The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say
Tag: Find
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows
Agents have agency: they adapt and find multiple ways to solve problems. This autonomy creates a fundamental security challenge: the large language model (LLM) at the heart of the agent is non-deterministic, and its decisions can’t be predicted or guaranteed in advance. It can hallucinate harmful actions with complete confidence. It’s vulnerable to prompt injection…
AI, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution
We find ourselves teetering upon a precipice of our own unwitting construction, and the vertiginous depth of our collective negligence ought to give every security practitioner profound pause. In our headlong rush to deploy AI agents across enterprise environments, we have erected an infrastructure so thoroughly unfortified that it beggars belief. The Model Context Protocol,…
Global Security News
‘TrustFall’ Exposes Claude Code Execution Risk
Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction.
AI, Global Security News
Cursor AI IDE vulnerability allows code execution via hidden Git hooks
Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories.
Global Security News, Government & Policy
Helping Romance Scam Victims Require a Proactive, Empathic Approach
People targeted by confidence schemes find getting help is a lonely road. Experts want law enforcement, financial and government institutions to work together and protect them.
AI, Exploits, Global Security News
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We…
Global Security News
K2view vs Broadcom For Test Data Management
Compare Broadcom TDM and K2view across architecture, integration, masking, and scalability to find the right test data management solution for your needs.
AI, Cybersecurity, Exploits, Global Security News, Network Security
Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution
As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined…
AI, Global Security News
AI opportunity is clear for Australia’s architecture, engineering, and construction yet the sector is struggling to govern it
GUEST OPINION: Australia’s architecture, engineering, and construction (AEC) industry is not struggling to find uses for artificial intelligence (AI); it is grappling with how to govern it.
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, privacy, Risk Management
Here’s What Agentic AI Can Do With Have I Been Pwned’s APIs
I love cutting-edge tech, but I hate hyperbole, so I find AI to be a real paradox. Somewhere in that whole mess of overnight influencers, disinformation and ludicrous claims is some real “gold” – AI stuff that’s genuinely useful and makes a meaningful difference. This blog post cuts straight to the good stuff, specifically how…
AI, Exploits, Global Security News
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional defenders prioritized access to AI tools built for that purpose. The company is scaling its Trusted Access for Cyber (TAC) program to thousands of verified individual…
AI, Apps, Global Security News, Risk Management
Scans for EncystPHP Webshell, (Mon, Apr 13th)
Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the “EncystPHP” web shell. Fortinet wrote about…
AI, APAC, Global Security News
Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years
Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic
AI, Apps, Global Security News, privacy
As cheap PCs vanish, enterprises might still find value in upgrades
Some enterprises might find that upgrading to newer, more expensive PCs is worth the investment since it appears cheap PCs won’t be coming anytime soon, analysts said. Dell and HP both have announced new business PCs that run Intel’s long-awaited Panther Lake chip, also called the Core Ultra Series 3; it has been touted as…
AI, Cybersecurity, Exploits, Global Security News
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds. The catch: LLMs are evolving so rapidly that this convenience might come with hidden dangers. The latest example is from researcher Hung Nguyen from AI red teaming…
AI, Data Breaches, Global Security News
Weekly Update 497
Day by day, I find we’re eeking more goodness out of OpenClaw and finding the sweet spot between what the humans do well and the agent can run off and do on its own. Significantly, we’re shifting more and more of the workload to the latter as all 3 of us at HIBP HQ get…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Why CISOs should embrace AI honeypots
The nightmare begins with our protagonist trying to find a way inside to get to the firm’s files, but every door is bolted shut. Then they spot a back entrance and they’re in, first walking, then running down one corridor, then another, and another, feeling that they’re getting ever closer to that file and a…
AI, APAC, Apps, Exploits, Global Security News, Network Security, privacy, Risk Management, Venture
The dark side of chatbots with ‘personality’
They say you can find anything on Amazon. Now, you can even get a personality. Not for yourself, but for your AI “friend,” Alexa. Amazon has announced four new “conversation styles” or “personalities” for its voice-interaction Alexa+ AI chatbot. Users can now choose between “Brief,” “Chill,” “Sweet,” and “Sassy” styles and pick from a range…
Global Security News
The Unexpected Risk of Letting ChatGPT Fact-Check Your Financial Adviser
Research shows that advisers find it more insulting to be double-checked by a chatbot than by a human rival.
AI, Apps, Exploits, Global Security News
/proxy/ URL scans with IP addresses, (Mon, Mar 16th)
Attempts to find proxy servers are among the most common scans our honeypots detect. Most of the time, the attacker attempts to use a host header or include the hostname in the URL to trigger the proxy server forwarding the request. In some cases, common URL prefixes like “/proxy/” are used. This weekend, I noticed a slightly…
Europe, Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on Constellation Software, European semiconductor companies and more in the latest Market Talks covering technology, media and telecom.
AI, Global Security News
OpenAI joins the race in AI-assisted code security
OpenAI introduced Codex Security, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities. The launch comes a few weeks after rival Anthropic unveiled its Claude Code Security tool. The feature is available in research preview via Codex Web for ChatGPT Pro, Enterprise, Business, and Edu customers, with free access for…
Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on DraftKings, Guidewire Software and more in the latest Market Talks covering technology, media and telecom.
AI, Global Security News
Gemini Said They Could Only Be Together If He Killed Himself. Soon, He Was Dead.
A new lawsuit alleges Google’s chatbot sent a Florida man on missions to find an android body it could inhabit. When that failed, it set a suicide countdown clock for him.
AI, Compliance, Data Breaches, Europe, Global Security News
Europe forces a search reset: Google experiments with fairer rankings
Google continues to find itself in hot water over its alleged antitrust tactics and monopolization of certain market segments. Now its parent company, Alphabet, seems to be ceding to EU scrutiny of its search practices. The company will reportedly begin testing changes to its search engine results in the EU to more fairly represent vertical…
Global Security News, privacy
$10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon
Amid a privacy backlash, a US $10,000 reward has been offered for anyone who can find a way to run Ring doorbell cameras locally, cutting off the flow of video data to Amazon’s servers. Read more in my article on the Hot for Security blog.
Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on Oracle, the selloff in software stocks and more in the latest Market Talks covering Technology, Media and Telecom.
Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on Oracle, the selloff in software stocks and more in the latest Market Talks covering Technology, Media and Telecom.