Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mythos and Beyond: Cato Addresses the Generational Shift in Cyber Threats with Agentic Security Researchers

Anthropic’s upcoming Mythos model points to something far more consequential than another leap in artificial intelligence. It signals a shift that could redefine the balance between attackers and defenders in cyberspace.

How intelligent workflows help MSSPs deliver customer outcomes at scale

For managed security service providers (MSSPs), customer loyalty is the most critical indicator of business health. Unlike other metrics that you directly control, such as mean time to respond or mean time to detect, it can’t be gamed: customers will either stay with you or they’ll churn. This means that the top priority for any MSSP should be to deliver the specific customer outcomes they were hired to provide, like helping to stop threat actors before they cause damage.

AI Bias Is More Dangerous Than You Think #shorts

AI bias is a real problem. Bias can enter AI systems in many ways: That’s why governments and organizations are focusing on responsible AI policies to ensure AI benefits everyone equally, not just one group. Responsible AI means reducing discrimination and ensuring fairness across all communities. Watch The Full Podcast: Link Below.

When AI Stops Assisting and Starts Acting

For decades, the service desk has operated on a simple assumption: humans must interpret every IT problem before action can be taken. A ticket is created. Teams investigate. Data is pulled from multiple tools. Eventually someone determines the root cause and decides what to do next. It works - but it's slow, reactive, and heavily manual. That assumption is starting to change. With Tanium AI agents in ServiceNow Now Assist for ITSM connected to Tanium's real-time endpoint intelligence, machines can now understand issues, analyze live telemetry, and recommend or execute remediation in seconds.

eBPF for AI Agent Enforcement: What Kernel-Level Security Catches (and What It Misses)

Your team deployed Tetragon six months ago. TracingPolicies are humming along—you’re catching unauthorized binary executions, blocking suspicious network connections, and generating seccomp profiles from observed behavior. Runtime security for your traditional workloads is solid. Then engineering ships their first autonomous AI agent into production. A LangChain agent connected to internal databases, external APIs through MCP tool runtimes, and a vector database for RAG.

Securing AI Agents on GKE: Where gVisor, Workload Identity, and VPC Service Controls Stop Working

You enable GKE Sandbox on a dedicated node pool, bind Workload Identity Federation to your AI agent pods, wrap your data services in a VPC Service Controls perimeter, and deploy your agents with the Agent Sandbox CRD using warm pools for sub-second startup. Your security posture dashboard shows every control configured and active. And then an attacker uses prompt injection to trick an agent into exfiltrating sensitive data through API calls that every single one of those layers explicitly allows.

4 Phases, 357 Crashes, 2 Bugs: What AFL++ Campaign Actually Looks Like

357 crash files. 2 real bug sites. That’s the outcome of this AFL++ campaign after roughly 8.5 billion executions across multiple harnesses, binaries, and phases. At first glance, everything looked like success. Crashes were increasing steadily. New inputs were being generated every few seconds. Coverage appeared to improve over time. From a surface-level perspective, the campaign looked productive. Then triage began.

Gemini XSS Vulnerability: When AI Executes Malicious Code

Artificial intelligence is no longer just generating text. It generates and executes code in real time. With tools like Google Gemini, features such as code canvases and live previews are turning AI systems into interactive execution environments. This shift introduces a new and rapidly growing category of risk: AI security vulnerabilities tied to real-time code execution.