automation

Prompt injection is becoming the XSS of the web agent era

Prompt injection is becoming the XSS of the web agent era 2026-07-17 at 09:00 By Anamarija Pogorelec Autonomous web agents read whatever a page displays, and much of that content comes from strangers. Product reviews, seller listings, and advertisements sit beside trusted site menus on a single page. An agent that reads all of that […]

Prompt injection is becoming the XSS of the web agent era Read More »

Fake smart home residents could stand in for real ones in security research

Fake smart home residents could stand in for real ones in security research 2026-07-14 at 08:30 By Anamarija Pogorelec Smart home security research runs on a scarce ingredient: recordings of how real people use the gadgets in their homes. Getting that data means wiring up someone’s house and watching for months, which is slow, costly,

Fake smart home residents could stand in for real ones in security research Read More »

AWS gives its ERP agent deny-by-default rules and a separate identity

AWS gives its ERP agent deny-by-default rules and a separate identity 2026-07-10 at 08:00 By Sinisa Markovic Accounts receivable teams at large companies spend hours each day matching incoming bank payments to invoices by hand. When those payments sit unmatched for days, cash flow suffers and days sales outstanding climbs. The same pattern repeats across

AWS gives its ERP agent deny-by-default rules and a separate identity Read More »

macOS is becoming a proving ground for AI agents

macOS is becoming a proving ground for AI agents 2026-07-08 at 08:00 By Sinisa Markovic Somewhere right now, a Mac Mini is sitting on a shelf doing someone’s chores. Nobody’s watching it. It reads a version number out of Terminal, hops over to Safari, digs up a release year, then quietly files a reminder, the

macOS is becoming a proving ground for AI agents Read More »

Researchers make the case for a cybersecurity AI scientist

Researchers make the case for a cybersecurity AI scientist 2026-07-07 at 09:30 By Mirko Zorz Autonomous AI agents have started doing real security work. Language-model agents probe software for flaws, run penetration tests, and chain together attack steps that once needed a human operator. Research about security has stayed slower and more manual, built around

Researchers make the case for a cybersecurity AI scientist Read More »

Organizations struggle to prioritize known cyber risks

Organizations struggle to prioritize known cyber risks 2026-07-03 at 07:30 By Anamarija Pogorelec Organizations collect more cyber risk data than ever, with many still struggling to build a unified view of their exposure. The latest State of Threat Management report from Filigran found that security teams continue to work across disconnected tools, leaving important context

Organizations struggle to prioritize known cyber risks Read More »

DarkMoon: Open-source AI pentesting platform

DarkMoon: Open-source AI pentesting platform 2026-06-29 at 08:30 By Mirko Zorz Penetration testing has long run on expert time, with specialists spending days probing a network or web application by hand. Manual engagements stretch across weeks, expert consultants run into thousands of dollars a day, and results vary with the tester. Automation promises to narrow

DarkMoon: Open-source AI pentesting platform Read More »

Most agentic AI projects in production have stalled over data problems

Most agentic AI projects in production have stalled over data problems 2026-06-18 at 07:00 By Anamarija Pogorelec Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026,

Most agentic AI projects in production have stalled over data problems Read More »

Onspring CISO on where automated GRC systems fall short

Onspring CISO on where automated GRC systems fall short 2026-06-15 at 09:00 By Mirko Zorz In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their

Onspring CISO on where automated GRC systems fall short Read More »

Open-source CI/CD abuse detector guards against stolen credential attacks

Open-source CI/CD abuse detector guards against stolen credential attacks 2026-06-15 at 08:30 By Sinisa Markovic CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure

Open-source CI/CD abuse detector guards against stolen credential attacks Read More »

Most pros have seen AI hallucinations in IT operations

Most pros have seen AI hallucinations in IT operations 2026-06-05 at 09:24 By Anamarija Pogorelec Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are reporting

Most pros have seen AI hallucinations in IT operations Read More »

Microsoft Scout agent opens a new category of always-on Autopilots

Microsoft Scout agent opens a new category of always-on Autopilots 2026-06-03 at 11:28 By Anamarija Pogorelec Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different kind of agent inside its Office applications, one designed to keep

Microsoft Scout agent opens a new category of always-on Autopilots Read More »

Microsoft turns Copilot Studio into an AI agent control center

Microsoft turns Copilot Studio into an AI agent control center 2026-05-14 at 18:25 By Anamarija Pogorelec The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experience, giving admins insight into each agent’s security and protection posture. Customers

Microsoft turns Copilot Studio into an AI agent control center Read More »

Security teams are turning to AI to survive alert overload

Security teams are turning to AI to survive alert overload 2026-05-11 at 08:18 By Anamarija Pogorelec The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with

Security teams are turning to AI to survive alert overload Read More »

Scenario: Open-source framework for automated AI app red-teaming

Scenario: Open-source framework for automated AI app red-teaming 2026-04-23 at 09:47 By Mirko Zorz Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that runs automated red-team exercises against AI agents using

Scenario: Open-source framework for automated AI app red-teaming Read More »

PentAGI: Open-source autonomous AI penetration testing system

PentAGI: Open-source autonomous AI penetration testing system 2026-04-22 at 10:09 By Anamarija Pogorelec Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an open-source project from VXControl, attempts to automate that entire workflow using a multi-agent AI system that plans, researches, and

PentAGI: Open-source autonomous AI penetration testing system Read More »

OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers

OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers 2026-04-15 at 10:02 By Sinisa Markovic Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional defenders prioritized access to AI tools built for that

OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers Read More »

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser 2026-04-08 at 08:12 By Anamarija Pogorelec Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. Anthropic’s Claude Mythos Preview, a

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser Read More »

AI SOC vendors are selling a future that production deployments haven’t reached yet

AI SOC vendors are selling a future that production deployments haven’t reached yet 2026-03-26 at 12:32 By Mirko Zorz Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in analyst workload, and an accelerating path toward humanless operations. Practitioners buying and deploying those

AI SOC vendors are selling a future that production deployments haven’t reached yet Read More »

Scroll to Top