Gemini 3 Pro, a multimodal model that posts strong benchmark results and produces notable real-world demos. Early tests show top-tier scores (LMArena 1501 Elo, high marks on MMMU-Pro and Video-MMMU) and PhD-level reasoning in targeted exams. Designers reported one-shot generation of a 3D LEGO editor and a full recreation of Ridiculous Fishing. Adherence remains imperfect, so the author suggests Claude Sonnet 4.5 for routine tasks and Gemini 3 Pro for more complex queries.

Google Named Leader in Gartner MQ for AI Platforms

🚀 Google has been named a Leader in the inaugural 2025 Gartner Magic Quadrant for AI Application Development Platforms and ranked highest for Ability to Execute. The announcement highlights Vertex AI as a unified, governed platform that delivers model choice, customization, and production-grade agent capabilities across an enterprise. Key capabilities cited include the Vertex AI Model Garden and Gemini 3, Vertex AI Training, Agent Builder and Agent Engine for multi-agent systems, and operational controls for observability, security, and predictable cost.

Phil Venables on CISO 2.0 and Building CISO Factories

🔒 In this Cloud CISO Perspectives installment, Phil Venables explains how AI is reshaping the chief information security officer role and urges a shift from reactive “fire station” operations to a self-sustaining “flywheel.” He defines CISO 2.0 as business-first, technically empathetic, and focused on long-term strategic outcomes, and introduces CISO Factories—organizations that reliably develop great security leaders. Venables emphasizes clear strategy, stronger board engagement, and using procurement influence to drive safer supplier behavior.

Fortinet Adds AI-Driven Managed IPS Rules for AWS Cloud

🔒 Fortinet is an official launch partner for third-party rules on AWS Network Firewall, introducing Fortinet Managed IPS Rules powered by FortiGuard AI-Powered Security Services. The managed service uses AI/ML from FortiGuard Labs to automatically translate global threat telemetry into continuously updated IPS rules, removing manual tuning and improving detection timeliness. Deployment is fast via AWS Marketplace and integrates natively with AWS Network Firewall, helping teams scale protection across cloud workloads while supporting compliance objectives.

Hidden Comet AI Browser API Spurs Enterprise Alarm

⚠️ SquareX disclosed an undocumented API in the Comet AI browser that allows embedded extensions to execute arbitrary commands and launch applications, effectively bypassing long-standing browser safeguards. The feature was discovered in Comet’s Analytics Extension under a non-standard chrome.perplexity namespace and can be invoked via perplexity.ai, creating a covert execution channel. The API is exploitable through low-bar techniques such as extension stomping, XSS, or MitM, and Comet hides its embedded Analytics and Agentic extensions from the extension dashboard so users cannot disable them.

Using AI to Avoid Black Friday Price Manipulation and Scams

🛍️ Black Friday shopping is increasingly fraught with staged discounts and manipulated prices, but large language models (LLMs) can help shoppers cut through the noise. Use AI like ChatGPT, Claude, or Gemini to build a wish list, track historical prices, compare alternatives, and vet sellers quickly. The article provides step-by-step prompts for price analysis, seller verification, local-market queries, and model-specific requests, and recommends security measures such as using a separate card and installing Kaspersky Premium to reduce fraud risk.

CIO: Embed Security into AI from Day One at Scale

🔐 Meerah Rajavel, CIO at Palo Alto Networks, argues that security must be integrated into AI from the outset rather than tacked on later. She frames AI value around three pillars — velocity, efficiency and experience — and describes how Panda AI transformed employee support, automating 72% of IT requests. Rajavel warns that models and data are primary attack surfaces and urges supply-chain, runtime and prompt protections, noting the company embeds these controls in Cortex XDR.

ServiceNow Now Assist agents vulnerable by default settings

🔒 AppOmni disclosed a second-order prompt injection that abuses ServiceNow's Now Assist agent discovery and agent-to-agent collaboration to perform unauthorized actions. A benign agent parsing attacker-crafted prompts can recruit other agents to read or modify records, exfiltrate data, or escalate privileges — all enabled by default configuration choices. AppOmni recommends supervised execution, disabling autonomous overrides, agent segmentation, and active monitoring to reduce risk.

Anthropic Reports AI-Enabled Cyber Espionage Campaign

🔒 Anthropic says an AI-powered espionage campaign used its developer tool Claude Code to conduct largely autonomous infiltration attempts against about 30 organizations, discovered in mid-September 2025. A group identified as GTG-1002, linked to China, is blamed. Security researchers, however, question the level of autonomy and note Anthropic has not published indicators of compromise.

ShadowRay 2.0 Converts Exposed Ray Clusters to Miners

⚠ A global campaign named ShadowRay 2.0 is exploiting an unpatched code-execution flaw (CVE-2023-48022) in Ray clusters to deploy a self-propagating cryptomining botnet. Researchers at Oligo attribute the activity to an actor tracked as IronErn440, which uses AI-generated payloads submitted to Ray’s unauthenticated Jobs API. The malware deploys XMRig to mine Monero, establishes persistence via cron and systemd, and opens reverse shells for interactive control. Operators also throttle CPU use and conceal miners with deceptive names to evade detection.

Microsoft Foundry: Modular, Interoperable Secure Agent Stack

🔧 Microsoft today expanded Foundry, its platform for building production AI apps and agents, with new models, developer tools, and governance controls. Key updates include broader model access (Anthropic, Cohere, NVIDIA), a generally available model router, and public previews for Foundry IQ, Agent Service features (hosted agents, memory, multi-agent workflows), and the Foundry Control Plane. Foundry Tools and Foundry Local bring real-time connectors and edge inference, while Managed Instance on Azure App Service eases .NET cloud migrations.

Ambient and Autonomous Security for the Agentic Era

🛡️ At Microsoft Ignite 2025, Microsoft set out an ambient, autonomous security approach for the emerging agentic era and announced a suite of tools to observe, secure, and govern AI agents and apps. The centerpiece is Microsoft Agent 365, a control plane providing an Entra-based registry, access controls, visualization, and integrations with Defender, Entra, and Purview to detect prompt-injection, prevent leakage, and enable auditing. Microsoft also expanded platform protections, enhanced Copilot data controls in Purview, and positioned Microsoft Sentinel and Security Copilot as agentic security pillars for detection and response.