Scoring AI hackers when there is no answer key 2026-06-25 at 08:30 By Mirko Zorz AI models are solving more and more of the offensive-cyber tests built to measure them. Once a model solves most of a benchmark, that benchmark runs out of room and says little about the best systems anymore. Many of those […]
Scoring AI hackers when there is no answer key Read More »
Most agentic AI projects in production have stalled over data problems 2026-06-18 at 07:00 By Anamarija Pogorelec Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026,
Most agentic AI projects in production have stalled over data problems Read More »
Onspring CISO on where automated GRC systems fall short 2026-06-15 at 09:00 By Mirko Zorz In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their
Onspring CISO on where automated GRC systems fall short Read More »
Open-source CI/CD abuse detector guards against stolen credential attacks 2026-06-15 at 08:30 By Sinisa Markovic CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure
Open-source CI/CD abuse detector guards against stolen credential attacks Read More »
Most pros have seen AI hallucinations in IT operations 2026-06-05 at 09:24 By Anamarija Pogorelec Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are reporting
Most pros have seen AI hallucinations in IT operations Read More »
Microsoft Scout agent opens a new category of always-on Autopilots 2026-06-03 at 11:28 By Anamarija Pogorelec Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different kind of agent inside its Office applications, one designed to keep
Microsoft Scout agent opens a new category of always-on Autopilots Read More »
Microsoft turns Copilot Studio into an AI agent control center 2026-05-14 at 18:25 By Anamarija Pogorelec The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experience, giving admins insight into each agent’s security and protection posture. Customers
Microsoft turns Copilot Studio into an AI agent control center Read More »
Security teams are turning to AI to survive alert overload 2026-05-11 at 08:18 By Anamarija Pogorelec The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with
Security teams are turning to AI to survive alert overload Read More »
Scenario: Open-source framework for automated AI app red-teaming 2026-04-23 at 09:47 By Mirko Zorz Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that runs automated red-team exercises against AI agents using
Scenario: Open-source framework for automated AI app red-teaming Read More »
PentAGI: Open-source autonomous AI penetration testing system 2026-04-22 at 10:09 By Anamarija Pogorelec Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an open-source project from VXControl, attempts to automate that entire workflow using a multi-agent AI system that plans, researches, and
PentAGI: Open-source autonomous AI penetration testing system Read More »
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers 2026-04-15 at 10:02 By Sinisa Markovic Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional defenders prioritized access to AI tools built for that
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers Read More »
Anthropic’s new AI model finds and exploits zero-days across every major OS and browser 2026-04-08 at 08:12 By Anamarija Pogorelec Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. Anthropic’s Claude Mythos Preview, a
Anthropic’s new AI model finds and exploits zero-days across every major OS and browser Read More »
AI SOC vendors are selling a future that production deployments haven’t reached yet 2026-03-26 at 12:32 By Mirko Zorz Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in analyst workload, and an accelerating path toward humanless operations. Practitioners buying and deploying those
AI SOC vendors are selling a future that production deployments haven’t reached yet Read More »
ENISA advisory examines package manager security risks 2026-03-12 at 15:24 By Anamarija Pogorelec Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside package managers extends software supply chains across large collections of external components. ENISA’s Technical Advisory for Secure Use
ENISA advisory examines package manager security risks Read More »
Cursor Automations turns code review and ops into background tasks 2026-03-06 at 12:18 By Anamarija Pogorelec Cursor Automations, the always-on agent platform from Cursor, is expanding with a new generation of autonomous systems that streamline code review, incident response, and other engineering workflows. The platform runs AI agents on schedules or in response to development
Cursor Automations turns code review and ops into background tasks Read More »
What happens when AI teams compete against human hackers 2026-03-06 at 07:58 By Anamarija Pogorelec A cybersecurity competition produced what may be the largest controlled dataset comparing AI-augmented teams to human-only teams on professional-grade offensive security tasks. The event, called NeuroGrid, ran for 72 hours on the Hack The Box platform and drew 1,337 registered
What happens when AI teams compete against human hackers Read More »
BlacksmithAI: Open-source AI-powered penetration testing framework 2026-03-02 at 08:00 By Mirko Zorz BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. A multi-agent structure for offensive workflows BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution across specialized agents.
BlacksmithAI: Open-source AI-powered penetration testing framework Read More »
Industrial networks continue to leak onto the internet 2026-02-27 at 07:30 By Mirko Zorz Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report
Industrial networks continue to leak onto the internet Read More »
What boards need to hear about cyber risk, and what they don’t 2026-02-02 at 09:10 By Help Net Security In this Help Net Security video, Rishi Kaushal, CIO at Entrust, explains how security leaders should talk to the board about cyber risk. He focuses on what matters to board members and what does not. He
What boards need to hear about cyber risk, and what they don’t Read More »
n8n adds Chat Hub to centralize AI access inside automation workflows 2026-01-28 at 12:32 By Anamarija Pogorelec Teams using automation platforms are starting to treat conversational AI as another operational interface. That change is reflected in a new feature from n8n, which has introduced a built-in Chat Hub designed to let users interact with AI
n8n adds Chat Hub to centralize AI access inside automation workflows Read More »