Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

jfrog

How to Detect and Eliminate Shadow AI in 5 Steps

Dec 17, 2025 By Or Cohen Naznin In JFrog
The pressure to integrate AI is immense. Your developers need to move fast, and they’re finding ways to get the job done. But this rush for innovation often happens outside of established governance, creating a sprawling, invisible risk known as Shadow AI. To secure your organization, you must first understand what Shadow AI actually is. It’s not just a developer downloading a file to their laptop. Shadow AI is the totality of unmanaged AI assets within your supply chain.
Read Post
sentrium

DeepChat AI agent XSS-to-RCE via Mermaid and Electron IPC

Dec 17, 2025 By Theklis Stefani In Sentrium
In December 2025, a critical remote code execution vulnerability was disclosed in DeepChat, an open-source desktop AI agent platform built using Electron. The issue, tracked as CVE-2025-67744, affects all DeepChat versions prior to 0.5.3 and carries a CVSS score of 9.6. The vulnerability arises from the interaction between two separate weaknesses. The first allows attacker-controlled JavaScript execution through unsafe rendering of Mermaid diagrams.
Read Post
cato networks

AIOps in the Cato SASE Platform: Using Predictive AI Networking to Shift from Reactive to Proactive IT

Dec 17, 2025 By Dr. Guy Waizel In Cato Networks
It was a quiet Monday morning until John, head of IT, opened his laptop and saw 424 new support tickets. Users across the office were reporting issues like “apps won’t load” and “internet not working.” After hours of investigation that stretched into the next day, the team traced the problem to a branch router overwhelmed by malformed DNS queries from a misbehaving IoT device.
Read Post
salt security

The 12 Months of Innovation: How Salt Security Helped Rewrite API & AI Security in 2025

Dec 17, 2025 By Eric Schwake In Salt Security
As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific – the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep up. At Salt Security, we spent 2025 focused on one thing: defending the API action layer where AI, applications, and data intersect.
Read Post

Building a Real-Time Multiplayer Chess Game Inside ChatGPT (Agents SDK)

Dec 17, 2025 By Cloudflare In Cloudflare
In this clip from This Week in NET, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess game running inside ChatGPT, built with the Agents SDK and Cloudflare Workers. Beyond the demo, we talk about what developers can build today with AI agents — and why, given the pace of innovation, it’s genuinely hard to predict what applications and experiences will emerge in 2026.
View Video
sumologic

The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Dec 17, 2025 By Oren Shevach In Sumo Logic
For years, security teams have dealt with the challenges of alert fatigue, endless tools and data sources, and constant context switching. But, so far, we haven’t been able to significantly improve it with traditional tools. However, new agentic approaches can start providing improved gains. This begins to change the way SOC teams operate and approach managing their talent.
Read Post
Exploring The Future Of AI In Cybersecurity Penetration Testing

Exploring The Future Of AI In Cybersecurity Penetration Testing

Dec 17, 2025 By SecuritySenses In SecuritySenses
In recent years, the role of Artificial Intelligence (AI) in various fields has grown tremendously, and cybersecurity is no exception. As cyber threats evolve in complexity, the need for innovative solutions like AI-driven penetration testing becomes more crucial. AI has the potential to revolutionize how businesses approach security, making penetration testing faster, more accurate, and more effective. This article delves into the increasing role of AI in cybersecurity, particularly in penetration testing, exploring its benefits, challenges, and future implications.
Read Post
link11

Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026

Dec 16, 2025 By Link11
Link11 releases new insights outlining five key cybersecurity developments expected to influence how organizations across Europe prepare for and respond to threats in 2026. The findings are based on analysis of current threat activity, industry research, and insights from the Link11 European Cyber Report, alongside broader market indicators such as PwC's Global Digital Trust Insights 2026.
Read Post
sumologic

Questions to ask before vetting an AI agent for your SOC

Dec 16, 2025 By Margaret Selid In Sumo Logic
So you’re ready to “hire” an agent or two for security operations. While AI agents won’t replace your human analysts, they are quickly becoming indispensable team members. Choosing the right ones should resemble a typical hiring process: you need to determine if they possess the necessary skills to fill your team’s gaps, work effectively with others, and grow with your organization. Here are five questions worth asking before you bring an AI agent on board in your SOC.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.