Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds
Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing
Study Finds Standard Safety Tests Miss Most Agentic AI ThreatsResearchers from Stanford, MIT, Carnegie Mellon and others found that most production AI agents are vulnerable to attacks that unfold across multi-step actions. The study warns that memory, tool access and agent coordination create failure modes traditional chatbot safety testing cannot see.
AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds
Economists Say Data Doesn't Support Fear of Widespread Cognitive Job LossU.S. employment data shows no widespread disruption from generative artificial intelligence nearly three years after ChatGPT's debut, say academics from Yale University. But for certain cohorts, especially early-career workers in AI-vulnerable fields, some cracks are emerging.
A study looking into agentic AI browsers has found that these emerging tools are vulnerable to both new and old schemes that could make them interact with malicious pages and prompts. [...]
A new Checkmarx study reveals that AI-generated code now accounts for over 60% of codebases in some companies, much of which contains known vulnerabilities
Researchers Keep Prompts Under WrapsAcademics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advisories, it can exploit unpatched "real-world" vulnerabilities without precise technical information. Researchers said OpenAI asked them not to publish their prompts.
A group of academics has demonstrated novel attacks that leverage Text-to-SQL models to produce malicious code that could enable adversaries to glean sensitive information and stage denial-of-service (DoS) attacks