Technology

Evil Token: AI-Enabled Device Code Phishing Campaign

Apr 9, 2026 By Kiran Sethumadhavan In Coralogix

On April 6, 2026, Microsoft Defender Security Research published an advisory detailing a large-scale phishing campaign that leverages the OAuth Device Code Authentication flow to compromise Microsoft 365 accounts across organizations globally. This campaign represents a significant evolution from manual social engineering to fully automated, AI-driven attack infrastructure.

Read Post

Coralogix

Read more about Evil Token: AI-Enabled Device Code Phishing Campaign

AI in the SOC with Joshua Neil

Apr 9, 2026 By LimaCharlie In LimaCharlie

Join us for this week's Defender Fridays as we explore AI in the SOC with Josh Neil, Co-founder of Alpha Level. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

View Video

LimaCharlie

Read more about AI in the SOC with Joshua Neil

Why You Can't Defend Against Prompt Injection

Apr 9, 2026 By Razorthorn Security In Razorthorn

Prompt injection works because language models struggle to tell the difference between trusted instructions and untrusted user content. Unlike SQL injection or cross site scripting, there is no clean deterministic defence, which leaves code, libraries and AI workflows open to manipulation at multiple points.

View Video

Razorthorn

AI
Security

Read more about Why You Can't Defend Against Prompt Injection

Why Companies Keep Putting AI Ahead Of Security

Apr 9, 2026 By Razorthorn Security In Razorthorn

Many organisations are pushing AI adoption at full speed while treating security as something to patch in later. The result is a market full of rapidly deployed models, third party tools and jailbreakable systems where capability gets rewarded first and control gets ignored until damage appears.

View Video

Razorthorn

AI
Security

Read more about Why Companies Keep Putting AI Ahead Of Security

New Data Shows Why Security Teams Can't Keep Up With AI-Driven Attacks

Apr 9, 2026 By Jessica Amado In Seemplicity

AI is changing how attacks happen, and how fast they happen. Seemplicity’s 2026 State of Exposure Management report shows why most security teams aren’t struggling to find risk, but to fix it quickly enough. Based on insights from 300 security leaders, it highlights where remediation breaks down, how AI is being used today, and why execution is becoming the real bottleneck.

Read Post

Seemplicity

Read more about New Data Shows Why Security Teams Can't Keep Up With AI-Driven Attacks

The NVD Funding Crisis Was Bigger Than Mythos

Apr 9, 2026 By Scott Kuffer In Nucleus

Everyone is calling Claude Mythos a watershed moment. I’d like to offer a slightly different take. Not because the capability isn’t real, it is. But if Mythos is the moment that finally convinced your organization that rapid vulnerability discovery is an existential threat, you’ve been watching the wrong thing. We saw this coming. Vulnerability Management has been moving in this direction for years, and we built Nucleus with this trajectory in mind. What surprises me is the surprise.

Read Post

Nucleus

Read more about The NVD Funding Crisis Was Bigger Than Mythos

Inside Kyndryl's AI security strategy with Elastic

Apr 9, 2026 By Elastic In Elastic

In this video, Kyndryl and Elastic discuss how they work together to simplify security, data, and AI systems. They explain how Search AI, Agentic AI, and observability help businesses reduce complexity, improve speed, and manage threats more effectively. Additional Resources.

View Video

Elastic

Read more about Inside Kyndryl's AI security strategy with Elastic

We let OpenClaw loose on an internal network. Here's what it found

Apr 9, 2026 By Ross McKerchar In Sophos

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks In my previous article on OpenClaw I wrote: “Even the most ‘risk-on’ organizations with deep AI and security experience, will likely find it challenging to configure OpenClaw in a way that effectively mitigates the risk of compromise or data loss, while still retaining any productivity value.” The Red Team here at Sophos took that as ‘challenge accepted’, s

Read Post

Sophos

Read more about We let OpenClaw loose on an internal network. Here's what it found

Frontier AI Models Mark a Turning Point for Cybersecurity

Apr 9, 2026 By Dan Schiappa In Arctic Wolf

This week Anthropic announced Project Glasswing, a cybersecurity initiative built around Claude Mythos Preview, an unreleased frontier AI model capable of autonomously discovering and developing exploits for zero-day vulnerabilities across major operating systems and web browsers. According to early details, the model has already identified thousands of critical vulnerabilities that traditional tools have missed for years.

Read Post

Arctic Wolf

Read more about Frontier AI Models Mark a Turning Point for Cybersecurity

When We Use AI To Ship Fast, Secrets Spread Fast

Apr 9, 2026 By Dwayne McDaniel In GitGuardian

The data from this year's State of Secrets Sprawl report shows that AI is not creating a new secrets problem; it is accelerating every condition that already made secrets dangerous.

Read Post