Geek-Guy.com

Tag: models

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Trump Signs Executive Order Creating Voluntary AI Security Review Framework

President Trump has introduced a new executive order aimed at strengthening oversight of advanced AI models without imposing new regulations on tech companies.  The order establishes a voluntary framework that allows developers of powerful AI models to share systems with the federal government for security reviews before public release. “The United States continues to lead…

Read more →

AI, Apps, Endpoint, Global Security News, Risk Management

AI security needs a shift from models to systems, researchers argue

Enterprises cannot secure AI agents by making the underlying models more robust and must instead enforce security controls at the system level around them, researchers behind a paper published this month argued, warning that traditional AI-security approaches are increasingly misaligned with how autonomous agents actually operate inside enterprise environments. The paper argues that enterprises should…

Read more →

AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Agentic AI Security Risks Increase Governance Demands for MSPs

BYOD was a headache. AI agents are an existential crisis. Advanced AI models pose a massive security and governance challenge for the channel, forcing managed service providers (MSPs) and tech partners to rethink how they protect corporate data. Agentic AI adoption exposes governance gaps The shift from passive, generative AI chatbots to fully autonomous agents…

Read more →

AI, Global Security News, Network Security

When your AI assistant has the keys to production

Large language models in operational roles query telemetry, propose configuration changes, and in some deployments execute those changes against live infrastructure. Ticket drafting and alert summarization were the starting point. Vendors describe this work as autonomous remediation or self-healing infrastructure. A recent survey on agentic AI in network and IT operations gives it a more…

Read more →

AI, Cybersecurity, Exploits, Global Security News

AI might cut false positives, but it won’t stop the slop 

As defenders get their hands on newer AI models with more powerful cybersecurity capabilities like Anthropic’s Mythos and OpenAI’s Daybreak, organizations are being told to prepare for a flood of new vulnerability reports. But for bug bounty programs across the nation, that day may already be here, as yesterday’s frontier models and today’s open-source AI…

Read more →

AI, Exploits, Global Security News, Government & Policy, Risk Management

AI cyberattackers are getting better faster

The ability of AI models to perform end-to-end, multi-stage penetration tests that match the capabilities of humans undertaking the same tasks has improved dramatically in recent months, according to new benchmarks published by the UK government’s AI Security Institute (AISI). In November 2025, the difficulty of cyber tasks the best models could complete was doubling…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

Pentagon cyber official calls advanced AI ‘revolutionary warfare’

Advanced artificial intelligence models will “fundamentally change warfare as we know it,” a top cyber official at the Defense Department said Thursday, saying it represents “not evolutionary warfare, but revolutionary warfare.” Paul Lyons, principal deputy assistant secretary for cyber policy, said the development of frontier AI models like Mythos amounted to a “watershed moment,” speaking…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy

AI cyber capability is speeding past earlier projections

AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capability using “time horizon benchmarks”, which estimate how long AI systems can complete cybersecurity tasks autonomously compared to human experts. “In February 2026, we estimated that frontier models’…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security

Researchers say AI just broke every benchmark for autonomous cyber capability

Two of the most advanced artificial intelligence models — Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5 — have significantly surpassed the already-accelerating pace at which AI systems are completing autonomous cybersecurity tasks, according to separate findings published Wednesday by the United Kingdom’s AI Security Institute (AISI) and Palo Alto Networks. The AISI, which conducts pre-deployment…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Cisco Reveals Security Gaps in Vision Language Models

Vision language models (VLMs) continue to expand the capabilities of artificial intelligence by combining image and text understanding into a single system.  However, recent research from Cisco into typographic prompt injection attacks highlights significant weaknesses in how these models interpret and secure visual information.  The second installment of Reading Between the Pixels explores how small…

Read more →

AI, Apps, Global Security News

Snyk integrates Claude to advance AI-native application security

Snyk has announced it is leveraging Anthropic’s Claude models to advance software security. Snyk has integrated Claude into the Snyk AI Security Platform, enabling automated vulnerability discovery, prioritization, and developer-ready fixes across code, dependencies, containers, and AI-generated artifacts. The threat driving that integration is real and accelerating. It’s a challenge that JPMorganChase’s Global Technology Leadership…

Read more →

AI, Apps, china, Compliance, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Russia

Inside the World of Laptop Farms: How They Help Foreign Remote Workers Look U.S.-Based to Earn More Money

The expansion of remote work fundamentally altered enterprise security models. Organizations that once relied on tightly controlled office environments suddenly began shipping pre-configured corporate laptops to workers they would never physically meet. VPN enrollment, SaaS identity platforms, remote onboarding systems, and cloud collaboration tools rapidly became the new trust perimeter. Criminal organizations and state-sponsored operators…

Read more →

AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security

Why most zero-trust architectures fail at the traffic layer

Zero trust has become one of the most widely adopted security models in enterprise environments. Organizations invest heavily in identity systems, access policies and modern security tooling. On paper, these environments look well-protected. Yet during incidents, a different reality often emerges. I have worked with organizations where zero-trust initiatives were fully implemented from an identity…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models

The Trump administration is in early discussions about whether advanced AI models should be vetted before public release, according to reporting from the New York Times, the Wall Street Journal, and Axios. The conversations center on systems capable of facilitating cyberattacks, particularly models that could help users identify and exploit software vulnerabilities. Officials are considering…

Read more →

AI, Apps, Global Security News, Network Security, privacy

Open-source privacy proxy masks PII before prompts reach external AI services

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local gateway that detects and masks personally identifiable information before requests leave the network. The tool…

Read more →

AI, Cloud Security, Cybersecurity, Europe, Global Security News, Government & Policy, privacy, Risk Management

Bank regulator sounds warning over cybersecurity threat posed by AI models

Frontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking sector is ill equipped to cope with, Australia’s financial regulator, the Australian Prudential Regulation Authority (APRA), has warned. In a letter addressed to the country’s financial sector this week, the body lays out how the arrival of Claude…

Read more →

AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

Organizations are rapidly adopting AI models, but many still lack visibility into where those models come from or how they’ve been modified along the way.  Cisco is aiming to close that gap with the release of its open-source Model Provenance Kit, a tool designed to verify the origins of AI models and improve trust across…

Read more →

Cybersecurity, Exploits, Global Security News

22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed

Read more →

AI, Global Security News

Researchers build an encrypted routing layer for private AI inference

Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models. A cryptographic technique called Secure Multi-Party Computation (MPC) makes this possible. It splits data into encrypted fragments, distributes them across two or more servers that do not share information with…

Read more →

AI, Cybersecurity, Global Security News

Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards

Software teams building agentic AI workflows have been pushing frontier models toward longer, unsupervised task runs. Claude Opus 4.7, now generally available from Anthropic, is aimed squarely at that demand, with particular gains in software engineering, multimodal processing, and the kind of instruction fidelity that matters when a model is running tasks autonomously over multiple…

Read more →

AI, Compliance, Global Security News

GitLab Collaborates with Google Cloud to Bring Agentic DevSecOps to Enterprise Teams Using Vertex AI

COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call foundation models through Vertex AI, including Gemini models, with agent actions governed by GitLab’s built-in compliance and audit controls. Organisations can run GitLab’s AI Gateway on Google Cloud with no separate AI infrastructure to provision or manage. Customers with Google Cloud commitments can…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Anthropic’s Project Glasswing Signals Potential AI-Driven Shift in Cybersecurity

Anthropic’s Project Glasswing highlights how advanced AI models may rival top human experts in finding and exploiting software vulnerabilities.  Early claims from the company suggest these models, like Claude Mythos Preview, can operate at large scale and find vulnerabilities faster. However, security leaders share mixed views on the claims. “Mythos appears to materially change the…

Read more →

AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security

Why most zero-trust architectures fail at the traffic layer

Zero trust has become one of the most widely adopted security models in enterprise environments. Organizations invest heavily in identity systems, access policies, and modern security tooling. On paper, these environments look well-protected. Yet during incidents, a different reality often emerges. I have worked with organizations where zero-trust initiatives were fully implemented from an identity…

Read more →

AI, Global Security News

Google study finds LLMs are embedded at every stage of abuse detection

Online platforms are running large language models at every stage of LLM content moderation, from generating training data to auditing their own systems for bias. Researchers at Google mapped how this is happening across what the authors call the Abuse Detection Lifecycle, a four-stage framework covering labeling, detection, review and appeals, and auditing. Earlier moderation…

Read more →

AI, Endpoint, Global Security News, malware

Malware detectors trained on one dataset often stumble on another

Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases has been deliberately obfuscated to evade detection. A study from researchers at the Polytechnic of Porto…

Read more →

Global Security News

A nearly undetectable LLM attack needs only a handful of poisoned samples

Prompt engineering has become a standard part of how large language models are deployed in production, and it introduces an attack surface most organizations have not yet addressed. Researchers have developed and tested a prompt-based backdoor attack method, called ProAttack, that achieves attack success rates approaching 100% on multiple text classification benchmarks without altering sample…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

AI is breaking traditional security models — Here’s where they fail first

Traditionally, enterprise security operating models operated a fixed and regular cycle: Findings surfaced through periodic scans, security teams triaged results and remediation followed through ticket-based workflows. It was almost an SOP of sorts; the accountability existed, but it was often implicit and fragmented. The remediation would travel across tools, teams and handoffs rather than designed…

Read more →

AI, Global Security News

Google’s TurboQuant cuts AI memory use without losing accuracy

Large language models carry a persistent scaling problem. As context windows grow, the memory required to store key-value (KV) caches expands proportionally, consuming GPU memory and slowing inference. A team at Google Research has developed three compression algorithms: TurboQuant, PolarQuant, and Quantized Johnson-Lindenstrauss (QJL). All three are designed to compress those caches aggressively without degrading…

Read more →

AI, APAC, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Why Prevention Isn’t Enough: Shifting to True Operational Resilience in 2026

As cyber threats grow in sophistication and scale, traditional prevention-first security models are proving insufficient for modern enterprises.  This article examines the evolution toward operational resilience, emphasizing the protection of identity systems, rapid containment, and recovery as essential capabilities. It explores how organizations can adopt an “assume breach” mindset, strengthen identity infrastructure, and build recovery-focused…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Agent-to-Agent Attacks Are Coming: What API Security Teaches Us About Securing AI Systems

AI systems are no longer just isolated models responding to human prompts.  In modern production environments, they are increasingly chained together – delegating tasks, calling tools, and coordinating decisions with limited or no human oversight. Almost all that communication happens through APIs.  This shift offers enormous productivity benefits. But it has also complicated security. Because…

Read more →

Apps, Endpoint, Global Security News, Risk Management

How Exposed Endpoints Increase Risk Across LLM Infrastructure

As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management

AI FOMO: How Pressure to Adopt AI is Outpacing Understanding

AI – or large language models (LLMs) – is introducing new attack surfaces, despite the new capabilities that the technology promises.  The new threats it is introducing, including prompt injection, deepfakes, and alignment risks, are huge security concerns at a strategic level. AI FOMO is driving enterprise adoption before risk mitigation At the Genetec Global…

Read more →

AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Penetration Testing, Risk Management, Security, Security Practices, Risk Management

The hard part of purple teaming starts after detection

In my recent articles for CSO, I’ve talked about the limits of current SOC models and the importance of rehearsal. This time, I want to focus on something that’s becoming increasingly clear: purple teaming has lost its depth. We’ve turned one of the most powerful tools for resilience into a transactional exercise that feels reassuring…

Read more →

AI, Artificial Intelligence, Generative AI, Global Security News, Risk Management

AI chatbots are worse than search engines for medical advice

There is a clear gap between the theoretical medical knowledge of large language models (LLMs) and their practical usefulness for patients, according not a new study from the Oxford Internet Institute and the Nuffield Department of Primary Care Health Sciences at the University of Oxford. The research, conducted in collaboration with MLCommons and other institutions,…

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

Microsoft develops a new scanner to detect hidden backdoors in LLMs

Microsoft has developed a scanner designed to detect backdoors in open-weight AI models, addressing a critical blind spot for enterprises increasingly dependent on third-party LLMs. In a blog post, the company said its research focused on identifying hidden triggers and malicious behaviors embedded during the training or fine-tuning of language models, which can remain dormant…

Read more →