#ai-security
95 stories taggedai-security.
When 'Minor Foothold' Means Full Account Takeover: The Week IAM Bent the Wrong Way
A Claude security plugin, an Azure privilege-escalation chain, and a Kali365 MFA bypass all land in the same news cycle. Identity is still the soft underbelly.
Enterprise AI Risk Concentrates in a Sliver of Power Users, Report Finds
A new visibility study says the bulk of corporate AI exposure traces back to a thin slice of heavy users — most of it invisible to security teams.
Microsoft's New Device Isolation in Defender: A Double-Edged Sword?
Microsoft introduces automatic device isolation in Defender for Endpoint, but potential risks loom.
AI Risk Summit Returns August 11–12 at Half Moon Bay for Its Third Year
CISOs, policymakers, and AI researchers converge on the Ritz-Carlton for two days of hard conversation about what enterprise AI risk actually looks like in practice.
Microsoft Catches Chatbots Pointing Users at Cryptojacking Sites
A campaign tracked by Microsoft Defender Experts is poisoning AI assistant answers so that download recommendations lead to miner-laden installers.
Britain's Cyber Spymaster Calls AI an Unstoppable Force and Points the Finger at Moscow
The head of GCHQ's signals intelligence arm delivered a rare public speech warning that Russia is waging sustained gray-zone aggression — and that artificial intelligence will define who wins the next phase of that conflict.
The npm Package That Reached Into Claude's Sandbox
A bait package called mouse5212-super-formatter quietly siphoned files from the directory Anthropic's Claude uses to handle user uploads, exfiltrating them to a GitHub repo controlled by the author.
Infosecurity Europe 2026: What the London Gathering Means for the Security Calendar
The industry's largest European security conference returns to London on June 2–4, 2026, and the programme signals where enterprise security investment is heading.
The 'Too Many Tools' Webinar Is a Sales Pitch. The Numbers Behind It Are Harder to Find.
Vendors keep telling network teams that consolidation and AI will fix incident response. I asked four of them for the data. None sent any.
SOC Teams Are Running Out of Road Without AI, Manchester Panel Warns
Security practitioners gathered at DTX Manchester to debate machine-versus-machine warfare, alert fatigue, and why the fundamentals still matter before any AI switch gets flipped.
Microsoft Open-Sources Rampart and Clarity to Embed AI Agent Safety Into Dev Pipelines
Two new tools shift AI red-teaming left, targeting prompt injection and privilege escalation before code ships.
ChromaDB Flaw Exposes Servers to Remote Attacks
A vulnerability in ChromaDB allows attackers to execute code remotely, posing a risk to AI application servers.
AI-Driven OT Security Is Only as Good as the Telemetry Feeding It
Fewer than 10 percent of OT networks have meaningful monitoring in place, according to the 2026 Dragos OT Cybersecurity Year in Review. Until that changes, layering machine-learning tools on top of industrial control systems may create more risk than it resolves.
Ten Thousand Bugs, One Model: Inside Anthropic's Project Glasswing
Claude Mythos Preview has scanned more than a thousand open-source projects and surfaced thousands of critical flaws. The bottleneck has moved — and the patch queue is not moving fast enough.
AI Governance Is Broken Because It Still Lives Outside the Pipeline
Building compliance as a post-ship review layer made sense for static software. For AI systems that mutate overnight, it is organizational negligence dressed up as process.