Microsoft has open-sourced two new tools aimed at bringing AI safety checks much earlier into the agent development lifecycle. The tools, called Rampart and Clarity, were announced this week as part of Microsoft’s broader push to operationalize safety engineering for agentic AI. “We built these tools because we believe that AI safety has to become…
Tag: Earlier
AI, Global Security News
New Shai-Hulud malware wave compromises 600 npm packages
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign. […]
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, malware, Risk Management
The Canvas breach proved that prevention is no longer enough
Earlier this month, ShinyHunters breached Instructure’s Canvas platform twice within a single week — stealing 3.65 terabytes of data from approximately 275 million users across more than 8,000 institutions. The group defaced login pages at hundreds of schools during final exam periods, forced Canvas offline, and extracted a ransom payment before Congress opened a formal…
Global Security News
JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. […]
Global Security News
US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective. […]
AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security
Dragos: Despite AI use, new malware targeting water plants is ‘hype’
One day AI may be capable of creating malware that threatens critical infrastructure. But that day was not earlier this month, when reports surfaced of a new piece of malware seemingly configured to search for and sabotage Israeli water infrastructure, according to industrial cybersecurity firm Dragos. The malware, called ZionSiphon, was first identified by AI…
Exploits, Global Security News
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management
CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks
Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug…
AI, APAC, Apps, Global Security News
With ‘Frontier,’ OpenAI hopes to own the enterprise agent stack
With its new Frontier platform, announced earlier this month, OpenAI is looking to position itself as the best option for managing enterprise AI agents. But to succeed, the company that delivered the popular ChatGPT in 2022 will need to show it can manage the complexity of large-scale agent deployments — and do so better than …
AI, Global Security News, Mergers & Acquisitions
Why CoreX Acquired InSource’s ServiceNow Unit in 2026
Earlier this year, CoreX announced that it would be acquiring InSource’s ServiceNow business unit to expand ServiceNow delivery capabilities. Companies say deal is a strategic move to scale ServiceNow services The companies involved say the deal will create a single, purpose-built organization to scale with intent, elevate enterprise transformation outcomes, and meet worldwide demand for…
AI, Anthropic, Artificial Intelligence, Global Security News, News
Claude Opus 4.6 improves agentic performance and model safety
Claude Opus 4.6 builds on earlier releases with improved coding performance and more consistent behavior in complex tasks. Opus 4.6 finds real vulnerabilities in codebases better than any other model (Source: Anthropic) According to Anthropic, the model applies more deliberate planning during task execution, sustains agent-driven workflows over longer periods, and operates with greater consistency…
AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…