< ciso
brief />
Tag Banner

All news with #ai security tag

756 articles

GhostApproval flaw exposes AI coding assistants' risks

πŸ›‘οΈ A Wiz report details "GhostApproval," a vulnerability pattern in six AI coding assistants that lets malicious repos use symlinks to escape sandboxes and trick human approvers into authorizing writes outside the workspace. Vendors including AWS, Cursor and Google patched quickly; others acknowledged or had already fixed the issue. Analysts warn this reflects a category-wide design problem where human-in-the-loop prompts can be misleading and enterprises must treat these tools as privileged software and enforce stronger controls.
read more β†’

Microsoft warns of more Windows security updates ahead

πŸ›‘οΈ Microsoft says AI-driven discovery is increasing the pace of vulnerability identification in Windows, leading to a likely rise in monthly security updates. The company uses its MDASH system to scan critical binaries and validate potential issues with multiple AI models, then runs a Windows-specific validation pipeline to reduce false positives. Microsoft also applies AI to accelerate triage, suggest fixes, and find similar bugs, while keeping humans in the review loop. The firm is updating its Secure Development Lifecycle to address AI-enabled attack techniques as adversaries also leverage AI.
read more β†’

UK unveils AI-driven national Cyber Shield

πŸ”’ The UK’s NCSC and DSIT unveiled a blueprint called Cyber Shield to deploy autonomous AI agents that detect and neutralize cyberattacks at machine speed. The plan uses cooperating β€œred” and β€œblue” agents to identify weaknesses, detect threats and progressively automate remediation while operating under organizational control. The initiative emphasizes explainable and federated AI, industry partnerships, and a staged rollout beginning with government and critical sectors.
read more β†’

CISOs Warn Executives Lack Understanding of Cyber Risk

πŸ”’ A MetaCompliance report (July 9) based on responses from over 200 European CISOs finds 78% believe C-level executives do not fully grasp cybersecurity risks tied to employee behaviour. The survey highlights fading leadership support for security awareness, with 79% saying backing wanes over time and 40% worried employees share sensitive data with generative AI tools. AI-driven social engineering is cited as a key factor eroding confidence in organisational cyber resilience.
read more β†’

AI's accelerating role in cybersecurity risks

πŸ›‘οΈ Five Eyes agencies warned that AI's rapid development raises cyber risks, particularly autonomous hacking and automated attacks. Bruce Schneier explains that AI widens the gap between skill and ability, enabling less-skilled actors to cause greater harm while also offering defensive tools. He argues that guardrails on large platforms won't stop open-source models and urges using AI for defense across all heightened risks.
read more β†’

Six-stage maturity model for non-human identities

πŸ”’ This article examines the risks of agentic AI and non-human identities in enterprise environments, illustrating incidents where LLM-based agents caused outages due to weak identity controls. It argues that existing IAM models are insufficient for agents that act autonomously, and cites industry guidance from Gartner, OWASP, CISA and NIST. The author proposes six minimum requirements and a cumulative six-stage NHI maturity model to ensure defensible production deployments.
read more β†’

CREST launches AI charter for cybersecurity use

πŸ”’ Over 70 cybersecurity organisations have signed the new CREST AI Charter, launched on July 9, committing to nine principles governing AI-enabled cybersecurity activities. The charter covers accountability and governance, transparency of use, documentation and auditability, boundaries and control, data handling and sovereignty, security and confidentiality, secure development, supply chain assurance and resilience. Signatories will maintain human oversight, document AI use, disclose data practices and implement secure development and supply chain controls. CREST intends the charter as a self-regulatory foundation to drive standards and harmonisation across industry and regulators.
read more β†’

Rise of Malicious AI Agents Threatens Organizations

πŸ€– ESET analysis shows cybercriminals increasingly use AI agents and chatbots to autonomously plan and execute attacks. Researchers reviewed 900,000 AI skills in public repositories and found tens of thousands of suspicious and thousands of malicious toolsets, expanding the attack surface. These agentic tools can exfiltrate data, execute malware, override instructions, and be repurposed from legitimate utilities into harmful capabilities. ESET urges organizations to enforce policies and caution users about downloading free tools from untrusted sources.
read more β†’

Meta’s Muse Image enables reuse of public Instagram media

πŸ–ΌοΈ Meta introduced Muse Image, an image-focused AI from Superintelligence Labs that can use public Instagram posts and reels to generate AI-created images, enabled by default. The feature lets users @-mention public accounts in the Meta AI app to incorporate specific profiles' media into new images and is being integrated into Instagram and WhatsApp in select countries. Users can opt out via Instagram Settings > Sharing and reuse, though previously created content will remain if generated before disabling the setting. For minors with public accounts, only followers may reuse their media if allowed; existing remixes won't notify original owners, and deleted content may be removed if accounts go private for over 24 hours.
read more β†’

Smashing Security Podcast 475: AI Risks and Privacy Gaps

🎧 This episode of Smashing Security discusses a rash of recent cybersecurity incidents, including a 15-year-old who used a chatbot to cancel nearly 47,000 anime subscriptions and the first documented agentic ransomware, JadePuffer. The hosts also examine Apple’s problematic Hide My Email feature, which has been known to leak addresses for over a year. Guest ZoΓ« Rose joins Graham Cluley to assess implications for security and privacy.
read more β†’

Designing for Inevitable System Prompt Leakage

πŸ›‘οΈ System prompts are core to generative AI applications and often include role definitions, tool descriptions, RAG context, and other proprietary instructions. This AWS Security Blog post explains why system prompt leakage is a persistent risk, highlights that it cannot be fully remediated today, and outlines practical mitigations. It recommends design principles such as minimization and avoiding sensitive data in prompts, and details controls available via Amazon Bedrock Guardrails and other mechanisms to reduce exposure and raise extraction difficulty.
read more β†’

Google announces 33 AI-native cybersecurity startups

πŸ›‘οΈ Google for Startups has selected 33 cybersecurity startups for the Gemini Startup Forum: Cybersecurity, pairing each company with experts from Google DeepMind, Google Cloud, and Wiz. The cohort addresses six focus areas including autonomous agent protection, post-quantum cryptography, and data-in-use protection. Startups span agent security, cloud posture, DLP, cryptography, and AI-native SOC tooling. The forum offers APIs, tools, training, and technical resources to accelerate AI-native security innovations.
read more β†’

Cybersecurity and the Growing Skill–Ability Divide

πŸ›‘οΈ The Five Eyes recently warned that AI models increasingly enable autonomous cyberattacks, amplifying risks long present in cyberspace. Bruce Schneier argues that AI widens the gap between skill and ability: tools let less-skilled actors cause damage once limited to experts. He warns guardrails from large vendors won’t stop open-source or locally run models and urges using AI defensively to detect, remediate, and respond faster to evolving threats.
read more β†’

ESET H1 2026: Threats, AI, and Ransomware Trends

πŸ” The first half of 2026 sees attackers adapting established techniques to new platforms and behaviours, with AI increasingly shaping operations. ESET analyzed nearly 900,000 AI skills and found tens of thousands suspicious and thousands malicious, while AI features began appearing inside malware such as the Android PromptSpy. Other trends include expanded click-based social engineering, surging QR-code phishing, and persistent ransomware activity using EDR killers.
read more β†’

Zscaler report shows AI agents vulnerable to IPI traps

πŸ›‘οΈ Zscaler tested 26 LLMs and found several autonomous agents susceptible to indirect prompt injection (IPI) traps, with some high-end models failing while a few lower-tier models fared better. The vendor identified hidden instructions on websites that manipulated agent behavior and caused real-world impacts in controlled tests. Experts warn that agent risk is dynamic, the attack surface is architectural, and binary "safe/vulnerable" labels are overly simplistic for CISOs. The findings highlight that agentic AI introduces new trust boundaries and insider-like threats to enterprise security.
read more β†’

Zscaler finds AI agents vulnerable to prompt injection

πŸ›‘οΈ Zscaler tested 26 LLM-based autonomous agents and found several susceptible to indirect prompt injection (IPI) schemes, with some high-end models failing while a few lower-tier models fared better. The vendor reported four models as "vulnerable" and three as "safe," but experts warn that agent behavior evolves and binary classifications can be misleading. The findings highlight the architectural risks in agentic AI where untrusted content in the context window can be treated as authoritative, expanding the attack surface for enterprises.
read more β†’

Nexus SDV: Secure, Scalable AI Platform for Vehicles

πŸ”’ Google Cloud and Valtech introduce Nexus SDV, an open-source, modular platform that enables AI-native, scalable management of software-defined vehicles. The platform integrates with Android Automotive OS and supports up to 100 million devices while emphasizing TCO reduction via Arm-based compute and Bigtable. Nexus AI leverages Gemini models and the Gemini Enterprise Agent Platform for real-time telemetry analysis and agentic vehicle capabilities. Security is built-in with mTLS/PKI, identity brokering, secret management, network isolation, and an enterprise Secure AI Framework.
read more β†’

Hidden web prompts steer AI agents into scams

πŸ” Zscaler ThreatLabz uncovered real-world campaigns using indirect prompt injection, where hidden instructions embedded in web pages steer AI agents. Attackers used SEO poisoning to surface malicious pages and hid prompts via CSS and JSON-LD metadata. One campaign impersonated a Python library to trick agents into paying a $3 bogus API key; another typosquatted a DeBank site to claim authority. Tests across 26 LLMs showed varying susceptibility depending on model and context.
read more β†’

Monday Recap: Proxy Botnets, Browser Ransomware

⚑ Google and partners disrupted the NetNut residential proxy network (aka Popa), which abused smart home devices and preinstalled SDKs to route malicious traffic through an estimated 2 million devices. Other incidents this week include fake PoC repos delivering the ChocoPoC RAT via a dependency, a 19-year-old alleged Scattered Spider suspect extradited to the U.S., and a Brazilian Ousaban banking trojan targeting Spain and Portugal. Check Point flagged AI-generated browser ransomware leveraging the File System Access API, illustrating AI can autonomously devise working attack techniques.
read more β†’

Risks and Safeguards for AI API Proxy Aggregators

πŸ”’ As organizations adopt AI more broadly, third-party API proxies and aggregators promise convenience, cost savings, and failover between models. Some providers operate transparently, but many exploit forged or stolen accounts, reroute queries to cheaper models, and capture or manipulate prompts and outputs. These practices expose firms to data leakage, IP loss, compliance violations, and security threats such as injected malicious code or reduced model accuracy.
read more β†’