Infosec stories - Page 8

Delinea warns that rapid AI rollout is eroding identity controls, leaving machine accounts exposed and widening security blind spots.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Rapid7's Exposure Command now adds runtime validation and DSPM to rank real attack paths in hybrid and multi-cloud environments.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Security flaws in 17 AI companion apps used by 150m people could expose intimate chats, photos and voice messages to attackers.

Cohesity bakes Sophos malware scanning into its Data Cloud to spot hidden threats in backups and cut reinfection risk during recovery.

Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.

Versa teams with Intel on AI at the edge, debuts a secure enterprise browser and launches inbound SSE to protect internet-facing apps.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

Token Security launches intent-based controls to govern AI agents' access by purpose, aiming to curb over-privileged, autonomous system behaviour.

Coalfire's new DivisionHex service hunts shadow AI and rogue agents as most firms report AI-driven security incidents without proper oversight.

World Backup Day now warns boards that backup is no mere IT chore, but a frontline defence against ransomware targeting recovery itself.

North Korean IT workers using Western collaborators and fake identities are infiltrating remote jobs to funnel foreign salaries home.

Lineaje launches UnifAI, a security and governance layer to centralise control, discovery and policy for enterprise agentic AI deployments.

Agentic AI promises effortless digital delegation, but its admin-level access to data and systems creates profound privacy and security risks.

OXIL unveils a safeguarding-based blueprint to fight online scams, shifting responsibility from individuals to coordinated organisational action.

HackerOne launches live Agentic Prompt Injection Testing to expose real-world AI exploit paths as prompt injection threats surge 540%.

UiPath and Microsoft have unveiled a new security automation link to detect, investigate and respond to threats in automated workflows.

Dropzone launches AI Threat Hunter to compress 40-hour manual threat hunts into 90 minutes, promising 24/7 autonomous SOC coverage by 2026.

Rubrik launches MSP PayGo, 24/7 ransomware response and a new tiered partner model, eyeing booming demand for data protection services.