Morningstar

XBOW Embeds Continuous, AI-Driven Penetration Testing in the Microsoft Security Ecosystem

Integration with Microsoft Security Copilot and Microsoft Sentinel Data Lake Unifies AppSec and SecOps Through Autonomous Offensive Security XBOW, a leading autonomous offensive security company, ...
CSOonline

OpenAI to acquire Promptfoo to strengthen AI agent security testing

The acquisition points to rising demand for tools that test and secure LLMs before they are deployed in enterprise workflows. OpenAI said it plans to acquire AI testing startup Promptfoo, a move aimed ...
Digital Trends

Sony may be testing dynamic pricing on the PlayStation Store

Interestingly, the tests reportedly started in late 2025 and have gradually expanded since then. Under the experiment, players may see slightly different discounts for the same title, sometimes by as ...
csis.org

AI-Driven Code Analysis: What Claude Code Security Can—and Can’t—Do

Q1: How does Claude Code Security function—and how does it differ from traditional static application security testing (SAST)? A1: Conventional rule-based static analysis uses pattern matching, ...
Dark Reading

Critical OpenClaw Vulnerability Exposes AI Agent Risks

A newly disclosed — and now patched — vulnerability in the fastest-growing AI agent tool in the developer ecosystem underscores the expanding risks organizations face from deploying AI in their ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile pipeline could be missing these threats. We know that mobile development in ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
Electronic Design

GitLab’s DevSecOps Enhances Security for Software Developers

Looking at GitLab CI/CD under the hood. What “security built into the pipeline” actually means. How teams manage and act on findings at scale. GitLab DevSecOps is an integrated system that unifies ...
Forbes

Why AI-Accelerated Development Challenges Traditional Security Testing

A CTO at a fintech company recently told me something that's been keeping him up at night: "We used to ship a major release every quarter. Now we're deploying multiple times per day. But we're still ...
Business Wire

Detectify Disrupts Legacy Internal Scanning With Launch of High-Velocity Solution

STOCKHOLM & BOSTON--(BUSINESS WIRE)--Detectify, the application security testing platform for evolving attack surface coverage, today announced the launch of Internal Scanning. The new solution ...
Bleeping Computer

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...