Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Generative AI is no longer emerging. It is already embedded in how businesses work. From content creation and research to customer support and internal productivity, AI tools are rapidly becoming part of everyday workflows across SMBs and the MSPs that serve them. But this shift comes with a hard reality: As GenAI adoption accelerates, so do the risks.

Threat actors are abusing agentic AI automation platforms to deliver malware and send phishing emails, according to researchers at Cisco Talos. The researchers observed attackers using n8n, a legitimate platform that automates workflows in web apps and services like Slack, GitHub, Google Sheets, and others.

Complexity has become a defining security challenge as organizations expand across hybrid and multi-cloud environments. In fact, 52% of surveyed organizations ranked multi/hybrid cloud complexity among their top three infrastructure concerns.1 This complexity creates fragmented visibility across cloud providers, workloads, and Kubernetes environments — gaps that adversaries increasingly exploit to move undetected.

Many modern cloud security challenges come down to visibility. The complexity of modern environments, the deluge of alerts, and the lack of relevant context make it difficult for security teams to identify and prioritize threats — and easy for adversaries to slip through undetected.

Amazon SageMaker accelerates the process of training and deploying machine learning models. However, as AI adoption scales from individual experiments to enterprise-wide production, the focus of leading Fortune 500 software development operations and security teams must shift from pure velocity to governance.

User and entity behavior analytics (UEBA) is a cybersecurity technology that uses machine learning and risk scoring to detect threats by analyzing user and entity behavior patterns. UEBA establishes behavioral baselines for users, devices, and applications, then identifies anomalies that may indicate insider threats, compromised accounts, or advanced attacks that traditional security tools miss.

Every MSSP is fielding the same question from clients right now:"Are we safe with AI?" Most are answering with some version of"yes, we're logging everything." In a recent Defender Fridays episode, Saurabh Shintre, Founder and CEO of Realm Labs drew a hard line between these two concepts."You can log prompt and response and this bare minimum you have to do.

Managed Detection and Response (MDR) has become a foundational component of modern security programs. As attack surfaces expand and adversaries move faster, organizations increasingly rely on external providers to monitor, detect, and respond to threats around the clock. But not all MDR is created equal. The difference isn’t just tooling, staffing, or service-level promises. It comes down to the quality - and ownership - of the threat intelligence that powers detection.

Last week, researchers at OX Security published findings that should stop every security leader in their tracks. They discovered a critical vulnerability baked directly into Anthropic's Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access to sensitive user data, internal databases, API keys, and chat histories. Over 7,000 publicly accessible servers.

Choosing a Threat Intelligence Platform? Discover the 5 key questions CISOs should ask before investing in threat intelligence software, tools, and services.