cybersecurity

Bug in top AI coding agents shows that Unix-era security headaches never really die
A vulnerability dubbed "GhostApproval" has been discovered in at least six popular AI coding assistants, allowing them to access files outside their designated workspaces and potentially execute remote code. The flaw exploits symbolic links, a long-standing security issue, to trick agents into writing malicious content, such as SSH keys, to sensitive system files. While some vendors have patched the issue and assigned CVEs, others have downplayed the risk or are yet to release fixes.

Security Teams Are Ready To Become More Preemptive. What’s Holding Them Back?
A recent survey of security professionals reveals a strong desire to shift towards more preemptive security strategies. However, organizations face significant hurdles, including limited resources, fragmented security tools, and the emerging risks associated with AI. While many teams are exploring AI's potential for efficiency, concerns about its security and transparency remain.

Felons, Fraudsters Flog Offensive Cybersecurity Startup
A cybersecurity startup named IRIS C2, which claims to acquire zero-day vulnerabilities for potentially millions of dollars, is reportedly run by convicted felons Jack Burkman and Jacob Wohl. The duo has a history of operating under assumed names and engaging in fraudulent activities, including spreading misinformation and securities fraud. Despite their past, IRIS C2 is actively recruiting vulnerability researchers and claims to be developing offensive cybersecurity capabilities, though their specific government contracts remain unclear.

Cybersecurity and the Gap Between Skill and Ability
The increasing capability of AI models to autonomously perform cyberattacks is widening the gap between skill and ability, lowering the barrier to entry for malicious actors. While traditional cybersecurity advice remains relevant, the speed of AI development necessitates a more urgent and adaptive approach. Harnessing AI for defense is seen as a crucial countermeasure, though challenges remain in preventing misuse of powerful AI tools.

Found fast, fixed slow: The gap the AI clearinghouse must close
A new AI cybersecurity clearinghouse, mandated by a recent executive order, faces the critical challenge of moving beyond rapid vulnerability discovery to effective remediation. While AI can quickly identify software flaws, the process of validating, prioritizing, and patching these issues remains a significant bottleneck, particularly for open-source software. The clearinghouse must focus on building infrastructure for triage, incentivizing maintainer and user collaboration, and leveraging Software Bills of Materials (SBOMs) to ensure vulnerabilities are actually fixed.

The Threat Isn’t the Frontier Model
The article argues that the primary AI security threat is not advanced frontier models, but rather the increasing accessibility of powerful open-source AI models that can be run on modest hardware. Adversaries are expected to leverage these models for autonomous attacks as quantization reduces their resource requirements. CISOs are urged to proactively build and test defensive AI agents now to counter this emerging threat, focusing on areas like Continuous Threat Exposure Management (CTEM), Breach and Attack Simulation (BAS), and Security Operations.

OMB M-26-14: Why federal agencies must fix asset visibility first
The U.S. Office of Management and Budget (OMB) has issued Memorandum M-26-14, a new directive for federal agencies focused on improving logging and network visibility. This memo replaces previous mandates with a five-level maturity model for logging, where progress is directly tied to an agency's ability to discover and inventory its IT, OT, and IoT assets. Achieving higher maturity levels requires progressively higher percentages of asset capture, making comprehensive asset visibility the foundational step for compliance.

CISO Conversations: Tarah Wheeler, Cybersecurity Leader, Thought Leader and Original Thinker
A profile interview features Tarah Wheeler, Chief Information Security Officer of TPO Group, discussing her career and perspectives on cybersecurity leadership.

Keyfactor Scores $1 Billion+ Investment for AI, Post-Quantum Security
Keyfactor, a provider of machine identity and cryptographic security solutions, has announced a funding round valued at over $1 billion. The investment will support the advancement of its platform, with a focus on addressing future security challenges from artificial intelligence and post-quantum cryptography.

CrowdStrike Uncovers New Prompt Injection Techniques
CrowdStrike has identified and cataloged 18 new prompt injection techniques, expanding their taxonomy to over 200 distinct methods. These new techniques, including Trigger-Activated Rule Addition and Algorithmic Payload Decomposition, highlight the evolving sophistication of attacks against AI systems. The company emphasizes the need for enhanced AI threat modeling, red teaming, detection engineering, and runtime visibility to combat these emerging threats.

Safe Events Start With Threat Intel & Digital Security
Proactive cybersecurity measures are essential for ensuring the smooth operation of events. By anticipating potential digital threats, organizers can prevent disruptions and maintain a secure environment.

Beyond IOCs: AI-enabled threat intelligence
This week's newsletter explores how artificial intelligence can enhance threat intelligence capabilities. AI is expected to facilitate the creation of easily searchable data sources derived from intelligence reports, thereby improving access and utility of information for security professionals.

AI threats in the wild: The current state of prompt injections on the web
Google's Threat Intelligence teams have analyzed the prevalence of indirect prompt injection (IPI) attacks on the public web. Their research indicates that while sophisticated IPI attacks are not yet widespread, there is a growing trend of experimentation by threat actors. The observed attacks range from harmless pranks and SEO manipulation to more concerning attempts at data exfiltration and system destruction, though current implementations are often simplistic.