Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Everyone is building sophisticated intelligence layers with improved models and smarter agents to automate threat detection, investigation, and response. It’s what is needed in order to mature into an AI SOC. However, the organizations seeing the most value from AI in their SOC are not focusing solely on the intelligence layer. They’re focusing on the data foundation first.

On March 24, 2026, thousands of development pipelines ran a routine vulnerability scan. What they actually executed was a credential stealer.

AI is making phishing attacks easier to create and scale. Tasks that once required manual effort can now be automated, allowing attackers to generate realistic messages, launch campaigns, and adapt tactics quickly to evade security controls. In fact, KnowBe4’s 2025 Phishing Threat Trends Report found that more than 73% of phishing emails analyzed in 2024 showed signs of AI involvement. As a result, phishing threats are becoming harder to detect using traditional methods alone.

The data from this year's State of Secrets Sprawl report shows that AI is not creating a new secrets problem; it is accelerating every condition that already made secrets dangerous.

This week Anthropic announced Project Glasswing, a cybersecurity initiative built around Claude Mythos Preview, an unreleased frontier AI model capable of autonomously discovering and developing exploits for zero-day vulnerabilities across major operating systems and web browsers. According to early details, the model has already identified thousands of critical vulnerabilities that traditional tools have missed for years.

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks In my previous article on OpenClaw I wrote: “Even the most ‘risk-on’ organizations with deep AI and security experience, will likely find it challenging to configure OpenClaw in a way that effectively mitigates the risk of compromise or data loss, while still retaining any productivity value.” The Red Team here at Sophos took that as ‘challenge accepted’, s

Everyone is calling Claude Mythos a watershed moment. I’d like to offer a slightly different take. Not because the capability isn’t real, it is. But if Mythos is the moment that finally convinced your organization that rapid vulnerability discovery is an existential threat, you’ve been watching the wrong thing. We saw this coming. Vulnerability Management has been moving in this direction for years, and we built Nucleus with this trajectory in mind. What surprises me is the surprise.

AI is changing how attacks happen, and how fast they happen. Seemplicity’s 2026 State of Exposure Management report shows why most security teams aren’t struggling to find risk, but to fix it quickly enough. Based on insights from 300 security leaders, it highlights where remediation breaks down, how AI is being used today, and why execution is becoming the real bottleneck.