Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account that has been sitting idle for years. Great. The red team feels like it’s found…
Tag: testing
AI, Global Security News
Pointing a Cursor at evading detection
AI accelerated tool development and testing, but humans drove the workflow Categories: Threat Research Tags: AI, EDR
AI, Exploits, Global Security News
Novee’s Agentic Fix turns validated exploits into fixes through AI coding agents
Novee has announced Agentic Fix, an enhancement to its AI penetration testing platform that helps teams move from validating security findings to deploying fixes in a single step. Agentic Fix extends Novee’s platform by generating remediation guidance from the same exploit context used to uncover an issue, then routing that guidance to the AI coding…
Endpoint, Global Security News, Network Security
Microsoft Defender can now automatically isolate hacked endpoints
Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers’ attempts to move laterally across the network. […]
AI, Compliance, Global Security News
Microsoft says it’s making AI ‘safe for work’ in your browser
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik. Agentic AI will help with completing multi-step tasks such as filling in forms, navigating…
AI, Compliance, Global Security News
Microsoft says it’s making AI ‘safe for work’ in your browser
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik. Agentic AI will help with completing multi-step tasks such as filling in forms, navigating…
AI, Global Security News
ASAPP expands adversarial testing for enterprise AI systems
ASAPP has launches Continuous Red Teaming, a new capability that integrates adversarial AI testing directly into ASAPP’s model evaluation framework. The new capability is built on Promptfoo, an AI security platform that helps enterprises detect and address vulnerabilities in AI systems during development. Promptfoo continuously runs automated tests across ASAPP’s AI systems, screening for more…
AI, Apps, Global Security News
SmartBear expands ReadyAPI with AI-powered API testing capabilities
SmartBear has announced ReadyAPI’s new AI test generation capability that accelerates API testing by up to 80% while giving teams control to enable or disable AI. While competitors focus on speed alone, ReadyAPI’s AI test generation capability is architected for quality at scale and addresses the testing gap by aligning validation with development velocity without…
AI, Apps, Compliance, Global Security News
SmartBear Adds AI Test Generation to ReadyAPI
SmartBear is rolling out a new AI-powered testing feature for ReadyAPI to help development teams generate API tests faster without sacrificing control over compliance and software quality. The company announced Monday that ReadyAPI now includes an AI test-generation capability designed to speed up API testing by up to 80%. Software teams turn to AI coding…
AI, Cybersecurity, Global Security News
Lyrie: Open-source autonomous pentesting agent
Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version 3.1.0 this month. The release adds XChaCha20-Poly1305 memory encryption for sensitive…
AI, Compliance, Global Security News
The AI oversight paradox: Is the investment worth the cost of watching it?
Unlike in 2025, when AI adoption and testing drove business strategies, organizations in 2026 want proven ROI before committing budgets, according to a report by Globalization Partners. How global executives characterize their organization’s approach to AI adoption (Source: Globalization Partners) 62% of business leaders said they felt pressure from their organizations to use AI, while…
Apps, Cybersecurity, Data Breaches, Global Security News
Beyond the Checkbox: A Strategic Guide to Software Penetration Testing in 2026
Here is a guide to software penetration testing. Your software has vulnerabilities. The only real question is whether you find them first — or an attacker does. That’s not alarmism. That’s the current state of application security. According to the IBM Cost of a Data Breach Report 2023, the average cost of a data breach in…
AI, APAC, Global Security News
Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks
Aptori has expanded its Runtime-Driven Validation Platform with autonomous offensive testing capabilities to address the growing gap between code output and security team capacity. By moving beyond passive scanning to active validation, the platform helps organizations identify, validate, and fix vulnerabilities at the pace of development. As AI-assisted coding increases development velocity, traditional point-in-time security…
Global Security News
Elon Musk Is an Underdog in His $180 Billion Fight Against OpenAI
The lawsuit seeks to oust Sam Altman and claw back billions, testing legal theories about nonprofit governance.
Global Security News
Testing Rich Text Content
Testing Rich Text Content
AI, Global Security News
You can now test and compare AI models on LinkedIn
LinkedIn is testing a new AI feature, Crosscheck, which allows users to compare several popular AI models directly on the platform. Users enter prompts into Crosscheck and receive two different responses generated by competing AI models from companies such as OpenAI, Anthropic, and Google. After the user selects the best response, the model behind each…
AI, Global Security News, Risk Management
Microsoft is developing Copilot features inspired by Openclaw
Microsoft is testing new features for Microsoft 365 Copilot inspired by the open-source platform Openclaw, according to The Information. The goal is to make the AI assistant more autonomous so it can perform tasks automatically on behalf of the user. The technology behind Openclaw gained popularity earlier this year; it allows users to build AI…
AI, Apps, Compliance, Endpoint, Europe, Exploits, Global Security News, Risk Management
AWS Security Agent on-demand penetration testing now generally available
AWS Security Agent on-demand penetration testing is now generally available, enabling you to run comprehensive security tests across all your applications, not only your most critical ones. This milestone transforms penetration testing from a periodic bottleneck into an on-demand capability that scales with your development velocity across AWS, Azure, GCP, other cloud-providers, and on-premises. With…
AI, Global Security News
Amazon sends AI agents into pen testing and DevOps
Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to 1-2 days. AWS DevOps agent gives teams 3–5x faster incident resolution so they can spend…
AI, APAC, Apps, Compliance, Global Security News, Risk Management
SmartBear Doubles Down on AI Testing, Channel Services
SmartBear is expanding its AI-driven testing capabilities across its platform, positioning channel partners to capitalize on growing demand for quality assurance in AI-powered development environments. The updates, which span API testing, UI automation, and test management, reflect a broader shift in enterprise software development: as AI accelerates code creation, it is also introducing new risks…
AI, Global Security News
Breaking out: Can AI agents escape their sandboxes?
Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the host. The SandboxEscapeBench benchmark, developed by researchers at the University of Oxford and the AI Security Institute, evaluates whether an agent with shell access can escape…
AI, Apps, Exploits, Global Security News, Risk Management
Novee introduces autonomous AI red teaming to hunt LLM vulnerabilities
Novee today introduced AI Red Teaming for LLM Applications for its AI penetration testing platform, designed to uncover security vulnerabilities in LLM-powered applications before attackers can exploit them. Enterprises are deploying AI-enabled software, from customer-facing chatbots to internal copilots and autonomous agents, and security teams are now facing a new class of risks, including prompt…
AI, Global Security News
Hadrian unveils Nova, enabling continuous, AI-powered offensive security testing
Hadrian has announced the launch of its agentic penetration testing solution, Nova. Built as an extension of its core external exposure management platform, Nova delivers on-demand pentesting without the delays or operational disruption typical of human-led engagements. By autonomously replicating the methodologies of offensive security professionals, Nova enables organizations to identify and respond to emerging,…
AI, Global Security News
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated in Android 17 Beta 2, was first reported by Android Authority last week. AAPM was introduced by Google in Android 16, released last year. When…
AI, Cybersecurity, Global Security News
12+ Best VPN For Online Surveys [Tested, Reviewed, And Ranked]
In this post, I will show you the best VPN for online surveys based on real testing. Completing paid online surveys is one means of making money on the internet. You can find these surveys on websites like Swagbucks, InboxDollars, Toluna, Survey Junkie, and Opinion Outpost, to name a few. However, some of these sites…
AI, Apps, Cybersecurity, Global Security News, malware, Risk Management
OpenAI to acquire Promptfoo to strengthen AI agent security testing
OpenAI said it plans to acquire AI testing startup Promptfoo, a move aimed at strengthening security checks for AI agents as enterprises move toward deploying autonomous systems in business workflows. Promptfoo’s tools allow developers to test LLM applications against adversarial prompts, including prompt injection and jailbreak attempts, and to evaluate whether models follow safety and…
AI, Global Security News
Bug bounties are broken, and the best security pros are moving on
Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and contract-based testing models. Why pentesters are frustrated with bug bounty (Source: Cobalt) Many participants prefer contract-based testing over…
AI, Data Breaches, Global Security News
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. […]
AI, Global Security News
BlacksmithAI: Open-source AI-powered penetration testing framework
BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. A multi-agent structure for offensive workflows BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution across specialized agents. Each agent maps to a common penetration testing function. The recon agent…
AI, Exploits, Global Security News, Risk Management
Aikido Infinite introduces continuous, self-remediating AI penetration testing
Aikido Security has unveiled Aikido Infinite, a continuous AI penetration testing solution that autonomously validates and remediates vulnerabilities. Infinite reduces risk with every release by testing software changes as they move through deployment, confirming exploitability, and fixing vulnerabilities within the same workflow. Penetration testing often relies on manual or point-in-time assessments, frequently delivered weeks after…
Global Security News
Japanese chip-testing toolmaker Advantest suffers ransomware attack
Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on February 15, 2026. What happened? Tokyo-based Advantest is a leading manufacturer of automatic test and measurement equipment used in the design and production of semiconductors that used in computers, electronic devices…
Cybersecurity, Global Security News
Leading Semiconductor Supplier Advantest Hit by Ransomware Attack
Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident
AI, Global Security News, Risk Management
Study: AI a Priority for Testing Teams Even as Doubt Remains
Software testing teams are prioritizing AI initiatives, but their willingness to scale adoption depends heavily on accuracy, reliability, and the ability to maintain stable automation as systems evolve, according to new research from test automation vendor Leapwork. The Copenhagen-based company surveyed more than 300 software engineers, QA leaders, and IT decision-makers at large and midsize…
AI, Global Security News
Encrypted RCS messaging support lands in Apple’s iOS 26.4 developer build
Apple is testing end-to-end encrypted Rich Communications Services (RCS) messaging in the iOS 26.4 developer beta. Apple has added end-to-end encrypted RCS messaging to the iOS and iPadOS 26.4 developer beta. The feature, still in testing, will roll out in a future update across iOS, iPadOS, macOS, and watchOS. Apple notes that E2EE is not…
AI, Global Security News
MOS: Open-source modular OS for servers and homelabs
A growing number of homelab builders and small server operators are testing an open source operating system that combines basic server management, storage control, and container services under a web interface. MOS is a free modular OS built on a Devuan base that provides a web UI and API for system monitoring, storage pooling, container…
AI, Global Security News
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and native support for the JSON-based reconnaissance pipelines that define offensive security. Solving a real workflow…
AI, Artificial Intelligence, Global Security News, guide, How To, News, owasp
Picking an AI red teaming vendor is getting harder
Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting engagements to automated testing platforms. Many buyers still struggle to tell whether a vendor can test real-world AI system behavior or only run a packaged set of jailbreak prompts. This…
AI, Apps, Global Security News
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they…