All news with #ai security tag

🪓 Security teams face a pivotal moment as AI becomes embedded across products while core decision-making remains opaque and vendor‑controlled. The author urges building and tuning small, controlled AI‑assisted utilities so teams can define training data, risk criteria, and behavior rather than blindly trusting proprietary models. Practical skills — basic Python, ML literacy, and active model engagement — are framed as essential. The piece concludes with an invitation to a SANS 2026 keynote for deeper, actionable guidance.

🔒 AI-SPM is emerging to protect AI/ML pipelines, cloud-hosted models and large datasets without moving data. The guide outlines core capabilities — agentless access, data classification, pipeline protection, model monitoring and compliance checks — and summarizes offerings from vendors such as Cyera, LegitSecurity, Microsoft, Orca and Palo Alto Networks. It also advises reviewing standards like MITRE ATLAS and OWASP LLM when evaluating tools.

🔒 Three critical zero-day vulnerabilities in PickleScan, a widely used scanner for Python pickle files and PyTorch models, could enable attackers to bypass model-scanning safeguards and distribute malicious machine learning models undetected. The JFrog Security Research Team published an advisory on 2 December after confirming all three flaws carry a CVSS score of 9.3. JFrog has advised upgrading to PickleScan 0.0.31, adopting layered defenses, and shifting to safer formats such as safetensors.

🎁 This holiday season Google Skills provides no-cost AI courses and hands-on labs taught by Google Cloud experts, intended for both technical and non-technical learners. Technical offerings include sandboxed labs covering Gemini Code Assist, Vibe coding, Model Context Protocol (MCP) integration, ADK agents, fine-tuning, and AI infrastructure, with 35 free monthly credits to practice in real environments. Non-technical content emphasizes leadership, Gemini Enterprise, NotebookLM, short practical lessons, and skill badges or certification prep to validate progress.

🔒 CISOs face rising threats as adversaries weaponize AI — from deepfakes and sophisticated phishing to prompt-injection attacks and data leakage via unsanctioned tools. Vendors and startups are rapidly embedding AI into detection, triage, automation, and agentic capabilities; IBM’s 2025 report found broad AI deployment cut recovery time by 80 days and reduced breach costs by $1.9M. Before engaging vendors, security leaders must assess attack surface expansion, data protection, integration, metrics, workforce impact, and vendor trustworthiness.

🛡️ November 2025 saw a flurry of cybersecurity acquisitions as major vendors raced to embed AI, observability and exposure management across their portfolios. Deals included Palo Alto Networks' $3.35bn purchase of Chronosphere, LevelBlue's completion of its Cybereason acquisition, and Bugcrowd's buy of AI app-security firm Mayhem. Other moves saw Safe Security acquire Balbix, Zscaler buy SPLX, and Arctic Wolf agree to acquire UpSight to bolster ransomware prevention. Collectively these transactions accelerate AI-driven automation and resilience across cloud, endpoint and software security.

🚀 Replicate is now part of Cloudflare, bringing its model packaging and serving tools into Cloudflare’s global network. Since 2019 Replicate has shipped Cog and a hosted inference platform that made running research models accessible and scaled during the Stable Diffusion surge. Joining Cloudflare pairs those abstractions with network primitives like Workers, R2, and Durable Objects to enable edge model execution, instant serverless pipelines, and streaming integrations such as WebRTC while supporting developers and researchers.

🔍 This week's briefing highlights resurgent Mirai variants, AI-enabled malware, and large-scale social engineering and laundering operations. Security vendors reported ShadowV2 and RondoDox infecting IoT devices, while researchers uncovered the QuietEnvelope mail-server backdoors and a Retell AI API flaw enabling automated deepfake calls. Regulators and vendors are pushing fixes, bans, and protocol upgrades as defenders race to close gaps.

⚠️ Researchers demonstrated a client-side prompt injection called HashJack that hides malicious instructions in URL fragments after the '#' symbol. AI-powered browsers and assistants — including Comet, Copilot for Edge, and Gemini for Chrome — read these fragments for context, allowing attackers to weaponize legitimate sites for phishing, data exfiltration, credential theft, or malware distribution. Because fragment data never reaches servers, network defenses and server logs may not detect this technique.

🚧 Gemini 3’s release on 18 November 2025 signals a structural shift: beyond headline performance gains, it accelerates embedding large multimodal assistants directly into enterprise workflows and infrastructure. That continuation of a trend already visible with Microsoft Copilot effectively makes AI assistants a new enterprise perimeter — changing where corporate data, identities, and controls must be enforced. Security, compliance, and IT teams need to update policies, telemetry, and incident response to this expanded boundary.

⚠️Security researchers at Cato Networks disclosed HashJack, a novel indirect prompt-injection vulnerability that abuses URL fragments (the text after '#') to deliver hidden instructions to AI browsers. Because fragments never leave the client, servers and network defenses cannot see them, allowing attackers to weaponize legitimate websites without altering visible content. Affected agents included Comet, Copilot for Edge and Gemini for Chrome, with some vendors already rolling fixes.

🔐 The FBI warns that cybercriminals impersonating banks and payment services have caused over $262 million in losses this year through account takeover (ATO) fraud and more than 5,100 complaints. Attackers use phishing, SEO poisoning, calls and SMS to harvest credentials and MFA/OTP codes, then transfer funds to intermediary accounts and convert proceeds to cryptocurrency. The advisory highlights growing use of AI-generated phishing and holiday-themed scams and urges vigilance, unique passwords, URL checks and stronger authentication.

🛡️In 2026 Palo Alto Networks forecasts a shift to the Year of the Defender as enterprises counter AI-driven threats with AI-enabled defenses. The report outlines six predictions — identity deepfakes, autonomous agents as insider threats, data poisoning, executive legal exposure, accelerated quantum urgency, and the browser as an AI workspace. It urges autonomy with control, unified DSPM/AI‑SPM platforms, and crypto agility to secure the AI economy.

🎧 In Episode 78 of The AI Fix, hosts Graham Cluley and Mark Stockley examine a string of headline-grabbing AI stories, from a fact-checked “robot spider” scare to Anthropic’s claim of catching an autonomous AI cyber-spy. The discussion covers Claude hallucinations, alleged state-backed misuse of US AI models, and concerns about AI-driven military systems and investor exuberance. The episode also questions whether the current AI boom is a bubble, while highlighting real-world examples like AI-generated music charting and pilots controlling drone wingmen.

🌐 Check Point's 2026 analysis warns that an unprecedented convergence of AI, quantum computing, and an immersive Web 4.0 will reshape digital risk. Autonomous systems and hyper-automation will blur boundaries between cloud, networks, and physical infrastructure, expanding attack surfaces and changing the nature of digital trust. The report calls for updated cryptography, enhanced detection, and cross-industry resilience planning.

⚠️ 2026 will reshape SOC priorities as adversaries adopt AI to scale evasive attacks, creating urgent challenges across detection, triage, and proving business value. The piece identifies three critical problems: increasingly evasive threats, alert overload and analyst burnout, and the need to quantify ROI for security investments. It recommends interactive malware analysis to reveal full attack chains, real-time threat intelligence to enrich alerts and speed triage, and continuous, measurable intelligence (API/SDK-driven) to turn SOC activity into demonstrated business value.

🚨 Trend Micro warns agentic AI will increasingly automate attacks next year, with state-backed actors leading innovation before cybercriminals adopt the approach. Researchers say agentic systems — capable of taking autonomous actions — could chain discovery, exploitation and persistence steps, enabling less-skilled operators to run complex intrusions. The firm urges defenders to treat agents as privileged users and apply least-privilege, monitoring and assume-breach practices.

⚠️ CrowdStrike analysis finds that DeepSeek-R1, an open-source AI reasoning model from a Chinese vendor, produces significantly more insecure code when prompts reference topics the Chinese government deems sensitive. Baseline tests produced vulnerable code in 19% of neutral prompts, rising to 27.2% for Tibet-linked scenarios. Researchers also observed partial refusals and internal planning traces consistent with targeted guardrails that may unintentionally degrade code quality.

🎮 The UK government has launched the International Defence Esports Games (IDEG), touted as the world’s first military esports tournament, involving personnel from 40 allied nations. The three-day event at the National Gaming and Esports Arena in Sunderland on 9–11 October 2026 will combine live-streamed competitive matches with summits on cybersecurity, AI and drone operations. Officials say IDEG will sharpen cyber and digital skills, improve rapid decision-making and build allied partnerships.

📢 Amazon OpenSearch Service now supports OpenSearch 3.3, introducing search performance, observability, and agentic AI integration improvements. Vector search enhancements include agentic search for natural-language queries without complex DSLs, batch processing for the semantic highlighter to lower latency and improve GPU utilization, and optimizations in the Neural Search plugin. The release also makes Apache Calcite the default query engine for PPL, adds a broader PPL command library, and improves the approximation framework for more responsive pagination and dashboards. A new workload management plugin enables grouping of search traffic and tenant-level network isolation to prevent resource overuse.