Offensive Security stories

FIRST conference in Scottsdale draws 500-plus as security leaders and AI firms debate vulnerability disclosure, CWE's role and CVE's future.

TrendAI and Anthropic join forces to embed Claude in Vision One, targeting AI vulnerability research and automated cyber defences.

Synack launches AI-driven assessment to expose overlooked attack surface gaps as offensive tools speed up vulnerability discovery.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Anthropic’s Claude Code is under scrutiny after researchers found deny rules can weaken in long workflows, raising fresh concerns for AI-driven development.

Novee unveils an autonomous AI red teaming tool to probe LLM apps for prompt injection, jailbreaks and other emerging security flaws.

Qualys debuts Agent Val to validate real exploit paths in live systems, promising sharply reduced noise and faster remediation for teams.

Qualys rolls out Agent Val to live‑test exploit paths in production, promising sharper risk prioritisation and major remediation noise cuts.

Simbian unveils an AI-driven cyber security platform uniting offence and defence via a shared Context Lake to speed, link and automate response.

Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

NetSPI unveils an AI-powered overhaul of its pentesting platform UX, promising two-click workflows and sharper risk-based remediation focus.

HackerOne launches live Agentic Prompt Injection Testing to expose real-world AI exploit paths as prompt injection threats surge 540%.

Tenzai's autonomous AI agent has placed in the top 1% of major global hacking CTF contests, beating more than 125,000 human rivals.

Cloud identity compromise now drives over 80% of cyber incidents, as attackers increasingly abuse trusted accounts and workplace tools.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

New research from Cobalt finds 98% of surveyed pentesters prefer PTaaS to bug bounties and show almost no faith in AI-only security scanning.

Agentic AI massively accelerates elite cyber teams but can slow inexperienced hackers, Hack The Box's large-scale benchmark reveals.

LevelBlue debuts Exposure Management for Partners with Tenable, giving MSSPs and MSPs tiered, unified exposure and risk visibility tools.

LevelBlue launches Resilience Retainer, a flexible funds-based cyber incident response service with rapid SLAs and rollover security spend.