While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn't always the most efficient — and least noisy — way to get ...

Microsoft notified customers this past weekend regarding in-the-wild attacks targeting its SharePoint products following exploits of several vulnerabilities within the software ...

Lowering the risks that common vulnerabilities and exposures (CVEs) pose to organizations can be a costly endeavor — but shifting your team's focus away from the deluge can free up your software ...

A trio of AI experts raised eyebrows earlier this year when they revealed their ambitious plans to use artificial intelligence (AI) tools to automate all white-collar jobs "as fast as possible." At ...

Vibe coding is having its moment as the latest hoped-up AI technology, but busy enterprise development and security operations teams have to be aware of its risks ...

The AI security landscape has become a maze of overlapping vendor claims and made-up categories, leaving organizations struggling to distinguish between products that can actually help and those that are just marketing ...

  ...

A new guide published by the Cloud Security Alliance (CSA) gives red teams some useful guidance on how to go about securing agentic AI systems. Red-teaming for agentic AI requires a specialized ...

Third-party risk management TPRM is a well-established pillar of enterprise security programs. Its focus is on evaluating vendors for financial health, operational resilience, and compliance. As digital ecosystems expanded, so did the ...

Pat Opet, CISO at JPMorganChase, recently posted an open letter regarding third-party software risk that was a call to action. In it, he describes the non-negotiable software supply chain risks that are ...