Collaborate Disseminate
Anthropic’s Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a future where finding flaws is no longer the hard part.
The post Will AI Kill the Bug Bounty Industry… Continue reading Will AI Kill the Bug Bounty Industry?
CVE Lite CLI is a free, open-source command line tool that scans your projects in seconds and tells you exactly which included packages contain a vulnerability.
The post OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in S… Continue reading OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
As AI agents, machine identities, and third-party applications multiply across enterprises, Offroad is betting autonomous security agents can restore control over an increasingly unmanageable identity landscape.
The post Offroad Emerges From Stealth Wi… Continue reading Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
The AI Risk Quadrant evaluates AI agents based on three factors: how vulnerable they are to compromise, the potential impact of a breach, and the strength of their security defenses.
The post Security of 100 AI Agents Tested and Ranked – What You Need … Continue reading Security of 100 AI Agents Tested and Ranked – What You Need to Know
As AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control.
The post Two New Reports Offer Competing Explanations for Cybersecurity&#… Continue reading Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations.
The post Exclusive: How One Line of Code Put Billions of Microsoft Android App … Continue reading Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate.
The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appear… Continue reading Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
France-based startup Edamame says its runtime verification platform uses host telemetry and AI analysis to detect coding-agent “intent drift,” secret theft and supply-chain attacks in real time.
The post New Edamame Platform Aims to Catch AI Coding Age… Continue reading New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails
As AI accelerates phishing, session hijacking, and credential abuse, security teams are racing to close the gap between attacker speed and defensive response.
The post The Credential Crisis: How Stolen Credentials Defeat Modern Security appeared first … Continue reading The Credential Crisis: How Stolen Credentials Defeat Modern Security
Malicious repositories and disguised symlinks can trick AI coding agents into silently installing attacker-controlled MCP servers capable of stealing secrets, compromising CI pipelines, and deploying malicious code.
The post ‘SymJack’ Attack Turns AI C… Continue reading ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems