Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI systems treat almost everything as a possible input channel, from PDFs and PowerPoints to text, music and more. Without a real separation between control plane instructions and data plane content, the attack surface keeps growing faster than most security programmes can contain.

Humair from Cloudflare walks through the details of how Cloudflare's AI Security for Apps secures AI-powered applications. Learn how Cloudflare can discover AI/LLM endpoints and detect and mitigate AI-specific threats like PII exposure, unsafe/toxic content, prompt injection and jailbreak. Learn more.

We partnered with Truman to emphasize why a password manager is never a bad idea.

One AI agent didn’t have permission to fix an issue… so it asked another agent with access to do it. Another? It rewrote the security policy to achieve its goal. This isn’t theory. This is happening. George_Kurtz sat down with DivesTech to discuss why AI needs guardrails.

This is SecurityScorecard's Weekly Brief: The Adversary Insights Edition with SecurityScorecard's CISO Steve Cobb. Critical infrastructure security in the U.S. remains an important element of the ongoing conflict between the U.S. and Iran with Iranian-linked threat actors targeting US-based assets. Iranian threat actors have focused their efforts on the fastest methods of attack by searching for what Cobb calls “low hanging fruit” in critical infrastructure environments where many organizations have exposed systems.

Think your iPhone is invincible against viruses? Not so fast! While Apple devices have strong built-in security, they are far from invulnerable to modern cyber threats.

FedRAMP 20x → continuous monitoring. Moving from point-in-time audits to real-time visibility.

AI agents are tireless, highly capable, eager to please, but difficult to manage. George Chamales (CriticalSec) and Josh Rector (Ace of Cloud) unpack the identity and access challenges posed by agentic AI. How do you verify it was the right agent, doing the right action, approved by the right person? How do we bound, constrain, govern agentic behavior? Ultimately, the same frameworks built for human identity and access should be applied to agents.

AI adoption is happening faster than any technology cycle in history. Information security and risk management are being sacrificed for speed and every single technology revolution has followed the same pattern. In this episode of Razorwire Raw, Jim Rees draws on decades of experience through the internet boom, virtualisation revolution and cloud computing adoption to explain what's actually happening with AI right now. Each cycle has been faster than the last, and each time, security gets left behind.

A threat actor reportedly used a prompt injected AI model under the cover of a fake bug bounty story to help compromise government systems and extract large volumes of data. The case shows how jailbroken AI can become an active force multiplier for offensive operations, not merely a productivity tool.