Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Malicious AI Tools Assist in Phishing and Ransomware Attacks

Dec 5, 2025 By KnowBe4 Team In KnowBe4
Researchers at Palo Alto Networks’ Unit 42 are tracking two new malicious AI tools, WormGPT 4 and KawaiiGPT, that allow threat actors to craft phishing lures and generate ransomware code. These tools are criminal alternatives to mainstream AI tools like ChatGPT, with no safety guardrails to prevent users from using them for malicious activities. The latest version of WormGPT offers lifetime access for $220, or a monthly fee of $50.
Read Post

Hackers hijack Google Smart Home #aisecurity #mcpserver

Dec 5, 2025 By Mend In Mend
Building AI agents that can think, act, and adapt securely isn't easy. From prompt design to deployment, every stage brings new challenges and new risks. In this session, Bar-El Tayouri, Head of Mend AI at Mend.io, and Yehoshua (Shuki) Cohen, VP of Data and AI Evangelist at AI21 Labs, shared practical strategies for designing and defending agentic systems that actually deliver. Key topics covered: Originally recorded: October 29, 2024.
View Video
salt security

Critical vLLM Flaw Exposes the Soft Underbelly of AI Infrastructure

Dec 5, 2025 By Eric Schwake In Salt Security
While the world worries about "jailbreaking" LLMs or preventing them from hallucinating, a critical new vulnerability has just reminded us of a fundamental truth: AI is just software, and software has bugs. A newly discovered critical flaw (CVE-2025-62164) in vLLM, one of the most popular libraries for serving large language models, allows attackers to achieve Remote Code Execution (RCE) or crash servers simply by sending a malicious API request. This isn't a failure of the AI model.
Read Post
vanta

Beyond security theater: How automated trust closes the AI readiness gap

Dec 5, 2025 By Vanta In Vanta
‍ AI is transforming businesses at breakneck speed—but security isn’t keeping up. ‍ According to Vanta’s State of Trust Report 2025, which surveyed over 2,500 business and IT leaders around the world, 3 in 5 say AI-related security threats are outpacing their expertise. With a majority of organizations experiencing threats weekly, AI is not just driving the volume, but the precision of these attacks.
Read Post
astra

API Security vs Application Security: What's the Difference & Best Practices 2026

Dec 5, 2025 By Suyash Jain In Astra
Over the past few years, APIs have quietly become the front door to your most critical data and workflows, flipping security ownership on its head. Accountability and ownership of both API and Application security have shifted from your central infra and network teams to product, platform, and engineering squads that ship new APIs every week, and well, sometimes every day. This is where CISOs and CTOs feel the tug strengthening from both sides.
Read Post
Preventing Power Surges: Essential Strategies for Facilities Managers

Preventing Power Surges: Essential Strategies for Facilities Managers

Dec 5, 2025 By SecuritySenses In SecuritySenses
Power surges are one of the most frequent yet least understood risks in building operations. They typically strike without warning and cause damage long before a problem becomes visible. Many facilities managers discover the effects only after equipment begins malfunctioning, circuits burn out, or unexpected downtime occurs. As buildings become more reliant on sensitive electronics and interconnected systems, understanding how and why surges occur has become increasingly important to maintaining reliable operations.
Read Post
Make Doodle-Style Videos Using the AI Video Maker Sketch Mode

Make Doodle-Style Videos Using the AI Video Maker Sketch Mode

Dec 5, 2025 By SecuritySenses In SecuritySenses
Doodle-style videos have become a booming trend due to the simplicity and high engagement. Their hand-drawn style is easy to notice and the content is easy to remember. The sketches in the cartoon automatically draw the audiences into any story whether it is informative, advertising or autobiographical. Doodle animation was once a complex operation that demanded advanced skills, specialized software and hours of work. The process is now made easier by AI-assisted tools that enable creators to create sophisticated, refined doodle animations with little knowledge of technical skills.
Read Post

APIs are the Language of AI. Protecting them is Critical.

Dec 4, 2025 By A10 Networks In A10 Networks
APIs are the Language of AI. Protecting them is Critical. In this discussion, A10 Networks security experts Jamison Utter and Carlo Alpuerto explore the emerging impact of Agentic AI on the API security landscape. They delve into how AI agents, as new API consumers, are driving an explosion in endpoints and exacerbating existing security issues, pushing API protection higher up the security practitioners' priority list.
View Video

The Mythical 1+1=3 Model in Cybersecurity

Dec 4, 2025 By Reach Security In Reach Security
The mythical 1+1=3 model in security? It happens when the tools you already own stop working in isolation — and start working as a system. Jay Wilson and Garrett Hamilton dig into why Reach’s platform approach matters: not just enhancing individual controls, but creating compounding value across identity, endpoint, email, and network. When visibility, configuration, and enforcement align, the outcome isn’t incremental — it’s exponential.
View Video
protecto

Best Practices for Implementing Data Tokenization

Dec 4, 2025 By Protecto In Protecto
Data is no longer confined to a few clean relational systems. It now flows through microservices, data lakes, event streams, vector databases, and LLM pipelines. Sensitive information spreads quickly, and once it reaches ungoverned surfaces—logs, analytics exports, embeddings—it becomes extremely painful to unwind. Tokenization is one of the few controls that can both minimize data exposure and preserve business functionality.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.