Supply Chain Security stories

Check Point and Flashpoint warn AI is speeding up exploit development, shrinking patch windows and forcing defenders to rethink first-line protections.

Dell adds quantum-ready protections to commercial PCs and upgrades backup, detection and recovery tools to help firms counter AI and post-quantum threats.

Anthropic's Claude Mythos cyber security model and Project Glasswing are fuelling fears that AI-driven vulnerability hunting is becoming a boardroom issue.

Cobalt's annual pentesting study says AI and supplier tools are exposing fresh weaknesses, with security teams struggling to keep pace with rapid deployment.

CrowdStrike unveils AI security coalition with Accenture, EY, IBM Cybersecurity Services, Kroll and OpenAI to spot and fix code flaws faster.

Thales brings Imperva into Google Cloud as controlled launch targets app and API protection with lower latency and simpler operations.

Lineaje survey flags a widening governance gap as most firms use AI-generated code, yet few can fully see or track it.

Check Point says Anthropic's Claude Code can quietly stash credentials in .claude/settings.local.json, which may be published in public npm packages.

LevelBlue says unsanctioned AI agents are slipping into enterprise systems, creating a hidden governance and security blind spot for businesses.

Google Cloud expands AI security with new agents, Wiz integrations and fraud defences as it targets faster, more automated cyber attacks.

Zscaler joins Anthropic's Project Glasswing to test Claude Mythos Preview in software scans, as the firm pushes zero trust against AI-driven attacks.

HackerOne unveils h1 Validation as vulnerability reports surge 76% and AI tools speed up discovery, leaving firms struggling to triage real threats.

CIS, Astrix and Cequence publish AI security guides for large language models, autonomous agents and MCP environments.

SUSE and NVIDIA unveil an enterprise AI stack aimed at regulated sectors, offering on-premise control, governance and sovereignty for production use.

Chainguard and Cursor strike partnership to embed verified open source dependencies into AI coding, aiming to curb supply chain risks at machine speed.

Tenable warns a GitHub Actions bug in Microsoft's Windows-driver-samples repo could let attackers run code and steal secrets via public issues.

AI models that can hunt and chain software flaws are forcing boards to rethink cyber defences, while scrutiny grows over Anthropic's MCP design risks.

LangWatch releases open-source AI red-teaming framework to expose hidden vulnerabilities in production agents through multi-turn attack simulations.

Azul's FY26 surge was fuelled by enterprise Java demand, with finance, healthcare and retail driving bookings as the firm expanded partnerships and tooling.

Proofpoint says a cargo theft gang spent weeks inside a decoy network, probing banking, fleet payment and load board systems for fraud.