Security testing stories

Cobalt's annual pentesting study says AI and supplier tools are exposing fresh weaknesses, with security teams struggling to keep pace with rapid deployment.

HackerOne unveils h1 Validation as vulnerability reports surge 76% and AI tools speed up discovery, leaving firms struggling to triage real threats.

Cyber Scheme extends professional standards to firms with new company accreditation backed by UK council benchmarks and procurement access.

LangWatch releases open-source AI red-teaming framework to expose hidden vulnerabilities in production agents through multi-turn attack simulations.

Study finds UK telecom firms exposing security-critical server data as Europe-wide analysis flags widespread certificate failures and critical asset weaknesses.

Synack launches AI-driven assessment to expose overlooked attack surface gaps as offensive tools speed up vulnerability discovery.

AI-driven exposure assessment is reshaping CTEM, helping cyber security teams move beyond vulnerability lists to prioritise business risk and cut exposure.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

GigaOm names Check Point a third-year application security leader as its WAF posts strong detection rates and low false positives.

ChatGPT flaw may have let attackers siphon sensitive user data via DNS queries, prompting OpenAI to issue a fix after researchers exposed the bug.

eScan bags AV-TEST honour as Enterprise EDR is named among the few products to win Best Advanced Protection for corporate users.

Mercury Security opens controller app platform to approved developers, with partner software bringing edge integrations and stricter security checks.

Security executives say organisations must move beyond simple backups, as Kubernetes, AI and ransomware strain recovery plans ahead of World Backup Day.

Novee unveils an autonomous AI red teaming tool to probe LLM apps for prompt injection, jailbreaks and other emerging security flaws.

Horizon3.ai doubles ARR as more than 5,200 organisations adopt its NodeZero platform, fuelled by MSSP demand and rising cyber risks.

Barcelona startup Galtea raises USD $3.2 million to scale its AI agent testing platform and launch a self-service product for developers.

NSS Labs warns many enterprise AI guardrails fail basic security tests, urging independent, real-world validation of protections.

Rapid7 warns that hands-on attacks against cellular IoT hardware can pivot through trusted modules to breach cloud and backend systems.

Commvault and TIME unveil a CISO of the Year award spotlighting security leaders driving cyber resilience amid rising AI and cloud threats.

As logins replace break‑ins, experts urge a shift from perimeter defence to operational cyber resilience grounded in identity security.