14 articles
New CSA research and RSAC 2026 analysis reveal that over-privileged AI agents are not just an IT governance issue - they are an emerging physical safety risk. With 74% of agents receiving more access than needed and credential theft spiking 800%, the convergence of autonomous systems and cyber-physical infrastructure demands a fundamental rethink of IAM as safety-critical architecture.
OpenAI's arrival on the FIDO Alliance Board, Mastercard's open-source standard for AI agent transactions, and Meta's display-free passkey method for XR headsets signal a new phase: passwordless authentication is moving well beyond logins into agent commerce, immersive hardware, and national-scale identity systems.
Three distinct Android threats emerged this week: the Mirax RAT converting phones into proxy nodes via Meta ads, a patched EngageLab SDK vulnerability that exposed 50 million users, and a new SparkCat variant scanning photo galleries for crypto wallet seed phrases. Together, they illustrate a converging threat landscape around mobile devices and digital assets.
Two developments highlight the persistent scale of credential theft: the FBI and Indonesian police arrested the developer behind the W3LL phishing kit linked to $20 million in fraud, while Cisco Talos disclosed a fully automated credential harvesting operation exploiting a critical Next.js vulnerability to compromise hundreds of servers in under 24 hours.
Anthropic has unveiled Claude Mythos Preview, an AI model capable of autonomously discovering and exploiting zero-day vulnerabilities across every major OS and browser. Through the controlled Project Glasswing initiative, the company is channeling the model's capabilities toward defense - but the deployment gap downstream of the code may be the real challenge.
U.S. federal agencies issued urgent advisories this week as Iranian hackers disrupted programmable logic controllers across energy and water systems, while Russia's APT28 hijacked 18,000 home routers worldwide to steal authentication credentials. Both campaigns target the weakest links in critical infrastructure - internet-exposed devices that defenders often overlook.
A new Cloud Security Alliance survey reveals that 75% of organizations are confident in their unstructured data security - while 68% leave significant portions unprotected. A parallel CSA analysis of an AWS credential exposure incident shows how quickly such blind spots translate into full account takeover.
Three parallel developments are reshaping digital identity: FIDO Alliance declares passkeys mainstream and shifts focus to digital wallet certification, the Better Identity Coalition drafts "rules of the road" for verifiable credentials, and HYPR's latest report finds AI-driven impersonation has overtaken stolen credentials as the top enterprise identity threat.
How AI is reshaping OSINT: from agentic intelligence tools and deepfake threats to OPSEC exposure risks and defensive countermeasures for 2026 practitioners.
Analysis of global CVE trends by country of origin, covering vendor distribution, CNA shifts, state-sponsored exploitation, and regulatory responses in 2025-2026.
The npm ecosystem faces its most turbulent period ever. Three major supply chain attacks in seven months - including the Axios compromise attributed to North Korea - have forced GitHub to overhaul npm security. This report analyzes the threats, the response, and what comes next for the world's largest package registry.
A high-severity Adobe Reader zero-day exploited since December 2025, an authentication bypass in Fortinet FortiClient EMS added to CISA's KEV catalog, and a Marimo RCE flaw weaponized within 10 hours of disclosure highlight the accelerating pace of vulnerability exploitation and the shrinking patch window defenders face.
New findings from the Cloud Security Alliance reveal that 68% of organizations cannot distinguish AI agent activity from human actions, while 74% grant agents more access than needed. As real-world incidents demonstrate the consequences - from weaponized AI coding tools to factory shutdowns - industry efforts by Mastercard, Google, and others are racing to build trust frameworks before the gap widens further.
The North Korea-linked compromise of the Axios NPM package - with nearly 100 million weekly downloads - underscores the growing severity of software supply chain attacks. As the industry grapples with the fallout, new standards from the FIDO Alliance and the Cloud Security Alliance are emerging to address the systemic trust gaps that make these attacks possible.