cybersecurity
What happens to oversight when AI agents write a lab’s own code
Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between …
Most agentic AI projects in production have stalled over data problems
Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The …
Low-skilled attacker used Claude, Codex to breach 14 companies
Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that …
What’s new in Android 17? Anti-theft tools, scam detection, and parental controls
The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security …
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live …
The SOC’s visibility gap comes down to staffing
AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools …
Microsoft AntiSSRF open-source library helps block server-side request forgery
AntiSSRF is an open-source code library from Microsoft that validates URLs and network connections to reduce server-side request forgery (SSRF) risks in web applications. It …
Product showcase: From phishing texts to risky Wi-Fi, Norton 360 Deluxe watches the gaps
Norton 360 Deluxe combines device security, scam detection, web protection, and VPN privacy in a single subscription that covers up to five devices. It is available for …
The checklist problem behind critical infrastructure cyber safety
An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from …
Software supply chains are heading for a transparency test
Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM …
Reachability makes AI threat modeling worth the trust
In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. …
The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy
In the latest episode of Identity Insider, I sat down with Chris Hughes, a cybersecurity expert who’s involved in OWASP’s work on non-human and machine identity …
Featured news
Resources
Don't miss
- Securing digital keys when your phone unlocks the car
- How security teams are getting credential visibility into developer endpoints
- What happens to oversight when AI agents write a lab’s own code
- Low-skilled attacker used Claude, Codex to breach 14 companies
- Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)