Critical Copilot vulnerability allowed hackers to seal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them

Chainguard isn't the only one seeking to secure open-source code with AI.

85% of IT teams claim every AI agent is under control. Only 42% actually know who owns them.

New Ivanti research finds 85% of IT teams claim every AI agent has a named owner — only 42% say ownership is actually clear.
Microsoft

Microsoft Defender email security benchmarking: Key insights from one year of data

See how Microsoft Defender performed in one year of real-world email security benchmarking against SEG and ICES vendors.

Attackers scale deception with AI. Defenders need truth at machine speed.

For years, enterprises treated security platforms, SIEMs, and data lakes as passive repositories: places to store data for ...

Anthropic’s safety warnings may have just backfired — the government has pulled the plug on its most powerful AI

Anthropic isn't hiding its frustration. "We disagree that the finding of a narrow potential jailbreak should be cause for ...

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and ...

CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways

CISA’s LiteLLM warning shows why AI gateways and agents need service account governance, scoped access, credential rotation, ...
techtimes

Ivanti Sentry Actively Exploited: CVSS 10.0 Flaw Backdoors Enterprise Mobile Gateways

Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...
The Hacker News

AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.

For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward ...
csis.org

AI-Driven Code Analysis: What Claude Code Security Can—and Can’t—Do

Q1: How does Claude Code Security function—and how does it differ from traditional static application security testing (SAST)? A1: Conventional rule-based static analysis uses pattern matching, ...
CBS News

Social Security trust fund could run dry earlier than expected, analysis finds

Social Security's main trust fund could be depleted a year earlier than expected, according to a projection from the Congressional Budget Office (CBO) released earlier this month. The CBO forecasts ...