GitLost Exposes Agentic AI Data Exfiltration Risks
GitLost shows how prompt injection can turn AI agents into data exfiltration tools by abusing legitimate permissions and trusted workflows.
GitLost shows how prompt injection can turn AI agents into data exfiltration tools by abusing legitimate permissions and trusted workflows.
Cybersecurity pioneer Chris Wysopal argues that awareness campaigns have failed and that software liability and accountability are needed to improve security.
Chris Wysopal warns that buying security tools without fixing vulnerabilities creates activity, not risk reduction.
AI uncovered seven FatFs flaws affecting embedded devices. The challenge now is patching millions of systems with no easy fix.
CYBR.SEC.CON. didn't replace HOU.SEC.CON. It grew from it, expanding from a Houston conference into a national cybersecurity event. (Includes infographic)
New research from NowSecure finds AI is now embedded in 95% of enterprise mobile apps, but more than one-third of organizations lack visibility into how those systems operate, even as mobile security incidents and third-party software risks continue to rise.
Security awareness training isn't stopping breaches. Learn why human behavior matters and what security teams should do next. (Includes infographic)
Modern phishing attacks bypass traditional email gateways. Learn why identity, behavior, and post-delivery security matter. (Sponsored by Abnormal AI)
Attackers and defenders are both using AI. Learn why email security now depends on speed, context, and adaptive detection. (Sponsored by Abnormal AI)
With 48,000+ CVEs published annually, the challenge isn't volume. It's finding the vulnerabilities attackers will actually exploit.
A new White House executive order sets hard deadlines for federal agencies to migrate to post-quantum cryptography by 2030 and 2031 and extends those obligations to contractors through new procurement rules. (includes infographic)
Fresh analysis suggests FortiBleed is not merely a Fortinet credential exposure event but a large-scale identity compromise campaign that turns perimeter devices into launchpads for deeper attacks against Active Directory, LDAP, and internal enterprise infrastructure.
Chatbots created data leakage concerns. Agentic AI introduces autonomous action, persistent context, and delegated decision-making, creating a new category of security and governance challenges that most organizations are only beginning to understand. (Sponsored by Harmonic Security)
Security teams can't govern AI they can't see. As employees adopt hundreds of AI tools, agents, and assistants, a new challenge is emerging: understanding how AI is being used inside the enterprise. (Sponsored by Harmonic Security)
CISA's BOD 26-04 tells federal agencies how fast to patch. It's quietly telling everyone else the same thing: through insurance underwriting, vendor contracts, and regulatory alignment.
The agency’s new directive replaces blunt severity-driven remediation with a four-factor risk model built around internet exposure, known exploitation, automatability and system control.