Tag: ai
-
New US House privacy bills raise hard questions about enterprise data collection
Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chainWhere privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
-
Why AI Agents Need Least Privilege Too, and How to Enforce It Automatically
AI agents are cloud identities. They don’t get a badge or a login. They get a service account, an IAM role, or an API key, just like any other non-human identity running in your environment. Mechanically, there’s nothing new. What’s new is how many of them are being deployed, how fast, and with how much……
-
How CrowdStrike Is Helping The Industry To Withstand AI-Driven Vulnerability Deluge: Exec
CrowdStrike’s launch of a new initiative, Project QuiltWorks, is a sorely needed answer to the widespread questions over how to prepare for the coming onslaught of AI-discovered software vulnerabilities, Chief Business Officer Daniel Bernard told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/how-crowdstrike-is-helping-the-industry-to-withstand-ai-driven-vulnerability-deluge-exec
-
Pentagon grapples with securing AI as it moves toward autonomous warfare
Autonomous weapons are becoming an “essential” part of modern war, Chairman of the Joint Chiefs of Staff Gen. Dan Caine told an audience at Vanderbilt University’s Asness Summit on Modern Conflict and Emerging Threats. First seen on therecord.media Jump to article: therecord.media/pentagon-grapples-with-securing-ai-as-it-moves-towards-autonomous-warfare
-
White House Warns of AI Model ‘Extraction’ Campaigns
Agencies Urged to Track and Disrupt Coordinated AI Extraction Campaigns. The White House is escalating coordination with AI firms after identifying large-scale foreign campaigns using proxy accounts and jailbreaking techniques to extract capabilities from U.S. models, raising national security concerns and prompting new detection, logging and accountability measures. First seen on govinfosecurity.com Jump to article:…
-
White House Says China-Linked Actors Tried to ‘Steal American AI’
The White House says China-linked actors are using industrial-scale distillation to extract American AI breakthroughs, with US action planned. The post White House Says China-Linked Actors Tried to ‘Steal American AI’ appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-white-house-china-ai-theft-apac/
-
White House Says China-Linked Actors Tried to ‘Steal American AI’
The White House says China-linked actors are using industrial-scale distillation to extract American AI breakthroughs, with US action planned. The post White House Says China-Linked Actors Tried to ‘Steal American AI’ appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-white-house-china-ai-theft-apac/
-
prompted 2026 Building Secure Agentic Systems: Lessons From Daily-Driver Agents
Tags: aiAuthor, Creator & Presenter: Brooks McMillin, AI Security Researcher & Security Engineer, Dropbox Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-building-secure-agentic-systems-lessons-from-daily-driver-agents/
-
AI-Driven Attacks on Banking Databases: Governance at Scale
Mythos-class AI systems pose a new database security risk for financial institutions. Learn how Liquibase Secure protects against autonomous attacks and state corruption. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ai-driven-attacks-on-banking-databases-governance-at-scale/
-
AI-Driven Attacks on Banking Databases: Governance at Scale
Mythos-class AI systems pose a new database security risk for financial institutions. Learn how Liquibase Secure protects against autonomous attacks and state corruption. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ai-driven-attacks-on-banking-databases-governance-at-scale/
-
Data Breaches, AI Expansion, and Cloud Security Define This Week’s Cyber Landscape in April 2026
Weekly summary of Cybersecurity Insider newsletters in April 2026 First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/data-breaches-ai-expansion-and-cloud-security-define-this-weeks-cyber-landscape-in-april-2026/
-
NCSC chief warns of ‘perfect storm’ as cyber threats intensify at CyberUK
At this week’s CyberUK conference in Glasgow, National Cyber Security Centre (NCSC) CEO Richard Horne delivered a stark assessment of the evolving cyber threat landscape, warning that organisations are facing a “perfect storm” driven by rapid advances in artificial intelligence and rising geopolitical tensions. In his keynote, Horne highlighted how emerging technologies are fundamentally reshaping…
-
Glasswing Secured the Code. The Rest of Your Stack Is Still on You
Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don’t need sophisticated AI models to take advantage. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/glasswing-secured-code-stack-on-you
-
Google Cloud Next 2026 – So will Google Cloud seine Kunden zu AI-Unternehmen machen
First seen on security-insider.de Jump to article: www.security-insider.de/google-cloud-next-2026-gemini-enterprise-agent-platform-a-8d1c310605a747ba59c68d13c3dee888/
-
TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware
GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools. First seen on hackread.com Jump to article: hackread.com/teampcp-bitwarden-cli-dependabot-shai-hulud-malware/
-
AI Phishing Is No. 1 With a Bullet for Cyberattackers
In the last six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to 1-to-1 personalized attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/ai-phishing-no-1-cyberattackers
-
Intel bets the farm on AI inference to drag CPU back to the top table
Tags: aiChipzilla hopes agents, robots, and edge devices make CPUs cool again… now it has to build the chips First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/intel_expects_ai_inference_to/
-
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with >>traps<< designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/indirect-prompt-injection-in-the-wild/
-
Wenn KI eigene Wege geht: Warum Unternehmen ihre Governance neu denken müssen
Die gute Nachricht: Wer die Kontrolle über nicht-menschliche Identitäten heute verbessert, schafft gleichzeitig die Grundlage für den sicheren Einsatz von KI-Agenten First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wenn-ki-eigene-wege-geht-warum-unternehmen-ihre-governance-neu-denken-muessen/a44769/
-
KI-Vishing auf Knopfdruck: Die kriminelle Plattform ATHR revolutioniert Telefonbetrug
Die Plattform ATHR kombiniert KI mit klassischen Phishing-Methoden, um Angriffe fast vollständig zu automatisieren. Für eine Einstiegsgebühr von 4.000 US-Dollar erhalten Kriminelle Zugang zu einer Infrastruktur, die selbst erfahrene Sicherheitsfilter umgeht und globale Marken wie Google und Microsoft ins Visier nimmt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ki-vishing-athr-telefonbetrug
-
Claude-Mythos und die Konsequenzen für die Softwaresicherheit
Thales warnt schon seit langem vor diesem Wandel: KI senkt die Hürden für das Aufspüren und Ausnutzen von Software-Schwachstellen drastisch und beschleunigt diesen Prozess in einem Ausmaß, mit dem Menschen einfach nicht mithalten können. Die Konsequenz ist klar: Unternehmen müssen nun davon ausgehen, dass ihre Software und Anwendungen kontinuierlich von feindlicher KI analysiert, zerlegt und…
-
Check Point integriert seine AIPlatform in Google-Cloud
Check PointSoftware Technologies integriert seine AI-Defense-Plane in die Gemini-Enterprise-Agent-Platform von Google-Cloud. Die Integration verbindet zentralisierte Agentensteuerung mit kontextbezogener Intelligenz und Echtzeit-Verhaltensschutz, um Unternehmen, die KI-Agenten in großem Maßstab einsetzen, umfassende Sicherheit zu bieten. KI in Unternehmen entwickelt sich von Chat-Assistenten hin zu autonomen Agenten, die Tools aufrufen, Daten abfragen und Workflows ausführen. Aus diesem Grund reichen…
-
Community-Tool zur Erkennung von Credential-Theft mit Defense-First-AI
Arctic Wolf gibt die Einführung von Decipio bekannt. Dabei handelt es sich um ein defensives Cybersecurity-Tool, das Security-Teams dabei unterstützt, Angreifer genau in dem Moment zu erkennen, in dem sie Zugangsdaten innerhalb eines Netzwerks stehlen wollen. Der Diebstahl von Zugangsdaten zählt weiterhin zu den häufigsten Arten von Cyberangriffen, gleichzeitig stellt sich deren frühzeitige Erkennung als besonders schwer dar. Der jährliche Threat-Report von Arctic Wolf zeigt wiederholt,…
-
Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-admins-uninstall-copilot-on-enterprise-devices/
-
Hackers Exploit Agent ID Administrator Role to Hijack Service Principals
A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID Administrator role to hijack arbitrary service principals across an organization’s tenant, leading to potential privilege escalation. Although the administrative role was designed strictly to manage AI agent identities, a boundary breakdown…
-
GPT-5.5 Bio Bug Bounty Program Aims to Improve AI Safety and Performance
OpenAI has officially launched the GPT-5.5 Bio Bug Bounty program to strengthen safeguards against emerging biological risks. As artificial intelligence models become more advanced, the potential for malicious actors to generate dangerous biological information increases. Advanced persistent threats (APTs) and lone attackers could potentially misuse large language models to accelerate harmful biological research. To address…
-
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
Tags: aiThe AI Agent Authority Gap – From Ungoverned to DelegationAs discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly.The issue is not simply that agents are new actors. It is that agents are delegated actors. They do not emerge with independent…
-
AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns
AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-old-cybersecurity-mistakes/
-
Fast 12 Jahre unentdeckt: Telekom deckt gefährliche Root-Lücke in Linux auf
Sicherheitsforscher der Telekom haben Claude auf Linux-Systeme losgelassen. Die KI hat eine seit 2014 bestehende Root-Lücke in Packagekit gefunden. First seen on golem.de Jump to article: www.golem.de/news/fast-12-jahre-unentdeckt-telekom-deckt-gefaehrliche-root-luecke-in-linux-auf-2604-207963.html
-
Fast 12 Jahre unentdeckt: Telekom deckt gefährliche Root-Lücke in Linux auf
Sicherheitsforscher der Telekom haben Claude auf Linux-Systeme losgelassen. Die KI hat eine seit 2014 bestehende Root-Lücke in Packagekit gefunden. First seen on golem.de Jump to article: www.golem.de/news/fast-12-jahre-unentdeckt-telekom-deckt-gefaehrliche-root-luecke-in-linux-auf-2604-207963.html