Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A phishing campaign exploited a glitch in Robinhood’s account creation process to send phishing emails from the investment platform’s own systems, SecurityWeek reports.

Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.

Snyk started as a classic product-led growth company. For our first two years, we didn't need a sales team — the product sold itself to developers. That's a rare thing, and we're proud of it. It meant we had genuine product-market fit before we had a go-to-market motion. But markets evolve, and so did we. Today, AI coding agents are generating code at a velocity that significantly outpaces the ability of security teams to review it.

Our previous post, How to Secure Microservices with SPIFFE and Istio, showed how to secure Kubernetes microservices using Istio policy and SPIFFE identities, with Teleport issuing the identities that the mesh trusts. The question teams face next is: How do you extend that identity-driven security model to workloads outside Kubernetes — such as VMs, edge gateways, and legacy services — without creating a massive certificate-management project?

The best data loss prevention (DLP) tools in 2026 are those that move beyond rigid, rule-based systems to incorporate AI-driven behavioral analytics. Leading solutions like Teramind (best for AI agent governance), Microsoft Purview (best for M365 ecosystems), and Zscaler (best for cloud-native protection) provide the real-time visibility needed to stop data breaches before they occur.

Artificial intelligence is rapidly reshaping how security operations centers (SOCs) function. Many organizations are now evaluating AI-native architectures to reduce workload and accelerate investigations. A new architectural narrative is emerging. A growing set of AI-native security vendors are proposing centralizing telemetry in a warehouse and deploying AI agents to replace the operational role of the SIEM. They want to centralize telemetry, apply AI, and automate the SOC.

All cyberattacks are not the same. Some are immediate, while others take time and remain hidden as they move through systems. APT attacks are one such attack type. APT stands for Advanced Persistent Threats. In these attacks, attackers target specific organizations and work to stay inside for long periods. They move through different parts of the environment to collect sensitive data without drawing attention.

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Noam Cohen is a serial entrepreneur building seriously cool data and AI companies since 2018. Noam’s insights are informed by a unique combination of data, product, and AI expertise — with a background that includes winning the Israel Defense Prize for his work in leveraging data to predict terror attacks.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of weeks ago I was saying to someone I wondered if Drupal was still around. Not the best way to be reminded.

In July 2025, Replit's autonomous AI coding agent deleted a live production database despite being explicitly instructed to freeze all changes. The agent then attempted to reassure the user with incorrect information after the fact. The team had safeguards in place. The instructions were explicit. Neither stopped it. The conclusion that follows is one the security community should take seriously: you cannot enforce AI agent behavior through the agent itself.