Technology

When Agentic AI Becomes an Attack Surface: What the Ask Gordon Incident Reveals

Dec 23, 2025 By Gabriel Avner In Apono

Pillar Security’s recent analysis of Docker’s Agentic AI assistant, Ask Gordon, offers an early glimpse into the security challenges organizations will face as AI systems begin operating inside the development stack. Their researchers discovered that a single poisoned line of Docker Hub metadata caused the agent to run privileged tool calls and quietly exfiltrate internal data.

Read Post

Apono

Read more about When Agentic AI Becomes an Attack Surface: What the Ask Gordon Incident Reveals

Bots vs. Barcodes: The Resource Quota Failure. #ticketmaster #bla #ratelimiting #businesslogic

Dec 23, 2025 By Wallarm In Wallarm

The infamous Ticketmaster case highlights BLA 1: Resource Quota Violation. Attackers used bots for mass purchasing and employed ingenious evasion: they reverse-engineered the barcoding logic to rotate and authenticate tokens, bypassing security controls. The core failure? Flawed rate limiting and business logic expiration. You must protect your inventory and your purchasing flows as if they were financial assets.

View Video

Wallarm

API
Security

Read more about Bots vs. Barcodes: The Resource Quota Failure. #ticketmaster #bla #ratelimiting #businesslogic

Unlocking AI's Potential: Network Trends and Challenges

Dec 23, 2025 By Brad Gerlach In 11:11 Systems

Artificial intelligence is no longer just an overused buzzword; it’s a fundamental shift in how businesses operate. The Architects of AI were just named as Time’s person of the year for 2025. From generative AI creating code to machine learning algorithms optimizing supply chains, the demand for AI is reshaping the technology landscape. But here’s the thing: all that computational power is useless if your data can’t move fast enough.

Read Post

11:11 Systems

Read more about Unlocking AI's Potential: Network Trends and Challenges

A CISO's Honest Take on Regulation

Dec 23, 2025 By Cloudflare In Cloudflare

Cybercriminals don't care about borders. So why do we have 12 different regulatory frameworks for the same threat? Olivier Busolini, Group Head of Information Security at Mashreq Bank, voiced the frustration every global CISO feels: "In every country, I have 12 countries at Mashreq. In every country, there is a slightly different or sometimes vastly different requirement that I have to abide to.".

View Video

Cloudflare

Read more about A CISO's Honest Take on Regulation

Vibe check your vibe code: Adding human judgment to AI-driven development

Dec 23, 2025 By Matt Barker In CyberArk

Remember when open meant visible? When a bug in open-source code left breadcrumbs you could audit? When you could trace commits, contributors, timestamps, even heated 2:13 a.m. debates on tabs versus spaces? That kind of openness created confidence in the code and made it possible to hold contributors accountable when issues arose. Today, as AI changes how code is created and shared, those familiar markers of trust and transparency are becoming harder to find.

Read Post

CyberArk

Read more about Vibe check your vibe code: Adding human judgment to AI-driven development

Ensuring API Testing Meets Compliance: Policies, Performance, and Proof

Dec 23, 2025 By Rucha Wele In Appknox

APIs sit at the center of modern applications. They move data between systems, power mobile apps, and enable integrations at scale. Naturally, they are also a focal point for regulators, auditors, and attackers. Most organizations today do test their APIs. Yet many still struggle during audits. Not because testing didn’t happen, but because it wasn’t consistent, governed, or provable. Compliance frameworks don’t ask whether you ran an API scan.

Read Post

Appknox

Read more about Ensuring API Testing Meets Compliance: Policies, Performance, and Proof

Best Practices for Enterprise macOS Security: Tools, Techniques, and Detection Strategies

Dec 23, 2025 By SecuritySenses In SecuritySenses

macOS data is increasingly targeted by hackers due to the sensitive information that Macs hold. Users require strong Mac cybersecurity measures to protect themselves from attacks. Combining Mac's built-in security features with third-party solutions provides hardened protection and continuous detection. Endpoint security for Mac best practices improve your enterprise macOS security. Implement secure configurations, effective device management, and real-time detection for advanced protection. Using a multi-protection strategy increases recovery speed and reduces the attack surface.

Read Post

SecuritySenses

Read more about Best Practices for Enterprise macOS Security: Tools, Techniques, and Detection Strategies

AI Transforms Cyber Threats - New Prevention Strategies Emerge #cybersecurity #cybersecuritycompany

Dec 22, 2025 By Astra Security In Astra

View Video

Astra

AI
Security

Read more about AI Transforms Cyber Threats - New Prevention Strategies Emerge #cybersecurity #cybersecuritycompany

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Dec 22, 2025 By Wallarm In Wallarm

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not!

Read Post

Wallarm

Read more about From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Asymmetric Data: The New Challenge for API Security

Dec 22, 2025 By A10 Networks In A10 Networks

Asymmetric Data: The New Challenge for API Security In this A10 Networks video, "APIs are the Language of AI: Protecting Them is Critical," security experts Jamison Utter and Carlo Alpuerto discuss the unique challenges of securing AI-driven data exchanges. Unlike traditional API interactions—where a request for a video clearly results in a video—AI interactions are defined by a "phenomenal" level of asymmetry. A tiny text request can trigger a massive, unpredictable response, making traditional security prediction models nearly obsolete.

View Video