Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different kind of agent inside its Office applications, one designed to keep operating in the background once a person stops paying attention. The company introduced Microsoft Scout, calling…
Tag: assistants
AI, Global Security News
Agent Threat Rules: Open detection rule format for AI agent security threats
AI agents run inside coding assistants, MCP servers, and multi-agent frameworks, and the access that makes them useful also opens paths to prompt injection, tool poisoning, and credential theft. Public CVE feeds carry agent-execution flaws that reach production faster than the tooling built to catch them. Agent Threat Rules, or ATR, is an open detection…
AI, Cybersecurity, Data Breaches, Global Security News
The CISO selling confidence in a market full of breach headlines
Engineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled the role of the chief information security officer into territory that did not exist two years ago.…
AI, Apps, Global Security News, Risk Management
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
As AI coding assistants accelerate software development, one OWASP-backed open-source project is arguing that dependency security tooling still arrives too late to be truly useful. CVE Lite CLI, a JavaScript and TypeScript dependency vulnerability scanner focused on local lockfile analysis, is positioning itself around a simple idea. Developers should see dependency risks while they are…
AI, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
Claude Code MCP Attack Enables Persistent Token Theft
AI coding assistants are becoming deeply integrated with enterprise SaaS platforms, but new research shows those connections may introduce hard-to-detect credential theft risks. Researchers demonstrated a MitM attack targeting Anthropic’s Claude Code that abuses MCP integrations to steal OAuth tokens and maintain persistent access to connected SaaS platforms and APIs. “AI agents used for code…
Cybersecurity, Global Security News, Risk Management
Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your Business
Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data.
AI, Global Security News, Risk Management
Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian
AI coding assistants are quickly becoming part of everyday development. Tools like Cursor, Claude Code, and GitHub Copilot can now do more than suggest code. They can read files, run shell commands, and call external tools during a session. That makes them useful, but it also creates a new risk: secrets can be exposed long…
AI, Apps, Compliance, Endpoint, Global Security News, Network Security, Risk Management
Secure AI agent access patterns to AWS resources using Model Context Protocol
AI agents and coding assistants interact with AWS resources through the Model Context Protocol (MCP). Unlike traditional applications with deterministic code paths, agents reason dynamically, choosing different tools or accessing different data depending on context. You must assume an agent can do anything within its granted entitlements, whether OAuth scopes, API keys, or AWS Identity…
AI, Global Security News, Risk Management
Apiiro CLI turns AI coding assistants into full-stack security engineers
The Apiiro CLI brings the Apiiro platform to your terminal and to your AI coding assistants, giving them six native security capabilities: scanning, risk management, remediation, an AI security analyst (via Apiiro Guardian Agent), AI Threat Modeling, and prompt enrichment. It installs in seconds on macOS, Linux, and Windows via brew, direct download, or RPM.…
AI, APAC, Exploits, Global Security News, malware
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code execution vulnerability in Apache ActiveMQ that’s been introduced in the codebase 13 years ago. The vulnerability was patched in late March 2026 and there’s currently no indication that it is…
AI, Global Security News
Amazon Collaborates With NVIDIA on Advanced AI Assistants for Cars
The technology could help automakers build AI assistants that understand group conversations and what’s happening around the car.
AI, Global Security News
New font-rendering trick hides malicious commands from AI tools
A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML. […]
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
AI Email Summaries Create a New Phishing Attack Surface
Artificial intelligence (AI) assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector. Permiso researchers found that attacker-controlled text embedded in emails can manipulate Microsoft Copilot summaries through cross prompt injection attacks (XPIA), potentially inserting deceptive security alerts or malicious prompts into…
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management, Russia
How AI Assistants are Moving the Security Goalposts
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting…
AI, Cybersecurity, Global Security News
11 Best MCP Gateways in 2026: In-Depth Comparison
In this post, I will show you the 11 best MCP gateways in 2026. Unlike the AI assistants of just one year ago, AI agents in 2026 don’t just answer questions; they act. AI agents can now connect to your databases, query your internal tools, read and write to your SaaS platforms, and make decisions…
AI, Global Security News, Risk Management
Enterprises are racing to secure agentic AI deployments
AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can open pull requests, query internal databases, book services, and trigger automated workflows with limited human involvement. The State of AI Security 2026 from Cisco places this level of access inside a…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments
As enterprises rush to integrate AI assistants into daily workflows, a new and potentially overlooked attack surface is emerging: Model Context Protocol (MCP) servers. Built to connect AI applications to external tools and data, MCP servers can be exploited to execute code, exfiltrate data and manipulate users — often without visible signs of compromise. Attackers…
AI, Global Security News
AI platforms can be abused for stealthy malware communication
AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. […]
AI, Global Security News
AWS coding agents gain new plugin support across development tools
AI coding assistants have become a routine part of many development workflows, helping engineers write, test, and deploy code from IDEs or command line interfaces. One recent change in this ecosystem makes it possible for those agents to interact with AWS in a broader set of ways by adding a library of plugins that give…
AI, Cybersecurity, Global Security News
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok
AI, Artificial Intelligence, Data Breaches, EU, Europe, european commission, Global Security News, Government, News
EU targets Meta over WhatsApp AI access restrictions
The European Commission believes Meta breached EU competition rules by blocking other AI assistants from accessing and interacting with users on WhatsApp. The case centers on a change Meta announced on 15 October 2025 to the WhatsApp Business Solution Terms. The update effectively blocked third-party, general-purpose AI assistants from operating on WhatsApp. Since 15 January…
AI, Artificial Intelligence, Data Breaches, EU, Europe, european commission, Global Security News, Government, News
EU targets Meta over WhatsApp AI access restrictions
The European Commission believes Meta breached EU competition rules by blocking other AI assistants from accessing and interacting with users on WhatsApp. The case centers on a change Meta announced on 15 October 2025 to the WhatsApp Business Solution Terms. The update effectively blocked third-party, general-purpose AI assistants from operating on WhatsApp. Since 15 January…