Lucene search
K

1702 matches found

The Hacker News
The Hacker News
added 2026/04/09 11:31 a.m.7 views

The Hidden Security Risks of Shadow AI in Enterprises

As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and...

6.1AI score
Exploits0
hivepro
hivepro
added 2026/04/09 3:40 a.m.6 views

Cybersecurity Metrics Every CISO Should Report to the Board

Cybersecurity Metrics Every CISO Should Report to the Board After twenty years of leading security teams and presenting to boards at companies like Tripwire and RiskIQ, I can tell you this: the metrics that matter to your SOC team are not the metrics that matter in the boardroom. Boards do not wa...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.8 views

LanG -- a Governance-Aware Agentic AI Platform for Unified Security Operations

Modern Security Operations Centers struggle with alert fatigue, fragmented tooling, and limited cross-source event correlation. Challenges that current Security Information Event Management and Extended Detection and Response systems only partially address through fragmented tools. This paper...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.7 views

A Systematic Security Evaluation of OpenClaw and Its Variants

Tool-augmented AI agents substantially extend the practical capabilities of large language models, but they also introduce security risks that cannot be identified through model-only evaluation. In this paper, we present a systematic security assessment of six representative OpenClaw-series agent...

6AI score
Exploits0
OSV
OSV
added 2026/03/31 2:1 a.m.5 views

MINI-GRC2-2Q45-868P

Bulletin has no description...

7CVSS7AI score0.00157EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/30 4:0 p.m.5 views

Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio

Agentic AI is moving fast from pilots to production. That shift changes the security conversation. These systems do not just generate content. They can retrieve sensitive data, invoke tools, and take action using real identities and permissions. When something goes wrong, the failure is not limit...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/27 12:0 a.m.26 views

Clawed and Dangerous: Can We Trust Open Agentic Systems?

Open agentic systems combine LLM-based planning with external capabilities, persistent memory, and privileged execution. They are used in coding assistants, browser copilots, and enterprise automation. OpenClaw is a visible instance of this broader class. Without much attention yet, their securit...

6.1AI score
Exploits0
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

IBM Knowledge Catalog Standard Cartridge 日志信息泄露漏洞

IBM Knowledge Catalog Standard Cartridge is a data governance component provided by IBM Corporation, which offers capabilities for classifying data assets, managing governance, and handling metadata. The IBM Knowledge Catalog Standard Cartridge has a vulnerability related to log information...

4.4CVSS6AI score0.00153EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2026/03/18 4:0 p.m.9 views

Observability for AI Systems: Strengthening visibility for proactive risk detection

Adoption of Generative AI GenAI and agentic AI has accelerated from experimentation into real enterprise deployments. What began with copilots and chat interfaces has quickly evolved into powerful business systems that autonomously interact with sensitive data, call external APIs, connect to...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/16 5:10 p.m.7 views

New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation

As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. After all, data leaders are aware of the notion that: Your AI is only as good as your data. Organizations are skeptical about AI transformation due to concerns of sensitive data...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/16 5:10 p.m.11 views

New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation

As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. After all, data leaders are aware of the notion that: Your AI is only as good as your data. Organizations are skeptical about AI transformation due to concerns of sensitive data...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.8 views

Unity Catalog 安全漏洞

Unity Catalog is an open-source multi-modal data and AI asset governance directory developed by unitycatalog. Versions of Unity Catalog prior to 0.4.0 contain security vulnerabilities; these vulnerabilities stem from authentication bypass exploits, which could allow attackers to circumvent...

9.1CVSS5.8AI score0.00183EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2026/03/10 3:0 p.m.10 views

From Shadow Models to Audit-Ready AI Security: A Practical Path with Qualys TotalAI

Key Takeaways AI security demands a paradigm shift, treating models, endpoints, and integrations as dynamic attack surfaces requiring continuous governance. Inventory-driven visibility is foundational to managing AI sprawl, uncovering hidden assets, and aligning security with innovation velocity...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 5:37 p.m.13 views

Security Bulletin: IBM Verify Identity Governance (IVIG/ISVG) has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest updates to IBM Security Verify Governance and its re-branded version, IBM Verify Identity Governance Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0...

7.8CVSS7AI score0.0073EPSS
Exploits0Affected Software1
Microsoft Secure
Microsoft Secure
added 2026/03/09 1:0 p.m.8 views

Secure agentic AI for your Frontier Transformation

Today we shared the next step to make Frontier Transformation real for customers across every industry with Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E7: The Frontier Suite. Introducing the First Frontier Suite built on Intelligence and Trust As our customers rapidly...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/09 1:0 p.m.11 views

Secure agentic AI for your Frontier Transformation

Today we shared the next step to make Frontier Transformation real for customers across every industry with Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E7: The Frontier Suite. Introducing the First Frontier Suite built on Intelligence and Trust As our customers rapidly...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/04 11:30 a.m.5 views

New RFP Template for AI Usage Control and AI Governance 

As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need "AI Governance," but they have no idea what they are actuall...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/03 11:30 a.m.13 views

AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged

The Rise of MCPs in the Enterprise The Model Context Protocol MCP is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automa...

6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/02 10:9 p.m.11 views

@keep-network/tbtc-v2 revealing P2PKH deposit with a wrapped P2SH script

Overview P2PKH has 20 bytes just like P2SH. We protect against revealing P2PKH deposits by manually assembling the expected P2SH script in the smart contract and comparing hashes. However, we missed the case when the attacker embeds a valid P2SH inside of P2PKH as an output script. bitcoin-spv...

6AI score
Exploits0References4Affected Software1
HackRead
HackRead
added 2026/03/02 11:25 a.m.9 views

6 Ways Agentic AI Changes How Systems Act and Adapt

Learn how agentic AI changes system behavior in production environments through supervised fine-tuning, structured oversight, and lifecycle governance to improve reliability, manage risk, and support accountable deployment...

5.9AI score
Exploits0
Rows per page
Query Builder