We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption…
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate…
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know…
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a…
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in…
![[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed](https://x86.se/wp-content/uploads/2026/04/webinar-mythos-reality-check-beating-automated-exploitation-at-ai-speed-400x225.jpg)
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here.…
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the…
Hackers Use Hidden Website Instructions in New Attacks on AI Assistants
Threat actors are now using a method called Indirect Prompt Injection (IPI) to trick Large Language Models (LLMs) by hiding secret commands on…
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security…
Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach
Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the…
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next.…
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited,…
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can…
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage…
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at…
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out…
How Ceros Gives Security Teams Visibility and Control in Claude Code
Security teams have spent years building identity and access controls for human users and service accounts. But a new category of actor has…
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the…
Why Security Validation Is Becoming Agentic
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one…
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of…
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by…
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in…
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can…
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that's designed to find, validate,…
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with…
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale.…
New RFP Template for AI Usage Control and AI Governance
As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget…
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a…
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI)…
How Exposed Endpoints Increase Risk Across LLM Infrastructure
As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming…
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and…
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence…
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software…
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4…
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to…
From Exposure to Exploitation: How AI Collapses Your Response Window
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving.…
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model…
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations
New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the "Summarize with…
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation…
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business…
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI)…
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the…