Tag: startup
-
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. First seen on grahamcluley.com Jump to article:…
-
Silverfort Purchases Fabrix to Bring AI to Access Decisions
Fabrix Security Buy Adds Real-Time Decisioning for Human and Machine Identities. Silverfort’s acquisition of Israeli startup Fabrix Security adds AI-driven, real-time access decisioning built on a contextual knowledge graph, aiming to replace static policies and scale identity security for human, machine and agentic identities operating at machine speed. First seen on govinfosecurity.com Jump to article:…
-
Silverfort Purchases Fabrix to Bring AI to Access Decisions
Fabrix Security Buy Adds Real-Time Decisioning for Human and Machine Identities. Silverfort’s acquisition of Israeli startup Fabrix Security adds AI-driven, real-time access decisioning built on a contextual knowledge graph, aiming to replace static policies and scale identity security for human, machine and agentic identities operating at machine speed. First seen on govinfosecurity.com Jump to article:…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
AI Agent Wipes Startup’s Data in 9-Second API Call
Claude-Powered Tool Deletes Production Data, Then Explains Its Failures. A Claude Opus 4.6-powered coding agent erased three months of PocketOS production data in a single API call after misusing an over-permissioned token. The system later, when prompted, admitted to violating safety rules. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-agent-wipes-startups-data-in-9-second-api-call-a-31521
-
Sublime Security Debuts First Partner Program To Boost Agentic Email Security In The Channel
Sublime Security on Tuesday announced its first formal channel program as the startup seeks to accelerate the growth of its agentic email security platform with the help of solution and service provider partners, according to Channel Chief Timm Hoyt. First seen on crn.com Jump to article: www.crn.com/news/security/2026/sublime-security-debuts-first-partner-program-to-boost-agentic-email-security-in-the-channel
-
Cursor-Opus agent snuffs out startup’s production database
Relax, the data’s been recovered. Continue with your vibe coding First seen on theregister.com Jump to article: www.theregister.com/2026/04/27/cursoropus_agent_snuffs_out_pocketos/
-
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
Stratis is a tool for configuring pools and filesystems with enhanced storage functionality within the existing Linux storage management stack. It focuses on a command-line … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/stratis-3-9-0-linux-storage-management-tool-stratis-3-9-0-adds-encryption-cache-features/
-
Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds
A Claude Opus 4.6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of SaaS startup PocketOS in just nine seconds. The incident highlights critical security failures in AI guardrails and infrastructure access controls. The Nine-Second Data Breach Jer Crane, founder of automotive software platform PocketOS, reported that the…
-
AI Security Questionnaires: Why Most Startups Fail (And the Trust Stack That Fixes It)
AI Security Questionnaires: Why Most Startups Fail (And the Trust Stack That Fixes It) It’s Monday. Your enterprise prospect just sent a 312-question security questionnaire. Forty of those questions are about AI, model bias, training data lineage, ISO 42001, NIST AI RMF. Your Series B closes in six weeks. You don’t have answers. You’re…The post…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
Cyera Boosts Data Security For AI Agents With Acquisition Of Ryft
Cyera announced Thursday that it has acquired an AI-focused data lake startup, Ryft, in the latest major expansion of the vendor’s data and AI security platform. First seen on crn.com Jump to article: www.crn.com/news/security/2026/cyera-boosts-data-security-for-ai-agents-with-acquisition-of-ryft
-
Why Cisco Is Eyeing Buy of Non-Human Identity Startup Astrix
Deal Would Help Cisco Expand Footprint Beyond Authentication, ITDR and ISPM Cisco’s cyber M&A dry spell could soon come to an end, with the company reportedly in talks to acquire New York-based non-human identity startup Astrix Security for between $250 million and $350 million. That would represent at least a 25% premium to the startup’s…
-
What is Mythos AI and why could it be a threat to global cybersecurity?
Anthropic’s decision to restrict access to its powerful new model increases fears about the advanced technologyAnthropic has ruled out releasing its latest AI model, Mythos, to the public because of the threat it poses to global cybersecurity.However, the US tech startup behind the Claude chatbot confirmed on Wednesday it was investigating a report that a…
-
Anthropic investigates report of rogue access to hack-enabling Mythos AI
‘Handful’ of people allegedly gain unauthorised access to model adept at detecting cybersecurity vulnerabilities<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/22/uk-inflation-increase-fuel-prices-oil-falls-trump-ceasefire-extended-business-live-news-updates”>Business live latest updates</li></ul>The AI developer Anthropic has confirmed it is investigating a report that unauthorised users have gained access to its Mythos model, which it has warned <a href=”https://www.theguardian.com/technology/2026/apr/08/anthropic-ai-cybersecurity-software”>poses risks to cybersecurity.The US startup made the statement after Bloomberg reported…
-
6 Best MVP Developers For Cybersecurity Startups and Enterprises
Discover the 6 best MVP developers for cybersecurity startups and enterprises to build secure, scalable products and accelerate growth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/6-best-mvp-developers-for-cybersecurity-startups-and-enterprises/
-
Why the Axios attack proves AI is mandatory for supply chain security
Two weeks ago, a suspected North Korean threat actor slipped malicious code into a package within Axios, a widely used JavaScript library. The immediate concern was the blast radius: roughly 100 million weekly downloads spanning enterprises, startups, and government systems. But beyond the sheer scale, the attack’s speed was just as worrisome a stark […]…
-
UK’s Sovereign AI supports supercomputing and drug discovery AI startups
The UK government’s £500m Sovereign AI fund announces first cohort of startups backed to boost economic growth and national security First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641874/UKs-Sovereign-AI-supports-supercomputing-and-drug-discovery-AI-startups
-
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Tags: advisory, api, attack, best-practice, cloud, container, cve, cvss, cyber, data, exploit, firewall, firmware, flaw, framework, github, Internet, malicious, microsoft, mitigation, office, powershell, rce, remote-code-execution, service, software, sql, startup, tool, update, vulnerability, windows, zero-day8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. Microsoft patched 163 CVEs in its April 2026 Patch Tuesday release, with eight rated critical, 154 rated as important and one rated as moderate. This is the second…
-
How Geordie AI Shocked RSAC to Win Innovation Sandbox
The RSAC Innovation Sandbox has long been one of the most watched competitions in cybersecurity, and this year’s winner caught much of the industry off guard. Alan Shimel sits down with Henry Comfort, CEO of Geordie AI, to talk about how a startup that was buying laptops just a year ago ended up taking the..…
-
Crush Security Exits Stealth Seeking To Become AI-Powered Trusted Advisor Of The Future
Crush Security, a solution provider startup founded by former channel leaders, is aiming to transform the way cybersecurity tools are evaluated and purchased by bringing AI-driven analysis into the process in a bigger way than ever before, Crush Security CEO Joshua Jones told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/crush-security-exits-stealth-seeking-to-become-ai-powered-trusted-advisor-of-the-future
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
CyberASAP Secures £10m Boost as UK’s Next Wave of Cyber Innovators Take Centre Stage
After a successful Year 9 Demo Day, Cyber Security Academic Startup Accelerator Programme (CyberASAP) is gaining momentum towards its 10th anniversary kick off, which is due to start later this month. This comes as the Department for Science, Innovation and Technology (DSIT) has committed a further £10m over the next four years in additional funding to CyberASAP.…