The increasing use of AI brings new cybersecurity challenges, including prompt injection, AI-generated exploits, and supply chain attacks. Efforts are intensifying to develop robust security measures and ethical guidelines for AI systems.
Anthropic has revised its disclosure policy for Mythos, its cybersecurity AI model used in Project Glasswing. Program partners can now share vulnerability findings with a broad audience, including security teams, regulators, and the press, enhancing ...
Finnish cybersecurity startup CRACI has raised €1.4 million in pre-seed funding to develop its software supply chain security platform. The goal is to help companies comply with the European Union's Cyber Resilience Act (CRA), a regulation coming int...
AgentWall introduces a runtime safety and observability layer for autonomous AI agents operating in local environments. It addresses the risk of unsafe or manipulated actions by intercepting operations before they reach the host environment. The syst...
Anthropic, a leading developer of Large Language Models (LLMs), is set to brief G20 financial regulators on cybersecurity risks, specifically those linked to the concept of "Mythos." This initiative highlights the growing focus on data protection and...
CyCraft is expanding its market strategy in Japan, forging partnerships with NTT and Future. The goal is to strengthen its offering of AI-managed security services. This move underscores the growing importance of AI solutions for protecting critical ...
Anthropic has urged the US government to intervene on two critical fronts for AI security and development. The company called for closing loopholes in chip export regulations to prevent uncontrolled proliferation of advanced technologies. Concurrentl...
Linus Torvalds has voiced concerns over Linux security vulnerability management, describing the dedicated mailing list as 'almost entirely unmanageable' due to a flood of duplicate reports. This situation has prompted a shift to a new public system, ...
Bug bounty programs, crucial for software security, are facing a new challenge: a massive influx of AI-generated vulnerability reports. These submissions, often low-quality or false, are straining companies, forcing some to temporarily suspend their ...
New research reveals that AI voice systems, including Large Audio-Language Models (LALMs), are susceptible to “AudioHijack” attacks. These attacks exploit imperceptible sounds embedded in audio to force models to execute unauthorized commands, achiev...
Anthropic is set to brief the Financial Stability Board (FSB) on cybersecurity vulnerabilities identified by its Mythos model. The invitation, extended by Bank of England Governor Andrew Bailey, highlights the growing concern among global financial i...
Palo Alto Networks has announced the integration of CyberArk, Koi, and Portkey, alongside the launch of Idira, a new solution designed to enhance AI-powered security and identity management. This strategic move aims to provide enterprises with more r...
A user exploited a prompt injection technique to manipulate LinkedIn recruitment bots, making them respond in archaic prose and address him as "My Lord." The incident highlights LLM vulnerabilities and security challenges for companies implementing A...
Security researchers have identified the first memory exploit for the Apple M5 chip, gaining root access on macOS. The discovery, which bypasses Memory Integrity Enforcement measures, was facilitated by Anthropic AI's Claude Mythos, highlighting the ...
Cyera researchers have discovered four vulnerabilities in OpenClaw, dubbed 'Claw Chain'. These flaws, when chained together, allow attackers to steal sensitive data, escalate privileges, and gain persistent control over a compromised host. The defect...
Linux kernel 7.1 integrates new documentation defining what constitutes a security bug and establishing principles for the responsible use of artificial intelligence in vulnerability discovery. This initiative underscores the importance of security a...
The decentralized finance (DeFi) sector experienced losses of approximately $600 million in April due to two distinct attacks. These incidents, attributed to North Korean hackers and involving artificial intelligence, targeted Drift Protocol and Kelp...
The latest safety updates for ChatGPT aim to enhance contextual awareness in sensitive conversations. The goal is to strengthen the model's ability to identify risks and generate safer responses over time. This development highlights the increasing i...
OpenAI has detailed its response to the 'Mini Shai-Hulud' supply chain attack that affected TanStack. The company outlined the measures taken to protect its systems and signing certificates, emphasizing the importance for macOS users to update OpenAI...
New research explores how Reinforcement Learning systems can optimize not only actions but also intervention timing, enhancing communication efficiency. Through a Run-Time Assurance (RTA) layer and a Lyapunov-based safety shield, the methodology ensu...
The ransomware attack suffered by Foxconn at its Wisconsin facility has highlighted significant cybersecurity vulnerabilities affecting Taiwanese manufacturers. This incident underscores the importance of robust defense strategies, especially in indu...
OpenAI has developed a secure sandbox environment to integrate Codex on Windows, aiming to enable efficient and protected coding agents. This solution implements rigorous control over file access and network restrictions, crucial elements for maintai...
Anthropic is set to deploy its specialized AI model, Claude Mythos, to three major Japanese banks: MUFG, Mizuho, and SMFG. The model, designed for vulnerability hunting, will be accessible within approximately two weeks as part of the restricted Proj...
Google has identified what it believes to be the first zero-day exploit developed with artificial intelligence by a criminal actor. Google's Threat Intelligence Group discovered the vulnerability before its deployment, collaborating with the affected...
OpenAI has unveiled Daybreak, a new cybersecurity initiative. The platform aims to identify software vulnerabilities, generate patches, and validate fixes within enterprise codebases. Daybreak integrates GPT-5.5 variants and Codex Security, collabora...
A recent HiddenLayer investigation uncovered a malicious repository on Hugging Face, disguised as an official OpenAI release, that distributed an infostealer to Windows machines. With approximately 244,000 downloads before removal, the incident highl...
A recent supply chain attack campaign, dubbed 'mini Shai Hulud', has impacted the npm and AI developer ecosystems. Compromised Mistral AI and TanStack packages may have exposed sensitive credentials for GitHub, cloud environments, and CI/CD systems. ...
Google has identified an AI-developed zero-day vulnerability capable of bypassing two-factor authentication. This discovery, alongside the emergence of self-morphing malware and Gemini-powered backdoors, signals the beginning of a new era in cybercri...
