Automation can’t fix broken security basics 2025-11-13 at 07:39 By Anamarija Pogorelec Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why Basic Security Still Fails report. Leadership often focuses on broad resilience goals while the day-to-day work that supports […]
Automation can’t fix broken security basics Read More »
The browser is eating your security stack 2025-11-13 at 07:39 By Anamarija Pogorelec Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security
The browser is eating your security stack Read More »
LevelBlue Futures Report: Retail Leaders Reveal Security Concerns 2025-11-12 at 16:09 By The future of retail cybersecurity: Explore insights from 220 retail executives on managing AI-driven threats and closing the cyber resilience gap. 44% of retail organizations report a sharp increase in cyberattacks, underscoring the urgent need for stronger cybersecurity defenses across the sector. 34%
LevelBlue Futures Report: Retail Leaders Reveal Security Concerns Read More »
Autonomous AI could challenge how we define criminal behavior 2025-11-12 at 10:44 By Sinisa Markovic Whether we ever build AI that thinks like a person is still uncertain. What seems more realistic is a future with more independent machines. These systems already work across many industries and digital environments. Alongside human-to-human and human-to-machine contact, communication
Autonomous AI could challenge how we define criminal behavior Read More »
When every day is threat assessment day 2025-11-12 at 09:00 By Mirko Zorz In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. He explains how ongoing threat assessments, AI-driven automation, and third-party risk management help maintain readiness. Mocarski also
When every day is threat assessment day Read More »
Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform 2025-11-11 at 23:07 By Mike Lennon Tel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities. The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform appeared first
Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform Read More »
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics 2025-11-11 at 14:10 By Ionut Arghire Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication. The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics Read More »
To get funding, CISOs are mastering the language of money 2025-11-11 at 09:00 By Mirko Zorz In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler explains how organizations
To get funding, CISOs are mastering the language of money Read More »
Many Forbes AI 50 Companies Leak Secrets on GitHub 2025-11-10 at 18:35 By Eduard Kovacs Wiz found the secrets and warned that they can expose training data, organizational structures, and private models. The post Many Forbes AI 50 Companies Leak Secrets on GitHub appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Many Forbes AI 50 Companies Leak Secrets on GitHub Read More »
How to adopt AI security tools without losing control 2025-11-10 at 11:28 By Help Net Security In this Help Net Security video, Josh Harguess, CTO of Fire Mountain Labs, explains how to evaluate, deploy, and govern AI-driven security tools. He talks about the growing role of AI in security operations and the new kinds of
How to adopt AI security tools without losing control Read More »
AI is rewriting how software is built and secured 2025-11-10 at 11:28 By Anamarija Pogorelec AI has become part of everyday software development, shaping how code is written and how fast products reach users. A new report from Cycode, The 2026 State of Product Security for the AI Era, explores how deeply AI now runs
AI is rewriting how software is built and secured Read More »
Data Exposure Vulnerability Found in Deep Learning Tool Keras 2025-11-07 at 15:41 By Ionut Arghire The vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks. The post Data Exposure Vulnerability Found in Deep Learning Tool Keras appeared first on SecurityWeek. This article is an excerpt from
Data Exposure Vulnerability Found in Deep Learning Tool Keras Read More »
Researchers Hack ChatGPT Memories and Web Search Features 2025-11-06 at 19:09 By Eduard Kovacs Tenable researchers discovered seven vulnerabilities, including ones affecting the latest GPT model. The post Researchers Hack ChatGPT Memories and Web Search Features appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Researchers Hack ChatGPT Memories and Web Search Features Read More »
Follow Pragmatic Interventions to Keep Agentic AI in Check 2025-11-06 at 14:45 By Steve Durbin Agentic AI speeds operations, but requires clear goals, least privilege, auditability, red‑teaming, and human oversight to manage opacity, misalignment, and misuse. The post Follow Pragmatic Interventions to Keep Agentic AI in Check appeared first on SecurityWeek. This article is an
Follow Pragmatic Interventions to Keep Agentic AI in Check Read More »
OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful
OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »
Humans built the problem, AI just scaled it 2025-11-06 at 08:04 By Anamarija Pogorelec Information moves across cloud platforms, personal devices, and AI tools, often faster than security teams can track it. Proofpoint’s 2025 Data Security Landscape report shows that most organizations faced data loss last year, usually caused by their own people. With AI
Humans built the problem, AI just scaled it Read More »
What shadow AI means for your company’s security 2025-11-06 at 07:45 By Help Net Security In this Help Net Security video, Peled Eldan, Head of Research at XM Cyber, explains the hidden risks of shadow AI. He describes how employees often use unapproved AI tools at work to save time or solve problems, even when
What shadow AI means for your company’s security Read More »
Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that
Google uncovers malware using LLMs to operate and evade detection Read More »
Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns 2025-11-05 at 17:25 By Eduard Kovacs Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection. The post Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns
Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns Read More »
PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that
PortGPT: How researchers taught an AI to backport security patches automatically Read More »