RSAC 2026 wrap-up – Week in security with Tony Anscombe
This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with
General
20 articles
A cunning predator: How Silver Fox preys on Japanese firms this tax season
Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code
OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in B...
Invoice Fraud Costs UK Construction Sector Millions, NCA Warns
The National Crime Agency has warned construction firms about surging invoice fraud
Cloud Phones Linked to Rising Financial Fraud Threat
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliott, Group Product Manager, Google Play Modern digital security is at a turning point. We are on t...
US: FCC Bans Foreign-Made Routers Over National Security Concerns
The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Expel has warned of malicious Chrome extensions stealing users’ AI conversations
Try our new dimensional analysis Claude plugin
We’re releasing a new Claude plugin for developing and auditing code that implements dimensional analysis, a technique we explored in our most recent blog po...
Virtual machines, virtually everywhere – and with real security gaps
Cloud VMs offer unmatched speed, scale and flexibility – all of which could eventually count for little if they’re left to fend for themselves
RSA Conference: UK NCSC Head Urges Industry to Develop Vibe Coding Safeguards
The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure
Former Ukrainian Foreign Minister Dmytro Kuleba to Address the New Cyber Frontline at Infosecurity Europe
Geopolitics and cyber warfare take center stage at Infosecurity Europe as Dmytro Kuleba discusses Ukraine’s hybrid war experience
Enterprise Cybersecurity Software Fails 20% of the Time, Warns Absolute Security
Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Ab...
Spotting issues in DeFi with dimensional analysis
Using dimensional analysis, you can categorically rule out a whole category of logic and arithmetic bugs that plague DeFi formulas. No code changes required,...
Cloud workload security: Mind the gaps
As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals
The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023
Securing the Era of Agentic AI with Prisma SASE
Prisma SASE is the comprehensive platform for the agentic AI era. Govern new AI identities, protect data from AI sprawl, and enable autonomous operations.
The Cryptographic Reset Has Begun
The 200-day TLS certificates signals a structural change in cryptographic trust. Continuous enforcement is key.