AppSec stories - Page 2

Enterprises urged to overhaul cyber defences as Anthropic's upcoming Mythos model raises fears of faster phishing, deepfakes and automated attacks.

Forrester warns Anthropic's Project Glasswing could overwhelm vulnerability management, as AI uncovers flaws faster than patching teams can respond.

Permiso launches SandyClaw sandbox to detonate AI agent skills and expose hidden runtime risks before they reach enterprise systems.

F5 and Forcepoint have teamed up to link data discovery with runtime controls, aiming to curb AI risks as enterprises move systems into production.

Qodo secures $70 million Series B as investors back its bid to become the trust layer for AI-generated software.

F5 and Forcepoint team up to give enterprises continuous AI security, linking data discovery with runtime controls to reduce risk in production systems.

Miggo extends its runtime security platform to map, monitor and rein in AI agents and MCP toolchains as live behaviour becomes attack focus.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Novee unveils an autonomous AI red teaming tool to probe LLM apps for prompt injection, jailbreaks and other emerging security flaws.

BlueFlag Security secures USD $28 million Series A to scale its identity-first cyber platform tackling AI and developer risks in software.

Sonatype says smaller AI tied to live software data can outsecure larger models on dependency upgrades, slashing risk and cost.

NSS Labs warns many enterprise AI guardrails fail basic security tests, urging independent, real-world validation of protections.

Red Hat reports 97% of organisations suffered cloud-native security incidents last year, exposing basic failings in configuration and governance.

Cloudsmith adds automated controls to quarantine and block risky dependencies, tightening enforcement on software supply chain security.

Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.

UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

GitLab opens agentic AI to free-tier users, sets USD $0.25 flat fee for automated code reviews and expands security false-positive filtering.

Wallarm names Shayne Higdon chief executive in leadership reshuffle as it pivots from pure API protection to securing wider AI-driven risks.

Organisations test just a third of their attack surface as reliance on agentic AI grows, raising fresh concerns over unseen cyber risks.