Artificial Intelligence

AI/ML

Microsoft touts bug finds from Security Copilot

Twenty bugs in GRUB2, U-boot and Barebox were found in an AI-assisted process.

Application security

Avoiding Appsec’s Worst Practices – ASW #324

We take advantage of April Fools to look at some of appsec's myths, mistakes, and behaviors that lead to bad practices. It's easy to get trapped in a status quo of chasing CVEs or discussing which direction to shift security. But scrutinizing decimal points in CVSS scores or rearranging tools misses the opportunity for more strategic thinking. We s...

Government Regulations

The toughest decisions CISOs have to make, MCP servers, Napster’s comeback – ESW #400

In this week's enterprise security news, Big funding for Island Is DLP finally getting disrupted? By something that works? We learn all about Model Context Protocol servers Integrating SSO and SSH! Do we have too many cybersecurity regulations? Toxic cybersecurity workplaces Napster makes a comeback this week, we’ve got 50% less AI and 50% more ...

Security Operations

New research reveals flaws in security team performance metrics

IDC's survey of 900 security leaders reveals widespread use of volume-based metrics for team performance. How do we shift from measuring activity to measuring true impact?

Data protection, binary code with European Union flag

Governance, Risk and Compliance

EU plans €1.3 billion to boost continent’s cybersecurity, AI skills

Program's aim is Europe's digital transformation via €8.1 billion investment from 2023-2027.

Vulnerability Management

Mrtentacle, Morphing Meerkat, Tor, VMWare, Waymo, Oracle, Aaran Leyland, and more… – SWN #463

Mrtentacle, Morphing Meerkat, Tor, VMWare, Waymo, Oracle, Aaran Leyland, and More, on this edition of the Security Weekly News.

Privacy concept: computer keyboard with Key icon and word Phishing on enter button background, 3d render

AI/ML

AI-enabled phishing and fake worker attacks on the rise

Advances in AI are leading to phishing attacks that are more prolific and convincing to end users.

Businessman holding mobile phone which on the top of phone has upload and download cloud space computer.Technology and data information transfer concept.

Cloud Security

How to plan your cloud migration with security in mind

To protect your cloud-based assets, your organization must consider security and compliance when planning your cloud migration journey.

Vulnerability Management

SignalGate and How Not To Protect Secrets – PSW #867

How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you he...

Username Login Password Page - Data protection Concept, Cyber security. 3d rendering

Identity

Atlantis AIO tool automates credential stuffing across 140 platforms

New tool can test millions of stolen credentials with minimal effort to run account takeovers.

Related Events

Microsoft Copilot Oversharing: A Framework for Assessing and Remediating

Leveraging AI and Public Data to Gain Control Over Third-Party Risk

AI and AppSec: How to avoid insecure AI-generated code

Perspectives

CIOs and CISOs need a common strategy around AI copilots

AI promises to create a ‘SIEM Renaissance’ in the SOC

DeepSeek breach yet again sheds light on AI dangers

Briefs

Over half of web traffic is bot-generated, report says

Cyber threats against software supply chain fueled by AI

AI-powered agents bolster Microsoft’s security capabilities