Gemini Picks up Criminal Activity Buried in Dark Web Noise
Google has launched a dark‑web intelligence feature within Google Threat Intelligence, powered by its Gemini AI model. The service scans millions of dark‑web events daily and automatically builds a profile of an organization’s operations, adjusting as business parameters change. By correlating revenue, geography, and system types, the tool can link ambiguous threat chatter to specific enterprises, reducing reliance on manual keyword lists. Analysts receive context‑rich alerts that highlight potential compromises before credentials are sold on underground markets.
Akamai Brand Guardian Detects and Removes AI-Driven Brand Impersonation
Akamai launched Brand Guardian, an AI‑driven evolution of its Brand Protector service, to automatically detect and remove fraudulent websites that impersonate brands. Scammers now use generative AI to create convincing fake digital assets in seconds, outpacing manual detection methods. Brand...
Njordium AI Blocks Fake Invoices and Fraudulent Payments
Njordium Cyber Group unveiled an AI‑driven Fraud Detection Module integrated into its new Vendor Management System, instantly flagging fake invoices, phantom services and abnormal pricing. The self‑learning engine extracts data from PDFs, OCR scans, Excel, XML and email, routing high‑confidence...
Microsoft Hands Entra ID Users New Option for MFA
Microsoft has made External MFA for Entra ID generally available, leveraging the OpenID Connect standard to let organizations integrate third‑party MFA solutions while retaining Conditional Access controls. The feature appears as an external authentication method that admins can assign to...
Anthropic Trims Action Approval Loop, Lets Claude Code Make the Call
Anthropic introduced Auto mode for Claude Code, allowing the AI to approve routine file writes and shell commands without constant user confirmation. The feature, initially limited to Team plans and requiring admin enablement, runs on the latest Claude Sonnet 4.6...
Codenotary Introduces AgentX for Autonomous Linux Infrastructure Security
Codenotary unveiled AgentX, an autonomous platform that uses coordinated AI agents to manage, secure, and protect large‑scale Linux infrastructure across cloud and on‑premises environments. The solution automates configuration reviews, policy enforcement, and remediation while preserving full administrator control through zero‑trust...
The AI Safety Conversation Is Focused on the Wrong Layer
Enterprises are grappling with fragmented identity systems that were designed for human users, but AI agents operate at machine speed, exposing critical security gaps. Ev Kontsevoy, CEO of Teleport, argues that the real problem is the lack of a unified...
Mimecast Expands Incydr with Runtime Data Security for AI and Human Risk
Mimecast announced a major upgrade to its Incydr platform, adding runtime data security that monitors both human users and AI agents across endpoints, browsers, SaaS apps, and email. The new features provide unified visibility, shadow‑AI detection, adaptive risk scoring and...
Novee Introduces Autonomous AI Red Teaming to Hunt LLM Vulnerabilities
Novee unveiled an autonomous AI red‑team agent designed to probe large language model (LLM) applications for security flaws. The platform continuously simulates sophisticated attack scenarios such as prompt injection, jailbreaks, and data exfiltration, delivering detailed vulnerability assessments and remediation guidance....
Detectify Uncovers Hidden Assets and Risks Across Entire IP Ranges
Detectify has introduced IP Range Scanning, a service that continuously discovers and monitors entire CIDR blocks to surface forgotten assets and hidden risks. The tool goes beyond traditional domain‑focused scanners by detecting services on non‑standard ports and exposing high‑risk databases...
32% of Top-Exploited Vulnerabilities Are over a Decade Old
Cisco Talos’s 2025 Year in Review shows exploitation timelines are compressing: newly disclosed flaws like React2Shell are weaponized within weeks, while 32% of the top‑targeted vulnerabilities are over a decade old, exemplified by the lingering abuse of Log4Shell. Attackers favor...
Microsoft Details AI Prompt Abuse Techniques Targeting AI Assistants
Microsoft released a detailed guide on AI prompt abuse, outlining how crafted inputs can manipulate large language models to bypass safety controls and expose sensitive data. The guide categorizes attacks into direct prompt overrides, extractive abuse, and indirect injection via...
Proofpoint Unifies Email, Data, and AI Security to Reduce Enterprise Blind Spots
Proofpoint introduced a unified security platform that merges its Secure Email Gateway with API‑based protection, adds AI‑driven data access governance, and extends AI‑native DSPM to on‑premises environments. The integrated architecture shares threat intelligence and behavioral signals across inbound, outbound, and...
Zero Networks Kubernetes Access Matrix Exposes Hidden Access Paths and Blast Radius
Zero Networks introduced the Kubernetes Access Matrix, a real‑time visual map that displays every allowed and denied network rule inside Kubernetes clusters. The tool automatically discovers existing network policies and presents namespace‑to‑namespace, application‑to‑application, and workload‑to‑workload connections in a single matrix....
Booz Allen’s Vellox Brings AI Vs. AI Defense to Protect Critical Infrastructure and National Security
Booz Allen Hamilton unveiled Vellox, an AI‑native cyber‑defense suite designed to counter AI‑driven attacks that now breach enterprises in minutes. The company’s threat report shows breach dwell time fell below 30 minutes in 2025, with some incidents resolved in seconds....
Your AI Agents Are Moving Sensitive Data. Do You Know Where?
In a Help Net Security interview, Bonfy.AI CEO Gidi Cohen warns that the greatest threat from autonomous AI agents is data‑layer risk, not traditional prompt‑injection attacks. He outlines Bonfy's three‑pronged approach: controlling grounding data, monitoring content across tool calls and...
Plumber: Open-Source Scanner of GitLab CI/CD Pipelines for Compliance Gaps
Plumber is an open‑source Go tool that scans GitLab CI/CD pipelines for compliance gaps such as mutable container tags, unprotected branches, and outdated templates. It reads the .gitlab-ci.yml file and queries the GitLab API, offering eight configurable controls via a...
NIST Updates Its DNS Security Guidance for the First Time in over a Decade
NIST released SP 800‑81r3, the first major update to its Secure Domain Name System Deployment Guide in over twelve years. The revision emphasizes protective DNS, encrypted DNS protocols (DoT, DoH, DoQ), and modern DNSSEC algorithms such as ECDSA and Ed25519. It...
Rapid7 Enhances Exposure Command with Runtime Validation and DSPM for Risk Analysis
Rapid7 has added runtime validation and Data Security Posture Management (DSPM) to its Exposure Command platform, turning continuous assessment into continuous validation. The new features use eBPF‑based sensors and AI to identify which cloud vulnerabilities and misconfigurations are actively exploitable...
Semgrep Multimodal Brings AI Reasoning and Rule-Based Analysis to Code Security
Semgrep unveiled Multimodal, a hybrid system that merges its deterministic Pro engine with large‑language‑model reasoning to boost code‑security detection. The solution claims up to eight times more true positives and a 50% reduction in noise compared with LLM‑only scans, already...
ConductorOne Unveils AI Access Management to Accelerate Secure, Compliant AI Adoption
ConductorOne launched AI Access Management, a unified control plane that governs access to AI tools, agents, and managed connectivity points across enterprises. The solution lets employees request AI services and be provisioned in under 60 seconds while IT retains full...
Bonfy ACS 2.0 Helps Organizations Control Data Use in AI Environments
Bonfy.AI unveiled Bonfy Adaptive Content Security (ACS) 2.0, a platform that extends enterprise data protection to AI agents, copilots, and generative applications across cloud, SaaS, and on‑premises environments. The solution adds real‑time, context‑aware controls—including a data‑in‑use guardrail, browser extension for...
Dropzone AI Releases Autonomous Threat Hunting Agent for Continuous SOC Detection
Dropzone AI unveiled its AI Threat Hunter, an autonomous agent that conducts continuous threat‑hunting across an organization’s security stack. The tool offers one‑click access to 250+ pre‑built hunt packs or custom objectives, completing federated searches in 60‑90 minutes that would...
Backslash Adds Cross-Product Support to Secure AI Skills in Developer Environments
Backslash Security announced cross‑product support for agentic AI Skills, giving organizations the ability to discover, assess, and govern Skills across AI‑native development environments. The new capability adds centralized visibility of Skills, Model Context Protocol servers, plug‑ins and prompt rules, allowing...
Menlo Security Delivers Unified Governance and Threat Prevention for AI Agents and Humans
Menlo Security introduced a Browser Security Platform designed to protect both human users and autonomous AI agents that operate within the browser, now treated as the enterprise operating system. The solution embeds a unified control plane that enforces machine‑speed governance,...
Graylog Advances Explainable AI and Automated Workflows for Faster Threat Detection
Graylog announced AI‑driven security automation at RSA, introducing explainable AI threat prioritization, agentic workflows via its open MCP Server, and a Spring 2026 release that auto‑launches investigations when asset risk exceeds thresholds. The threat prioritization engine aggregates alerts using entity context,...
Firefox Is Getting a Free Built-In VPN
Mozilla announced that Firefox 149, releasing on March 24, will embed a free built‑in VPN. The service will route browser traffic through a proxy, masking users' IP addresses, and initially provides 50 GB of data per month to users in the United States,...
Corelight’s Agentic Triage Turns SOC Alerts Into Evidence-Backed Investigations
Corelight unveiled Agentic AI capabilities for security operations centers, highlighted by Agentic Triage—a GenAI‑driven workflow that consolidates alerts into entity‑centric investigations and delivers evidence‑backed verdicts up to ten times faster. The solution exposes every playbook step, query, and data point,...
TrojAI Unveils New Capabilities to Secure Agentic AI Beyond the Prompt Layer
TrojAI introduced three major capabilities to protect enterprise‑grade agentic AI, extending security beyond the prompt layer. The new Agent‑Led AI Red Teaming automates multi‑turn attacks using coordinated autonomous agents and maps findings to OWASP, MITRE and NIST frameworks. Agent Runtime...
Polygraf AI Launches Desktop Overlay for Real-Time AI Behavior Control in Enterprise Operations
Polygraf AI unveiled Desktop Overlay, a real‑time compliance assistant that monitors user input at the desktop level. The edge‑deployed overlay flags sensitive information within 100 ms using on‑premise small language models, requiring only modest CPU and memory resources. Pilot results showed...
Stellar Cyber 6.4.0 Reduces Alert Noise and Speeds Investigations with Autonomous SOC Capabilities
Stellar Cyber has released version 6.4.0, adding autonomous SOC capabilities that automate alert triage and generate AI‑driven case summaries. The platform promises 60‑80% analyst time savings and up to 70% reduction in alert noise through its Agentic AI and Verdict...
Fingerprint’s MCP Server Turns Device Intelligence Into Real-Time AI-Powered Fraud Insights
Fingerprint has launched an open‑source Model Context Protocol (MCP) Server that lets any AI assistant or chatbot query its device‑intelligence platform in real time. The server uses the open MCP standard, enabling fraud analysts to ask natural‑language questions—such as device...
Microsoft Edge 146 Adds IP Privacy and Local Network Access Controls
Microsoft released Edge 146 stable on March 13, 2026, adding tracking protection changes, IP privacy via Private IP routing, and new enterprise network security policies. InPrivate windows now inherit the standard tracking prevention level, removing the separate setting. The update...
KEEQuant Advances Chip-Scale QKD for Telecom, Data Centers, and Critical Infrastructure
KEEQuant unveiled a commercial chip‑scale quantum key distribution (QKD) system that replaces traditional bulk optics with photonic integrated circuits. The miniaturized solution lowers hardware costs and simplifies deployment, making quantum‑safe key exchange viable for telecom operators, data‑center providers, and critical‑infrastructure...
45,000 Malicious IP Addresses Taken Down, 94 Suspects Arrested
Operation Synergia III, an INTERPOL‑led international effort running from July 2025 to January 2026, dismantled more than 45,000 malicious IP addresses and servers used for phishing, malware, and ransomware. The crackdown resulted in 94 arrests, with another 110 suspects under investigation, and the seizure...
JSOC IT’s AUTOPSY Platform Puts Security Stacks Under Live API Verification
JSOC IT launched AUTOPSY, a security verification platform that uses live API integrations to assess an organization’s security stack before a breach occurs. Its flagship product, READY, replaces self‑reported questionnaires with telemetry‑based scores across more than 24 security tools, revealing...
Accertify’s Attack State Targets Credential Stuffing and ATO Attacks
Accertify introduced Attack State, a new module within its Account Protection suite that continuously monitors login activity to spot coordinated credential‑stuffing and account‑takeover attacks. By benchmarking real‑time behavior against an organization’s typical traffic patterns, the tool flags anomalies across web,...
Red Access Firewall-Native SSE Adds GenAI Security and Browser Protection to Existing Firewalls
Red Access unveiled a firewall‑native Security Service Edge (SSE) that sits atop any existing firewall without agents, instantly delivering GenAI‑driven security, data loss prevention, CASB, and browser isolation. The solution is vendor‑agnostic, supporting Palo Alto Networks, Fortinet, Cisco and Check...
AI Coding Agents Keep Repeating Decade-Old Security Mistakes
Researchers evaluated three leading AI coding agents—Claude Code, OpenAI Codex, and Google Gemini—by tasking them with building two real‑world applications from scratch. Across 30 pull requests and 38 security scans, 143 vulnerabilities were found, with 87 % of PRs containing at...
Passwords, MFA, and Why neither Is Enough
The article argues that traditional passwords and even multi‑factor authentication (MFA) no longer provide sufficient protection against modern credential attacks. It highlights how SMS codes can be intercepted via SIM swapping, authenticator apps are prone to replay and push‑bombing attacks,...
€1 Million Online Fraud Scheme Uncovered, Three Suspects Arrested
German and French authorities dismantled a cross‑border fraud ring that stole roughly €1 million. Coordinated by Eurojust, the operation on 10 March led to the arrest of three suspects, with the alleged mastermind detained in France pending extradition. Investigators seized cryptocurrencies, jewellery...
Mimecast Adds AI Investigation and Adaptive Controls to Manage Human Risk
Mimecast unveiled a suite of AI‑driven platform enhancements aimed at curbing human‑related security risk. The rollout adds adaptive security policies that auto‑adjust based on individual risk scores, an AI‑powered Mihra Investigation Agent that accelerates incident analysis, and open‑gateway integrations for...
Socure Launch Enables Startups to Deploy Identity Verification and Fraud Controls
Socure introduced Socure Launch, a plug‑and‑play identity verification and fraud‑prevention suite built on its RiskOS platform. The service lets developers activate enterprise‑grade risk controls within minutes, bypassing weeks of custom development. It targets early‑stage fintech, crypto, gaming, marketplace and e‑commerce...
Zscaler Enhances Data Sovereignty Controls with Regional Processing and Logging
Zscaler announced a global expansion of its data‑sovereignty controls, adding dedicated control and logging planes in six regions and preparing a deployment in Canada. The Zero Trust Exchange now performs in‑region SSL inspection, malware analysis and offers Private Service Edge...
SOC Prime’s DetectFlow Enterprise Moves Threat Detection to the Data Ingestion Layer
SOC Prime unveiled DetectFlow Enterprise, a platform that embeds real‑time threat detection directly into the data ingestion layer. By running tens of thousands of Sigma detections on live Kafka streams with Apache Flink, the solution achieves millisecond mean‑time‑to‑detect (MTTD). It...
Binary Defense’s NightBeacon Brings AI-Driven Analysis to SOCs
Binary Defense unveiled NightBeacon, an AI‑powered security operations platform embedded directly in its SOC. The system cuts mean time to resolution by roughly 30%, accelerates incident summarization 46%, and boosts the number of incidents analysts can handle per shift by...
Codoxo’s Deepfake Detection Identifies AI-Generated Medical Records for Health Plans
Codoxo has launched Deepfake Detection, an AI‑driven solution that scans medical documentation, diagnostic images and claim context in seconds to flag synthetic or manipulated records. The tool embeds explainable risk scores into payer fraud‑prevention workflows, enabling health plans to intercept...
Fortinet Enhances SecOps with Cloud SOC, AI Automation, and Managed Services
Fortinet unveiled a suite of SecOps upgrades, highlighted by the preview of FortiSOC—a cloud‑delivered service that fuses analytics, SIEM, SOAR and threat intel into a single platform. The company also expanded its FortiAI engine to deliver agentic automation that can...
Microsoft Flips Windows Autopatch to Default Hotpatch Security Updates
Microsoft will automatically enable hotpatch security updates in Windows Autopatch for eligible devices managed via Intune or the Microsoft Graph API, beginning with the May 2026 security release. Hotpatch, introduced a year ago, lets critical fixes install without a reboot, accelerating...
Attackers Use AiTM Phishing Kit, Typosquatted Domains to Hijack AWS Accounts
Datadog researchers uncovered an AiTM phishing campaign that uses spoofed AWS security alerts and typosquatted domains to harvest AWS console credentials. The attackers operate a live proxy, relaying authentication requests to AWS while stealing usernames, passwords, and MFA codes in...