AI Security
Cybersecurity innovations, AI-powered threat detection, responsible disclosure, and the defenders shaping the digital frontier.
120 articles
Rustinel Is a Fast Open-Source EDR Built in Rust
Rustinel, launched July 8, is an open-source endpoint detection tool in Rust that unifies Windows and Linux monitoring into one clean codebase.
CVE Lite CLI Scans npm Projects Right in Your Terminal
CVE Lite CLI, now an OWASP Incubator project, checks JavaScript lockfiles against the OSV database and suggests one-line fixes for npm, pnpm, Yarn, and Bun.
Cloudflare Adds IPsec Downgrade Protection for Post-Quantum Tunnels
Cloudflare shipped beta IPsec downgrade protection that makes both VPN peers sign the full handshake, blocking attackers from quietly weakening a tunnel's encryption.
New Open-Source Tools Help Blue Teams Defend AI Agents
A fresh wave of open-source security tools gives blue teams free, community-built defense for the AI agent era, protecting the newest attack surface.
SkillDetonate Catches Malicious AI-Agent Skills That Slip Past Scanners
Researchers released SkillDetonate on July 6, 2026 — a runtime auditor that sandboxes AI-agent skills and caught 97% of malicious ones static scanners miss.
OpenSSH 10.4: Post-Quantum Signatures and Quiet SSH Hardening
OpenSSH 10.4 rolls up eight security fixes and adds experimental post-quantum signatures, future-proofing the world's most trusted secure remote access tool.
Kali Linux 2026.2 Ships New Tools and Faster Boots for Security Pros
Kali Linux 2026.2 adds nine open-source penetration testing tools, roughly 3x faster VM boot, and fresh desktops for defenders and learners.
Opera Paste Protect: A Browser Shield Against ClickFix Attacks
Opera Paste Protect blocks ClickFix clipboard attacks natively, inspecting copied commands to stop clipboard-based social engineering before users paste them into a terminal.
New Open-Source Tools Help Defenders Secure AI Agents
June's open-source security roundup brings free tools for the AI-agent era: DockSec's AI-powered container fixes and detections for prompt injection.
cURL 8.21.0 Ships a Record 18 Fixes, Including a 25-Year-Old Bug
cURL 8.21.0 patched a record 18 vulnerabilities on June 24, 2026, including a 25-year-old flaw surfaced by AI-assisted code analysis, before any exploitation.
New Open-Source Tools Give Defenders Guardrails for AI Agents
A June 2026 wave of free, open-source security tools — including OWASP Agent Memory Guard and DockSec — gives defenders practical guardrails for the AI-agent era.
DarkMoon Is a New Open-Source AI Pentesting Platform Built Around Evidence
Featured June 29, 2026, DarkMoon is a free, open-source AI security-testing platform that separates planning from action and only reports findings backed by real evidence.
ZeroTier Quantum Nears Launch With End-to-End Post-Quantum Networking
ZeroTier Quantum reached RC2 on June 24, 2026, pairing NIST's ML-KEM-1024 with hybrid encryption to deliver zero-trust, post-quantum networking before Q-Day.
Linux Foundation Launches Akrites to Defend Open Source From AI Threats
On June 25, 2026, the Linux Foundation and 20 industry leaders launched Akrites to find, fix, and disclose open-source vulnerabilities ahead of AI-enabled threats.
Responsible Disclosure Helps Secure Dify, an AI Platform Powering 1M+ Apps
Security researchers responsibly disclosed the DifyTap flaws in the popular Dify AI platform on June 22, 2026 — and fixes shipped quickly, protecting more than a million AI apps.
Check Point Brings OpenAI's Frontier Cyber AI Into Customer Defenses
Check Point joined OpenAI's Daybreak Cyber Partner Program on June 22, 2026, embedding frontier AI directly into its security products to sharpen threat prevention and speed up remediation.
AI-Assisted Research Helps Fix a 29-Year-Old Squid Proxy Flaw Before Attackers Found It
Researchers used AI to help uncover and responsibly disclose Squidbleed, a memory-leak flaw lurking in the Squid web proxy since 1997 — and the coordinated fix shipped before any known exploitation.
Ent Exits Stealth With $100M to Put Prevention Back in Security
Ent emerged from stealth on June 16 with a $100M seed round to build intent-aware workspace security that reads risky human and AI-agent behavior before an action becomes an incident.
Accenture's $4.1B OT Security Push Unites Dragos, runZero, and NetRise
Accenture's roughly $4.1B move to combine Dragos, runZero, and NetRise builds an end-to-end defense for operational technology and critical infrastructure.
NeuralTrust Raises $20M to Secure Enterprise AI Agents at Scale
NeuralTrust's $20M seed round funds defensive infrastructure for enterprise AI agents, with TrustGate, TrustGuard, and TrustLens leading the way.
CISA's BOD 26-04 Shifts Federal Patching to a Smarter Risk-Based Model
CISA's new Binding Operational Directive 26-04 tells agencies to patch smarter, prioritizing vulnerabilities that are internet-facing, automatable, high-impact, and actively exploited.
CrowdStrike Gives AI Agents a Verifiable Identity and Zero Standing Privilege
CrowdStrike's Continuous Identity for AI Agents replaces static credentials with real-time, risk-aware authorization and SPIFFE-based identities for autonomous agents.
Google's New AI Agents Defend the Security Operations Center
Google added defensive AI agents to Security Operations that auto-write detection rules and triage alerts, cutting 30-minute reviews to about 60 seconds.
AISLE Snapshot Brings Frontier Vulnerability Scanning In-House
AISLE Snapshot deploys frontier-class vulnerability detection inside a company's own cloud or air-gapped network, so source code and security data never leave their control.
























