Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters, reasons about how to attack it, and creates a strategy on the fly, all with the…
Tag: Institute
Global Security News
Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns
A new Silobreaker and SANS Institute paper examines the ‘Intelligence-Stakeholder Gap’ and what organizations must do to achieve business buy-in on threat intelligence
AI, Cybersecurity, Global Security News
How NIST fumbled management of the National Vulnerability Database
A US federal watchdog has outlined how the National Institute of Standards and Technology (NIST) failed to effectively manage the growing backlog of unprocessed cybersecurity vulnerabilities in the National Vulnerability Database (NVD). How the NVD crisis unfolded The NVD was established in 2005 and serves as a central repository for cybersecurity vulnerability data. When security…
Global Security News
The Oncology Institute reports patient data potentially exposed in third-party vendor breach
The Oncology Institute disclosed on May 20, 2026, that Kroll, a third-party administrator for an unnamed vendor, detected unauthorized access to systems that may have affected patient data.
AI, Cybersecurity, Data Breaches, Global Security News, Network Security
Third-Party Cyberattack Impacts Patient Information at The Oncology Institute
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was…
AI, Global Security News
Friendlier chatbots can be less reliable, study says
New research from the Oxford Internet Institute indicates that AI chatbots trained to be extra warm, friendly, and empathetic can also become less reliable, according to the BBC. The researchers analyzed more than 400,000 responses from five different AI models from Meta, Mistral AI, Alibaba, and OpenAI. The results showed that the “kinder” versions more…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges
The National Institute of Standards and Technology (NIST) is narrowing how it analyzes and scores software vulnerabilities, citing a sharp increase in submissions that has made it difficult to keep pace. “For years, security teams relied on NVD for vulnerability context to support prioritization decisions. But that model is under real strain,” said Ian Gray,…
Global Security News
NIST to stop rating non-priority flaws due to volume increase
The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing workload from rising submission volumes. […]
AI, Cybersecurity, Global Security News
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. “CVEs that do not meet those criteria will still be…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
NIST cuts down CVE analysis amid vulnerability overload
Overwhelmed by an escalating volume of security flaws, the National Institute of Standards and Technology (NIST) has announced significant changes to how it handles cybersecurity vulnerabilities and exposures (CVEs). Rather than commit to providing enrichment for all entries in its National Vulnerability Database (NVD), the agency will focus on just the most critical CVEs, which…
Global Security News
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws.
AI, Apps, Cloud Security, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
A joint report from the Cloud Security Alliance (CSA), the SANS Institute and the Open Worldwide Application Security Project (OWASP) concludes that in the near term, organizations are “likely to be overwhelmed” by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch them. While those organizations can use AI tools…
AI, Global Security News
Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs
SANS Institute reveals that AI agents are behind a 76% surge in non-human identities
AI, Cybersecurity, Global Security News, Risk Management
Anthropic forms institute to study long-term AI risks facing society
Anthropic has established the Anthropic Institute, a research unit focused on studying the societal effects of AI and informing policy responses to risks from more advanced systems. “In the five years since Anthropic began, AI progress has moved incredibly quickly. It took us two years to release our first commercial model, and just three more…
AI, Apps, Cybersecurity, Global Security News, Risk Management
US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards Initiative, which it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.” AI agents, which have now ascended to the status of…