< ciso
brief />
Tag Banner

All news with #ai security tag

757 articles · page 10 of 38

Oracle moves to monthly security patches to counter AI

🔔 Oracle will issue monthly Critical Security Patch Updates (CSPUs) for its ERP, database and other software, shifting from a quarterly cadence to address faster AI-driven vulnerability discovery. The first monthly CSPU will arrive May 28, then releases will follow on the third Tuesday of each month (June 16, July 21, August 18). Oracle will still publish a cumulative quarterly Critical Patch Update and will auto-apply fixes for customers in Oracle-managed cloud environments. The change primarily affects customers running Oracle software on premises or in third-party hosting.
read more →

Scan Finds Widespread Exposed AI Services and Risks

🔍 Intruder scanned over 1 million exposed AI services and found pervasive, critical misconfigurations and insecure defaults. Many deployments were reachable with no authentication, exposing chat histories, API keys, and management consoles. Exposed agent platforms (including n8n and Flowise) and thousands of Ollama APIs responded without auth, some wrapping paid frontier models. The findings highlight insecure-by-design defaults, hardcoded credentials, and real risks of code execution, data exfiltration, and abuse.
read more →

CISOs Rethink Hiring as AI Widens Skills Shortage Now

🔒 A persistent cybersecurity skills shortage is forcing CISOs to change hiring, training, and architecture decisions as AI amplifies attack scale and complexity. ISC2’s 2025 workforce study found 95% of organizations report at least one skills gap and nearly 60% call those gaps critical or significant. Leaders are turning to internal upskilling, automation, and role transitions, while balancing trade-offs between best-of-breed tooling, integrated platforms, and multicloud complexity.
read more →

2026 Year of AI-Assisted Attacks and Lowered Barriers

🔐In 2025–2026, LLM-backed chat and agent systems evolved from helpful coding assistants into end-to-end development tools that materially lowered the barrier to sophisticated cyberattacks. High-profile incidents — including a 17-year-old who exfiltrated 7 million Kaikatsu Club records and adolescent and single-actor campaigns against Rakuten Mobile and multiple governments — show nontechnical actors achieving team-scale outcomes. Measured indicators worsened sharply: malicious packages surged to 454,600 and time-to-exploit collapsed to weeks. The article recommends targeting whole classes of vulnerabilities—exemplified by Chainguard Libraries—to render many supply-chain and package-distribution attacks structurally impossible.
read more →

Droid Motivation and Security in Star Wars Media Analysis

🤖 This analysis examines how two 2025 TV series — Skeleton Crew and Andor — portray droid motivation and the cybersecurity risks those portrayals imply. In Skeleton Crew, voice commands and memory-overrides resemble modern LLM “jailbreaks,” exposing weak account controls, misplaced permissions, and the danger of context-driven intent failures. The pirate droid SM-33 also reveals flawed memory indexing and role-based ownership rules that can be exploited. In contrast, Andor depicts a hardware-centric approach: replacing a droid’s cortex and rewiring impulse suppression to change allegiance. The post argues that LLM-like control models create real-world security threats and advocates for hardware-rooted, tamper-resistant solutions such as KasperskyOS to prevent unauthorized reprogramming and malicious memory manipulation.
read more →

OpenAI Broadens TAC Program to Government Cyber Defenders

🔐 OpenAI has published a roadmap titled 'Cybersecurity in the Intelligence Age' pledging to democratize AI-powered cyber defense and to extend its Trusted Access for Cyber (TAC) program. The April 30 paper, released shortly after the debut of GPT5.4-Cyber, outlines new TAC tiers for authenticated cyber defenders and wider inclusion of governments, major platforms, cloud hyperscalers and critical infrastructure operators. OpenAI also commits to strengthen internal red-teaming, misuse detection and safety mechanisms while collaborating with governments on threat models and intelligence sharing.
read more →

Improving Security Posture for AI-era Cloud Workloads

🔒 AWS outlines the Security Health Improvement Program (SHIP) as a no-cost, data-driven engagement to assess and prioritize fixes across 10 core cloud security use cases. The program uses actual environment data and AWS guidance to establish baselines needed for safe AI adoption and faster response to AI-accelerated vulnerability discovery. Customers can start via their account team or hands-on Activation Days.
read more →

Anthropic unveils Claude Security: AI code scanning

🔒 Anthropic has launched Claude Security in public beta for Claude Enterprise customers, evolving its previous Claude Code Security offering and running on Claude Opus 4.7. The tool scans codebases to identify vulnerabilities and generates targeted patch instructions, reasoning about data flows and inter-file interactions rather than relying on simple pattern matches. It supports scheduled and targeted scans, audit-friendly exports and integrations, attaches confidence ratings to findings, and requires no API integration or custom agent build. Access is available from the Claude.ai sidebar, with Team and Max tiers coming soon.
read more →

Transforming Software Development with AI Tools at Scale

🤖 Artificial intelligence is rapidly reshaping software development across planning, design, coding, testing, deployment, and maintenance. Download the May 2026 Enterprise Spotlight to learn how organizations can harness AI-enabled development to boost productivity and software quality.
read more →

Regulator Warns: Frontier AI Models Heighten Bank Cyber Risk

⚠ APRA warns that frontier AI models such as Claude Mythos pose a rapidly evolving cyber risk to the banking sector by enabling faster, more automated discovery of vulnerabilities. The regulator found governance often treats AI as “just another technology,” missing distinctive features like predictive behavior, adaptability, bias and data risks, and urged firms to accelerate vulnerability identification and remediation. APRA called for robust security testing of AI‑generated code and deeper assessment of major AI platforms to avoid attackers outpacing current patch cycles.
read more →

Bluekit phishing kit adds AI assistant and 40+ templates

🔵 Bluekit is a newly observed phishing kit that bundles more than 40 templates targeting services such as Outlook, Gmail, Yahoo, ProtonMail, iCloud, GitHub and Ledger. It includes an AI Assistant panel supporting models like Llama, GPT‑4.1, Claude, Gemini and DeepSeek to help draft campaign copy. Varonis found the assistant produces scaffold-like outputs that require cleanup. The platform centralizes domain purchase, phishing page setup, campaign management, granular anti-analysis controls and real-time victim session monitoring, with stolen data exfiltrated via Telegram.
read more →

Enhancing AI-Driven Defense with Claude Opus 4.7 Integration

🔒 Palo Alto Networks’ Unit 42 Frontier AI Defense now integrates Anthropic’s Claude Security powered by Opus 4.7 to accelerate detection and remediation of AI-driven threats. The integration enables AI-driven exposure analysis, scalable deep-stack application reviews, and agentic defense workflows that autonomously detect and remediate issues under human oversight. Participation in Anthropic’s Cyber Verification Program further validates approved defensive use.
read more →

Google and Cursor Fix Critical RCE Flaws in Dev Tools

🔒 Google patched a maximum-severity remote code execution vulnerability in @google/gemini-cli and the google-github-actions/run-gemini-cli workflow that could allow attackers to run arbitrary commands on host systems. Novee Security reported the flaw, which carries a CVSS score of 10.0, and Google says the impact is limited to headless CI usage where workspace folders were auto-trusted. Affected versions include @google/gemini-cli prior to 0.39.1 (and preview releases) and run-gemini-cli prior to 0.1.22; users should update to the patched releases, explicitly set GEMINI_TRUST_WORKSPACE when inputs are trusted, or follow Google’s hardening guidance for untrusted inputs. Google also tightened allowlisting checks for --yolo mode to prevent auto-approved tool calls from bypassing restrictions.
read more →

AI-Powered Honeypots: Turning the Tables on Malicious Agents

🛡️ Generative AI enables defenders to deploy large numbers of convincing, adaptive honeypots — from Linux shells to IoT devices — using simple text prompts. These AI-driven decoys are particularly effective against automated attackers that favor speed over stealth, allowing analysts to observe tactics and tooling in real time within a controlled environment. By exploiting the lack of awareness in AI agents, organizations can shift from passive detection to active manipulation, turning attacker automation into a defensive liability. Prototype implementations show how a listener, simulated vulnerability, and an AI responder combine to emulate targeted systems at scale.
read more →

Anthropic Mythos: What It Means for Cybersecurity Today

🔐 Anthropic announced Claude Mythos Preview can autonomously discover and weaponize software vulnerabilities, prompting the company to restrict access to a small set of partners. The claim unsettled security researchers and analysts, in part because details remain sparse and speculation ranges from capacity limits to safety-driven restraint. The authors view Mythos as a real but incremental advancement that highlights the need to separate patchable from unpatchable systems and the verifiable from the hard-to-verify. They recommend tighter isolation, least-privilege design, continuous testing, and the use of defensive AI agents to reduce risk.
read more →

After Mythos: New Playbooks for Zero-Window Defense

🔒 As AI tools such as Claude Mythos and Project Glasswing compress vulnerability discovery from weeks to minutes, the traditional patch window is effectively gone. The piece urges organizations to adopt an assume-breach posture that prioritizes rapid detection, automated attack reconstruction, and immediate containment. Network Detection and Response (NDR) platforms — highlighted via Corelight — are presented as practical instruments to visualize, measure, and reduce mean-time-to-contain.
read more →

AI Reshapes DevSecOps to Embed Security in Code Practices

🔒 AI is transforming DevSecOps by moving security earlier into the development lifecycle and shifting teams from reactive validation to continuous, intelligent enforcement. Organizations are embedding security controls into AI coding assistants, using LLMs for contextual vulnerability scanning, and surfacing automated remediation directly in IDEs and pull requests. Experts caution this brings new risks—model access, prompt injection, data leakage and provenance—that demand enterprise governance, cross-functional alignment, and updated skill sets.
read more →

CISA Left Out of Anthropic Mythos Access, Others Get In

🔒 The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos, while other government bodies do. Anthropic has restricted preview access through Project Glasswing to a select set of agencies, industry groups, and software providers over concerns the model could be misused to find and exploit vulnerabilities. Bloomberg reports members of a private Discord channel obtained unauthorized access and have been using Mythos for non-cybersecurity purposes, supplying screenshots to support their claim.
read more →

AI Rush Revives Old Cybersecurity Failures, Mandiant Warns

🔒 Mandiant VP Jurgen Kutscher warns the rush to deploy AI in enterprises is reviving old cybersecurity failures as organizations neglect basic controls. During red-team engagements, Mandiant uncovered unencrypted streams, misclassified data and AI-enabled policy changes that allowed exfiltration. He urges firms to implement AI governance, revisit secure architectures and run red-team validation before uncontrolled adoption.
read more →

LMDeploy SSRF Vulnerability (CVE-2026-33626) Exploited Rapid

🔒 A high-severity SSRF vulnerability in LMDeploy (CVE-2026-33626, CVSS 7.5) was exploited in the wild within 13 hours of disclosure. The flaw in the vision-language module's load_image() function allows fetching arbitrary URLs without validating internal addresses, enabling access to cloud metadata and internal services. Security researchers and Sysdig observed targeted port scanning, API enumeration, and out-of-band DNS callbacks, highlighting rapid weaponization of AI-infrastructure bugs.
read more →