Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Torq

Grounding the AI SOC: The Context Graph Problem

Jun 10, 2026 By David Melamed In Torq
See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo David Melamed is Head of Emerging Technologies at Torq. He joined through Torq’s acquisition of Jit, which he co-founded and led as CTO since 2020, building agentic security on a production Context Graph. A cloud security veteran with 20+ years of experience, David previously held senior technical roles at Cisco (via the CloudLock acquisition) and MyHeritage.
Read Post

Securing Your AI Agents: Today's New Data Threat

Jun 10, 2026 By Nightfall AI In Nightfall
AI agents are already inside your company - reading files, calling APIs, executing code. Most of them were never approved by security. In this session, Nightfall AI walks through exactly how agents become an attack surface: prompt injection, malicious MCP servers, credential exfiltration, and more.
View Video

Beyond Prevention: Frontier AI and the Shift to Cyber Resilience

Jun 10, 2026 By Bitsight In BitSight
Frontier AI is compressing the time between vulnerability discovery and exploitation, making reactive security strategies harder to sustain. In this webinar, Roland Cloutier (Former CISO of of ByteDance & TikTok, ADP, and EMC) and Gabi Reish discuss how security leaders can move beyond patching everything to prioritize real risk, measure cyber readiness, and communicate security posture to the board.
View Video
cloudflare

Route public traffic to private applications with Cloudflare

Jun 10, 2026 By Enrique Somoza In Cloudflare
For most of the Internet’s history, public and private infrastructure operated as separate worlds. Public applications lived behind content delivery networks (CDNs) and web application firewalls (WAFs). Private applications lived behind virtual private networks (VPNs), firewalls, and separate operational stacks. We think that distinction is becoming obsolete.
Read Post
bitsight

Claude Fable 5 and the New Reality of AI-Enabled Third-Party Risk

Jun 10, 2026 By Emma Stevens In BitSight
Anthropic recently announced the release of Claude Fable 5, a public version of its more powerful Mythos AI model. Technology that was previously only accessible to a select few organizations is now available to businesses at an enterprise level. AI vendors are building the guardrails while threat actors are studying their attack vectors. Essentially, we are giving the keys to the AI world to businesses and hoping the guardrails hold steady. Security teams need to prepare even faster now.
Read Post

Ep. 62 - Zero Trust Breaks Against MCP: Why "Verified" No Longer Means Safe

Jun 10, 2026 By SafeBreach In SafeBreach
Most enterprises assume their Zero Trust architecture covers their AI agents. It doesn't. Hosts Tova Dvorin and Adrian Culley break down why zero trust breaks against the Model Context Protocol (MCP)—and why "verified" no longer means "safe." They unpack trust decay, the WhatsApp and GitHub MCP exploits, rug-pull tool poisoning, CVE-2025-49596, and the rise of "zero standing trust," then close with three moves for CISOs this quarter: inventory your MCP estate, mandate authentication, and validate your controls.
View Video

A Fake MCP Server Just Exposed Your WhatsApp History

Jun 10, 2026 By SafeBreach In SafeBreach
A security researcher introduced a malicious MCP server into an environment that already had a legitimate WhatsApp integration—and watched it silently expose message history without any user approval. The technique is called a rug pull. The server advertised one behavior at installation. On second usage, it switched to something else entirely. The approval was real. The thing you approved was not. This is what trust decay looks like in practice—and it passes every classical security check.
View Video

One Poisoned AI Agent Hijacks Your Entire Pipeline #aiagents #mcp #zerotrust

Jun 10, 2026 By SafeBreach In SafeBreach
In a multi-agent AI workflow, one agent's output becomes the next agent's input. That's the design. It's also the attack surface. Researchers have demonstrated that a single poisoned output can cascade across an entire pipeline — triggering unauthorized behavior, data exfiltration, and control flow hijacking across chained MCP processes. The attack class is called toxic flows. And every one of them passes classical zero trust checks.
View Video
vanta

The Vanta AI Quality Eval Maturity Model

Jun 10, 2026 By Vanta In Vanta
Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.
Read Post
appsentinels

MCP Access Control: How to Enforce Least Privilege Across AI Agent Tool Chains

Jun 10, 2026 By AppSentinels In AppSentinels
When an enterprise deploys an MCP-powered AI agent, such as a coding assistant, a customer workflow automaton, an IT helpdesk bot, something quietly dangerous happens at startup. The agent inherits the full permission set of the application that launched it. If the orchestrating app holds write access to a production database, the MCP agent does too. If it can call financial APIs, trigger deployments, or read HR records, the agent inherits all of that, without ever explicitly being granted those rights.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.