The Real AI Threat Is Blind Trust
AI models left to both interpret and execute commands eliminate critical cybersecurity oversight.
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
Weekly headline count for the current query.
AI models left to both interpret and execute commands eliminate critical cybersecurity oversight.
The White House launched Gold Eagle to coordinate vulnerability response in a new AI world, but multiple questions linger over how it's being implemented.
Google Cloud incorporates key Wiz capabilities into an agentic defense platform to automate threat detection and remediation against AI attacks.
Agentic artificial intelligence is creating enough risks for organizations to demand a security reframe.
Artificial intelligence and LLMs can be surprisingly ineffective against text salting, allowing phishing emails to slide right into your inbox.
The US government's restrictions on Anthropic and OpenAI frontier models have intensified calls in the UK and other countries to reduce their reliance on US tech companies, with significant cyber implications.
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Cutting-edge artificial intelligence models are deploying with more independence and less human oversight. Several state governments are trying to legislate transparency in their use.
Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks.
In some companies, engineers are building defense and attack tools to test the potential of artificial intelligence for cybersecurity — and its threat.
An open source, AI-driven system adopts victim personas to engage with phishing attackers, allowing organizations and law enforcement to gather relevant data on cybercriminal operations.
Cutting-edge artificial intelligence models are deploying with more independence and less human oversight. Several state governments are trying to legislate transparency in their use.
AI coding tools cost $19-$200/month/user, but security scanning, remediation, and false positives add hidden costs. Are the productivity gains worth it?
If you're handling AI agents like a service account or API token, consider yourself behind. AI agents need a fundamentally different approach.
A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data.
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
The world's digital testing ground plans to help people use AI agents for government purposes.
Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a fresh look at their AI Infrastructure security.
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open source software supply chain.