New research suggests AI-generated phishing training can improve user detection performance, while a new on-prem AI security tool highlights the growing push to apply AI to investigations without cloud data exposure, bringing new integrity and governance considerations.
AI Security
Cyber AI Tip: Understanding Where AI Systems Actually Break
AI systems don’t fail randomly. They fail at trust boundaries, inputs, and integrations. Learn how to apply familiar security controls to real-world AI deployments.
AI Security Daily Briefing — December 15, 2025
CrowdStrike unveils prompt-injection defense tooling, autonomous AI pentesting emerges, U.S. federal executive order centralizes AI regulation, and CISA updates foundational cybersecurity goals to strengthen resilience against AI-driven threats.
AI Security Daily Briefing — December 11, 2025
OpenAI acknowledges its next-generation models may reach zero-day and intrusion-level capabilities, NIST moves to define a threat and mitigation taxonomy for AI agents, Tenable shows how a simple prompt injection against Microsoft Copilot Studio led to data leakage and fraud, and the Cloud Security Alliance publishes detailed guidance on AI prompt guardrails for enterprise GenAI.
AI Security Daily Briefing — December 10, 2025
Google patches a Gemini Enterprise flaw that could expose corporate data, new research shows most LLM application risks evade traditional code scanners, Cisco launches an open-source A2A Scanner to secure AI agent networks, OWASP publishes a Top 10 for agentic applications, and Google adds a $20K bug bounty on top of its layered Chrome agent defenses.
AI Security Daily Briefing — December 9, 2025
NCSC warns prompt-injection flaws may be unfixable, 7AI raises $130M to scale AI-agent SOC tooling, and NVIDIA/Lakera release a unified safety framework for agentic AI systems.
AI Security Daily Briefing — December 9, 2025
In the last 24 hours, Google introduced layered defenses in Chrome to contain indirect prompt injection against its agentic AI features, the UK’s NCSC warned that LLMs will always be vulnerable to prompt injection, and new research revealed malicious VS Code extensions and AI-branded packages stealing developer data and credentials from high-value engineering environments.
AI Security Daily Briefing — December 8, 2025
Over the last 72 hours, AI security stories have centered on shadow AI forcing a rethink of governance, “IDEsaster” flaws in AI coding tools enabling data theft and RCE, FBI warnings about AI-generated virtual kidnapping scams, NATO’s use of an AI chatbot in large-scale cyber war games, and new evidence that AI image services and AI bots are reshaping data-leak and scraping risk.
AI Security Daily Briefing — December 5, 2025
New guidance on securing AI in OT from NSA/CISA, discovery of the Brickstorm virtualization backdoor used by state-linked actors, and industry warnings that detection must replace perimeter defenses as AI-driven threats accelerate.
AI Security Daily Briefing — December 4, 2025
AI security for December 4, 2025 centers on a massive $130M round for AI-agent SOC startup 7AI, fresh evidence of Chinese-backed hackers using AI to automate campaigns, a study showing major AI companies falling short of global safety standards, new analysis of AI-driven software supply chain attacks, and a malicious npm package that embeds prompts to trick AI-based security tools.