All news with #ai security tag

🔒 Palo Alto Networks reports ongoing testing of frontier AI models, including Anthropic and OpenAI, finding they rapidly surface code vulnerabilities and potential exploit paths. In the May 'Patch Wednesday' advisories the majority of findings originated from these AI scans, prompting broad rescanning and remediation. The company warns of a narrow three-to-five-month window before AI-driven exploits spread and offers Unit 42 services to help organizations respond.

🚦Google outlines a blueprint for safer, more resilient transportation systems powered by AI. Leaders from Utah DOT, CalSTA, and Deloitte describe tools like Roadway Safety Insights (RSI) that integrate dozens of datasets to predict and mitigate risks, shifting agencies from reactive fixes to proactive safety. The article stresses resolving fragmented data and creating trusted single sources of truth to maximize AI value. Readers are invited to a Best of Next Public Sector Webinar and live demos at ITS America in June.

🛡️ Microsoft introduced MDASH (multi-model agentic scanning harness), a model-agnostic AI system in limited private preview designed to discover, validate, and prove exploitable defects in large codebases. The system orchestrates more than 100 specialized agents across frontier and distilled models in a structured pipeline that builds threat models, runs auditor and debater stages, groups equivalent findings, and proves vulnerabilities. Microsoft reports MDASH uncovered 16 issues fixed in this month’s Patch Tuesday, including two critical Windows networking and authentication flaws.

🔍 In a RSA 2025 conversation, Allie Mellen, author of Code War, frames modern cyber conflict through historical doctrine, showing how nations' distinct strategies shape attacks and espionage. She cautions that attribution based solely on technical signals is insufficient because actors can forge signatures and deploy false flags, so motive and context matter. Mellen warns that AI will make attacks faster and more adaptive, and urges defenders to strengthen fundamentals and adopt automation and AI on the defensive side.

🛡️ In a post-Mythos environment, AI-driven attacks can weaponize vulnerabilities within hours or minutes, outpacing traditional defensive cycles. Picus Security argues defenders must pair continuous Breach and Attack Simulation (BAS) with autonomous pentesting to validate controls and reveal genuine attack paths. Operational friction — the "spaghetti handoff" between tools and teams —, not tooling alone, is the main cause of delayed response, so validation must be automated end-to-end.

🔍 Microsoft disclosed MDASH, an AI-driven vulnerability discovery system that found 16 previously unknown Windows flaws, including four critical remote code execution bugs that were patched as part of the May 12 Patch Tuesday release. Built by the Autonomous Code Security and Windows Attack Research teams, the platform orchestrates more than 100 specialized AI agents across multiple models to scan, validate and construct triggering inputs before human review. Microsoft said MDASH is intentionally model-agnostic and will enter private enterprise preview next month.

📈The UK cybersecurity sector generated £14.7bn in revenue last year and contributed £9.1bn in gross value added, the government reported on 13 May. Employment rose to nearly 70,000 and the number of firms climbed to 2,603, with AI-focused cybersecurity vendors growing sharply. The government unveiled the Cyber Resilience Pledge and plans legislation via the Cyber Security and Resilience Bill to tighten standards. Experts warn that advances in AI increase risks and call for stronger, harmonized incident reporting and defences.

🔒 The 2026 CSO Awards recognize 64 security organizations whose projects deliver measurable business value and stronger enterprise resilience. CSO profiles six standout initiatives that illustrate trends such as zero trust, AI-driven automation, gamified awareness, and shift-left cloud security. Examples include Copart’s adaptive phishing and gamification that lifted reporting rates from ~20% to over 55%, HMSA’s Zero Trust Data Governance that removed confidential member information from nonproduction environments, and Hensel Phelps’ automation program saving more than 1,250 work hours annually.

🔒 Google describes five coordinated approaches to reduce scams and fraud, presented at the EMEA Anti-Scams and Fraud Summit hosted by the Google Safety Engineering Center in Zurich. The company highlights AI-powered defenses that block spam, malware and policy-violating ads, plus on-device scam detection in Phone by Google. It also emphasizes user tools, education through Be Scam Ready, cross-platform threat-data sharing via the Global Signal Exchange, and partnerships with law enforcement to disrupt criminal networks.

🔒 Microsoft announced MDASH, a multi-model agentic scanning harness that orchestrates over 100 specialized AI agents to discover, validate, and prove exploitable bugs in Windows. In internal tests it found 21 of 21 seeded driver vulnerabilities with zero false positives and achieved an industry-leading 88.45% score on the CyberGym benchmark. The harness produced 16 CVEs in today’s Patch Tuesday across networking and authentication stacks, including four Critical remote code execution flaws, and is in limited private preview with select customers.

🔒 Microsoft’s May Patch Tuesday updates address at least 118 security flaws across Windows and other products, including 16 rated critical. This release is notable as the first Patch Tuesday in nearly two years without fixes for known exploited zero-days or previously disclosed vulnerabilities. Other major vendors — Apple, Google, Mozilla and Oracle — have accelerated patch cadences after collaborative AI evaluations. Administrators are advised to apply updates promptly and back up data before upgrading.

🔍 AI coding agents now operate across IDEs, terminals, and extension runtimes, so defenders must expand focus beyond source code to repository files, instruction and runtime settings, and third‑party extensions that shape agent behavior. VirusTotal Code Insight and agentic threat intelligence apply semantic analysis to detect malicious intent in syntactically valid artifacts and link findings to broader campaigns and supply‑chain risks. Examples—weaponized tasks.json, malicious Skill.md, redirected settings.json endpoints, and sabotaged extensions—illustrate how semantics can enable exfiltration, privilege escalation, and stealthy attacker control.

🔒 OpenAI has launched Daybreak, an initiative built on its frontier LLMs and the Codex assistant to help developers embed security throughout the software development lifecycle. Announced on May 12, Daybreak extends the Trusted Access for Cyber (TAC) program and includes GPT‑5.5, TAC-enabled GPT‑5.5, GPT‑5.5‑Cyber and a Codex Security research preview. The initiative supports code scanning, vulnerability triage, automated detection and response while pairing defensive capabilities with verification, proportional safeguards and accountability.

🔒 OpenAI has unveiled Daybreak, an enterprise-focused cyber-defense platform that combines its large language models with Codex-style agent capabilities and broad integrations across the security ecosystem. The initiative aims to accelerate vulnerability discovery, generate and test fixes within repositories, and deliver audit-ready evidence back into enterprise workflows. Daybreak will be offered in tiers including GPT-5.5, Trusted Access, and GPT-5.5-Cyber, and is being developed with major vendors and government partners.

🔒 CISOs are shifting from a primarily technical control function to strategic business partners as AI reshapes risk, operations, and product delivery. Leaders such as Barry Hensley, Shaun Khalfan, and Jeff Trudeau stress publishing AI security frameworks, embedding security early in development, and aligning controls to business outcomes. They warn of AI-enabled threats — including advanced phishing, voice/video impersonation, and automated vulnerability discovery — and call for continuous controls, stronger identity and data governance, and near-real-time patching. Growing board engagement and changing reporting lines reflect the elevated role of security in enterprise strategy.

🛡️ OpenAI announced Daybreak, a cybersecurity initiative that combines GPT-5.5 family models with Codex Security to identify, test, and propose fixes for vulnerabilities before attackers exploit them. Daybreak builds editable threat models, runs isolated vulnerability tests, and suggests prioritized remediation and patch validation. Access is tightly controlled and available by request, and major vendors are integrating under Trusted Access for Cyber.

📊 Database Center now offers an AI-native manageability interface powered by Gemini, delivering fleet-wide visibility across Google Cloud managed databases. It introduces Gemini-backed recommendation validation (coming soon) to simulate performance impacts before applying changes like new indexes or machine upgrades. Additional enhancements include inventory, end-to-end lineage, and automated health checks to reduce MTTR and operational overhead.

📌 At Cosmos Conf 2026 Microsoft outlined how AI is transforming application and database design, arguing data platforms must become systems of reasoning that handle prompts, memory, and evolving context. Leaders from OpenAI, Vercel, and Walmart stressed the need for serverless instant scalability, integrated caching, low-latency global distribution, and developer cost visibility. Demos and customer stories highlighted patterns like vector search, change feed, and role-based governance to deliver real-world, low-latency AI experiences.

🛡️ Google disclosed detection of an unknown threat actor using a zero-day exploit likely developed with an AI model, marking the first observed malicious application of AI for vulnerability discovery and exploit generation. GTIG said the exploit was a Python script implementing a 2FA bypass in a widely used open-source web administration tool and contained hallmarks of LLM-generated code. Google worked with the vendor to patch the flaw, disabled malicious assets, and linked the activity to a broader set of AI-enabled abuse campaigns including the Android backdoor PromptSpy.

🔍 Google Threat Intelligence Group (GTIG) reports a rapid shift from nascent AI-enabled operations to industrial-scale use of generative models by threat actors. Based on Mandiant incident response, Gemini telemetry, and GTIG research, the report documents AI-assisted zero-day exploit development, autonomous malware like PROMPTSPY, and advanced obfuscation techniques. It highlights supply chain targeting of AI environments, anonymized premium LLM access, and specific interest from PRC- and DPRK-linked clusters. The report also outlines mitigations and defensive AI uses.