Security news aggregator

Latest coverage for Artificial Intelligence

Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.

70 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.

AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.

Showing 20 most recent headlines of 70 Filtered view

Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate response workflows. [...]

Microsoft Security Research 4 weeks, 1 day ago

AutoJack: How a single page can RCE the host running your AI agent

AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers can trigger arbitrary process execution through AutoGen Studio’s MCP WebSocket. The research highlights a broader pattern - when agents can browse untrusted content and access local services, traditional boundaries like localhost are no longer secure. The post AutoJack: How a single page can RCE the host running your AI agent  appeared first on Microsoft Security Blog.

Bank Info Security 4 weeks, 1 day ago

AI Inherits People's Permissions but Not Judgment

Your Controls Assume a Human Is Acting on the Data Being Accessed. But AI Isn't HumanAI is exposing a blind spot in enterprise security: Controls built for humans don't work on agents that never pause, filter or apply judgment. New CISO research shows many organizations can't track what AI is accessing - turning existing data gaps into machine-speed risk.

Understand Agentic AI Risks and Secure All MCP DeploymentsMCP has rapidly become the connective tissue of the agentic AI era and the standard for connecting AI agents to enterprise systems. But it also introduces new attack vectors, from tool poisoning to prompt injection. Here are six ways to reduce the risk.

Bank Info Security 4 weeks, 1 day ago

JPMorgan Pulls Anthropic Claude Access in Hong Kong

Restrictions Highlight Growing U.S.-China AI Security TensionsJPMorgan Chase removed Anthropic's Claude models from its approved AI platform for employees in Hong Kong, following restrictions tied to Greater China access rules and underscoring how U.S. export controls and geopolitical concerns are reshaping enterprise AI adoption in global financial markets.

The consulting giant’s majority stake in Dragos, along with the purchase runZero and NetRise, marks its first major push into operational technology software as AI-driven threats to critical infrastructure intensify. The post Accenture shells out $4.18B on three companies in big industrial cybersecurity push appeared first on CyberScoop.

Loading more headlines...