Security news aggregator

Latest coverage for Artificial Intelligence

Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.

75 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.

AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.

Showing 20 most recent headlines of 75 Filtered view

A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers. [...]

Apple Sues OpenAI Over Al Alleged Trade Secret TheftApple accused OpenAI of building its secretive new device with stolen trade secrets in a lawsuit demanding monetary damages and the return of stolen intellectual property. OpenAI's nascent hardware is "rotten to its core by its illegal reliance on misappropriated trade secrets," Apple alleged.

SaaS Observability Vendor Adds Real-Time Network Flow Telemetry to DNS IntelligenceInfoblox plans to acquire San Francisco-based network observability specialist Kentik to combine DNS, DHCP, asset intelligence and real-time network flow telemetry into a unified platform designed to help enterprises manage increasingly complex hybrid cloud and AI-driven environments.

Also: Oracle Suit Points to AI Revenue Forecasting Risk; the AI Sovereignty PushIn this week's panel, four editors discussed the growing role of artificial intelligence in U.S. federal government cybersecurity, Oracle's investor lawsuit over its projected cloud sales to frontier AI lab OpenAI and what AI sovereignty means for enterprises.

Business Associates Tied to 50% of Breach Victims as AI-Aided Attacks LoomVendor incidents and hacks, especially data thefts and ransomware attacks, continue to plague the healthcare sector, accounting for the majority of major data breaches reported so far this year. The advent of AI tools in the hands of bad actors, will only heighten the threats, experts predict.

Peter Justen of AmeriTrust on How Data Integrity Affects Benefits AdministrationArtificial intelligence is transforming healthcare and government benefits administration, but organizations must strengthen data quality and operational processes before expecting meaningful results, said Peter Justen, founder and CEO at AmeriTrust Solutions.

Bank Info Security 1 week, 1 day ago

AI Coding Tools Can Fake Approval Prompts

Old Unix Symlink Trick Lets Malicious Code Bypass User ChecksWiz researchers found that six popular AI coding assistants can be tricked into modifying sensitive files, including SSH keys, while their approval prompts display a harmless filename. The GhostApproval technique exploits a decades-old Unix symlink behavior to mislead users.

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution on the host

AI agents are accelerating the growth of non-human identities, making it harder for organizations to understand what exists, who owns it, and what it can access. Netwrix explains why stronger visibility and identity governance are essential as AI expands the enterprise attack surface. [...]

Bank Info Security 1 week, 1 day ago

How AI Raises Stakes for Rural Hospital Security Teams

Duncan Regional CIO Roger Neal on Bolstering Cyber Defenses as AI Threats GrowRural healthcare providers face growing security pressures as AI tools speed up attacks and strain limited resources. Duncan Regional Hospital CIO Roger Neal discusses how stronger network segmentation, governance and third-party partnerships help protect patient data and medical systems.

Bank Info Security 1 week, 1 day ago

Breach Roundup: Hush, Don't Talk About the Data Breach

Also, 23andMe Breach Settlement, GitHub AI Flaw, Ubiquiti Patches Critical BugsThis week, hidden breaches, researchers exposed a GitHub AI agent flaw, an Ubiquiti critical flaw, a ColdFusion flaw, a growing Chinese ORB, U.K. government FortiBleed exposure, 23andMe victims get $46.75 million, 3.8 million affected by Medtronic breach and Cerner's 2025 victim count went up.

Loading more headlines...