Technology

Cato Joins OpenAI's Trusted Access for Cyber (TAC) to Advance AI-Driven Defense

May 1, 2026 By Elad Menahem In Cato Networks

Over a decade ago, Cato Networks helped shift cybersecurity to a new frontier: a converged, cloud-native platform that combines security and networking. As a long-time security researcher, the Cato platform was a radical change, providing researchers with the rich context and end-to-end visibility we needed to identify threats faster and deliver accurate protections.

Read Post

Cato Networks

Read more about Cato Joins OpenAI's Trusted Access for Cyber (TAC) to Advance AI-Driven Defense

CVE-2026-42208: Pre-Authentication SQL Injection in LiteLLM Exposes API Credentials

May 1, 2026 By Deepak Kumar Choudhary In Indusface

A critical vulnerability in LiteLLM is turning AI infrastructure into an open vault; no login required. Tracked as CVE-2026-42208, this vulnerability allows attackers to extract API keys, cloud credentials, and provider authentication tokens without any credentials or prior access to the system. The root cause is fundamental lapse in input handling. LiteLLM’s API key validation blindly injects the Bearer token from the Authorization header into a SQL query without sanitization.

Read Post

Indusface

Read more about CVE-2026-42208: Pre-Authentication SQL Injection in LiteLLM Exposes API Credentials

AI just became the world's most dangerous exploit writer. Here's why Sophos Endpoint is built to stop it.

May 1, 2026 By Sophos In Sophos

AI just became the world's most dangerous exploit writer. Here's why Sophos Endpoint is built to stop it. AI-generated zero-days are here. Sophos Endpoint was architected to stop exploits that have never been seen before — blocking the techniques every attack must use, at the moment of execution, with no signature, no cloud lookup, and no configuration required.

Read Post

Sophos

Read more about AI just became the world's most dangerous exploit writer. Here's why Sophos Endpoint is built to stop it.

AI finds the vulnerabilities, but exploiting them is a different problem.

May 1, 2026 By Mark Loman In Sophos

AI finds the vulnerabilities, but exploiting them is a different problem. How Sophos Endpoint defends in the AI era, and what the public record on Mythos shows. When Mozilla shipped Firefox 150 with fixes for 271 issues identified by Anthropic’s Mythos model, the headlines focused on the count. The detail that mattered was further down: Mozilla credited only three CVEs to the model. The remaining 268 were classified as defense-in-depth, hardening, or bugs in code paths that could not be exploited.

Read Post

Sophos

Read more about AI finds the vulnerabilities, but exploiting them is a different problem.

AI Insights in Device Trust

May 1, 2026 By 1Password In 1Password

View Video

1Password

Read more about AI Insights in Device Trust

How to Map AI Risk to Existing Compliance Frameworks

May 1, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about How to Map AI Risk to Existing Compliance Frameworks

AI Without Guardrails Is Like an Employee Without Training #ai #aisecurity #github

May 1, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about AI Without Guardrails Is Like an Employee Without Training #ai #aisecurity #github

How Reach Fixes Microsoft Defender for Office 365 Configuration Drift

May 1, 2026 By Reach Security In Reach Security

Microsoft Defender for Office 365 is powerful out of the box. The problem? Configurations drift. IT teams make changes the security team doesn't know about. Anti-phishing policies weaken. Safe Links gaps open up. And AI-powered attackers are finding those openings faster than any team can manually catch them. Reach analyzes your Microsoft Defender for Office 365 controls, activates underutilized capabilities, remediates misconfigurations, and keeps your deployment aligned to your security baseline continuously.

View Video

Reach Security

Read more about How Reach Fixes Microsoft Defender for Office 365 Configuration Drift

Why Endpoints are Still a Data Security Problem in the Age of AI

May 1, 2026 By Wade Barisoff In archTIS

After decades of innovation in personal technology, ranging from watches that track personal fitness, mini super-computers that we call phones, and a whole host of other gadgets and self-help technologies, our companies still rely on one technology that started over 45 years ago – the laptop. Fun fact: the first one, called the Osborne 1, weighed 24 pounds! The modern laptop has a better screen, longer battery life, and weighs significantly less, but at its core is still a hard drive.

Read Post

archTIS

Read more about Why Endpoints are Still a Data Security Problem in the Age of AI

The Brutal Truth for CISOs Scared of AI

May 1, 2026 By Razorthorn Security In Razorthorn

If one new model sends the whole security team into panic, the real problem is often weak architecture, weak monitoring and weak preparedness. Defence in depth, patching, incident response and proper visibility still matter more than fear of the latest AI announcement.

View Video