Yubico has introduced the YubiKey 5 – Enhanced PIN, offering additional PIN capabilities for enterprises in 175 countries and 24 territories. The product is pre-configured with features to improve PIN management and user enforcement, including a mandatory minimum PIN length and requirements for increased complexity. This helps organizations meet evolving policy, compliance, and audit requirements for user authentication. The Enhanced PIN features are available on the YubiKey 5 NFC and YubiKey 5C NFC models, specifically through the YubiKey as a Service platform. The company has expanded its YubiKey as a Service to include all European Union countries and expanded its YubiEnterprise Delivery to 117 locations globally. The expanded service and new key features reflect Yubico’s effort to address the challenges posed by a changing cybersecurity landscape and varying global regulatory requirements, supporting enterprise customers in their transition to more robust authentication systems.
Legion Security’s lightweight browser extension learns directly from SOC analysts by observing their day-to-day investigation, records how they handle alerts and make decisions and translates them into scalable, automated workflows cutting investigation and response times by up to 90%
Browser-native AI security operations center startup Legion Security differs from existing solutions on the market through the use of a lightweight browser extension that learns directly from analysts by observing their day-to-day investigations. The idea is to allow the platform to capture the nuances of human expertise and translate them into scalable, automated workflows tailored to each organization’s unique tools and processes. Legion uses a three-phase operational model that moves from passive observation to full automation. In the initial “Learning Mode,” the platform shadows senior analysts and records how they handle alerts and make decisions. The next step, the “Guided Mode,” offers suggestions and performs tasks under human supervision. Finally, when teams are ready, an “Autonomous Mode” allows Legion to act independently or with selective approvals, drastically accelerating response times and reducing manual workload without sacrificing oversight. Analysts can configure exactly when and where Legion operates, restrict its access to certain tools and mask sensitive data during sessions. Every action taken by the AI is fully auditable and security teams retain final say over what is learned, applied or deployed. The offering from Legion is positioned to solve a longstanding pain point in cybersecurity: the overwhelming volume of alerts and the shortage of qualified personnel to investigate them. By converting institutional knowledge into actionable automation, the platform helps reduce triage time, cut down on false positives and eliminate repetitive documentation work. “What sets Legion apart is its browser-native AI platform,” said Sri Viswanath, managing director at Coatue. “It studies how security analysts work and instantly scales those workflows, cutting investigation and response times by up to 90%.”
Quantum-Safe 360 Alliance publishes white paper, guiding enterprises through PQC migration with best practices, crypto-agile strategies, and expertise from Keyfactor, IBM, Thales, and Quantinuum
The Quantum-Safe 360 Alliance, including members Keyfactor, IBM Consulting, Thales, and Quantinuum, unveiled its first comprehensive guide to help organizations navigate the global transition to post-quantum cryptography (PQC). The white paper marks the formal debut of the Quantum-Safe 360 Alliance, an evolving collective of industry leaders with unparalleled expertise spanning cryptographic design and deployment, public key infrastructure (PKI) and certificate lifecycle management, crypto-agile development practices, and quantum-safe cryptography. Collaborating to help enterprises tackle the challenges of PQC transitions, the Alliance’s white paper signals a coordinated, public effort to provide clear guidance and accelerate preparedness for the quantum era. Drawing upon each Alliance member’s deep proficiency and diverse capabilities, the white paper highlights the urgency of quantum-safe preparedness and the risks of inaction and provides actionable guidance on building stronger crypto-agility and starting PQC transitions. Formed to promote a unified, cross-industry approach, the Alliance aims to provide coordinated expertise and interoperable solutions to help enterprises safeguard data in the quantum era. By pooling resources and knowledge, the Alliance aims to help enterprises navigate the quantum era, including supplying organizations with cybersecurity best practices and interoperable solutions designed to work cohesively across platforms and industries. Key topics the white paper addresses include: The necessity of cryptographic agility to adapt to evolving threats; The challenges enterprises face in securing internal buy-in for PQC and strategies to overcome them; Case studies highlighting the value of holistic post-quantum preparation guided by the expertise and skills of Alliance members; A strategic roadmap for enterprises to adopt cryptographic agility; and, Best practices and tools for implementing a quantum-safe infrastructure, including PKI management, key lifecycle strategies, and quantum-generated randomness for enhanced security.
Circle and Paxos pilot “know‑your‑issuer” with Bluprynt to trace tokens to verified issuers, curbing counterfeit stablecoins and aiding auditors and regulators amid new U.S. rules
Stablecoin heavyweights Circle Internet Group Inc. and Paxos Trust Co. have piloted a new way to prevent copycats and help companies verify their digital asset holdings. The firms partnered with Bluprynt, a fintech startup using cryptography and blockchain technology to provide issuer verification when stablecoins are released by a company. The pilot provided a way to trace back a token to the verified issuer, using Bluprynt’s technology. Bluprynt’s technology gives “provenance upfront, reducing complexity, and providing regulators and investors with the transparency they need.” He noted that could help curb losses due to counterfeit tokens and impersonation attacks. It’s another sign that parts of the digital asset industry are maturing as they seek to meet new regulatory requirements being established in jurisdictions across the globe. Stablecoins are digital assets pegged to non-volatile assets, such as US dollars, and can be used as a cash equivalent for payments. The technology could benefit auditors, financial crime-fighters, and investors. Circle’s USDC is the second-largest stablecoin by market value, and Paxos issues and operates the blockchain infrastructure behind PayPal Inc.’s stablecoin, PYUSD. The number of firms offering stablecoins is expected to grow with the recently-enacted GENIUS Act, which provides a framework for dollar-backed stablecoins.
Digital twins turn defense into rehearsal: enterprises can stage zero‑days, ransomware and insider threats in a live‑fidelity mirror to preempt real‑world impact
Digital twins, virtual replicas that learn and evolve in real time, are giving security teams a way to see threats before they strike. For the first time, organizations can stage tomorrow’s attacks today, turning defense from a reaction into a rehearsal. Instead of waiting for a zero-day exploit to spread through production systems, organizations can use their twin to anticipate how an attack might unfold and block it before it becomes a problem. In short, digital twins give defenders foresight in a domain long defined by hindsight. Analysts describe this new approach as a “cyber sandbox,” but one operating at the same scale and fidelity as the production environment. Inside this mirrored environment, teams can stage ransomware attacks, phishing waves and insider threats. Before rolling out a new SaaS integration or shifting workloads into a multicloud environment, teams can rehearse the move inside their twin. If misconfigurations, privilege escalations or API blind spots emerge, they are patched in the model before they exist in production. This approach transforms change management from a gamble into a calculated maneuver, tightening resilience without slowing innovation. Startups are combining AI-driven attack generation with digital twins, producing probability maps that indicate the likelihood of future threats succeeding. In effect, these are predictive laboratories where attackers’ moves can be anticipated, not just countered.
Akeyless enables AI agents to authenticate using dynamic, just-in-time verifiable machine identities such as cloud IAM roles eliminating the need to embed secrets in code, containers, or pipelines
Akeyless, the Unified Secrets & Machine Identity Platform for the AI-driven Era, announced the launch of Akeyless SecretlessAI, a breakthrough solution purpose-built to secure the rapidly expanding universe of AI agents and Model Context Protocol (MCP) servers. Akeyless SecretlessAI™ eliminates the need to embed secrets in code, containers, or pipelines. Instead, it introduces dynamic, just-in-time secrets provisioning, where AI agents and MCP servers authenticate using verifiable machine identities — such as cloud IAM roles or Kubernetes service accounts. Akeyless extends traditional secrets management by integrating with advanced identity frameworks like SPIFFE (Secure Production Identity Framework for Everyone) through its SPIRE plugins, enabling a ‘secretless’ authentication model for workloads. Additionally, Akeyless offers built-in PKI-as-a-Service capabilities that automate the lifecycle of certificates, including issuance, renewal, and revocation, all within a secure and scalable SaaS platform. Based on centrally managed policies, Akeyless provisions ephemeral, tightly scoped secrets at runtime. This approach drastically reduces the window of compromise and supports Zero Trust and Least Privilege principles. The solution offers comprehensive auditing and centralized governance, providing visibility into every request and action. It enables policy-based access control and full lifecycle automation, empowering security and DevOps teams to enforce compliance without slowing innovation.
HUMAN Security’s solution offers actor-level visibility and intent-based control across humans, bots and AI agents and evaluates behavior and context over time, not just identity, to secure every interaction across the customer journey
HUMAN Security has launched HUMAN Sightline, a cyberfraud defense solution featuring AgenticTrust. Developed to secure every interaction across the customer journey, HUMAN Sightline preserves legitimate human activity, prevents fraud and scraping, enables trusted automation through intent-based controls and accelerates investigations. With the introduction of AgenticTrust, the solution extends visibility and control to AI agent activity across consumer-facing surfaces, including every action taken before, during and after login. This helps enterprises embrace and adopt agentic commerce, reduce fraud losses and securely scale engagement and revenue in the AI era. HUMAN Sightline, featuring AgenticTrust, secures the customer journey and unlocks safe, scalable growth with actor-level visibility and intent-based control across humans, bots and AI agents – and delivers: Actor-level visibility into humans, bots and AI agents; Adaptive trust decisioning based on behavior, context and intent over time; Governance tools to enforce policies in real time; Investigative intelligence to uncover networks and attack patterns. Key capabilities include: Agentic visibility and control: Identify AI agent activity, prevent spoofing and enable trusted automation; Adaptive trust decisioning: Evaluate behavior and context, not just identity, to determine trust; Layered detection and learning: Detect evolving threats through multi-model signal analysis; Fraud investigation intelligence: Map attacker behavior and fraud networks across the journey; Govern bots, LLMs, and agents: Block, allow, rate-limit, redirect or monetize based on traffic type and intent; Seamless deployment: Integrates into WAF, CDN, CIAM and fraud infrastructure.
New Gmail phishing wave exploits fake security warnings; Google urges users to check account activity directly, never via email links, to prevent hijacking
Google has confirmed that Gmail attacks are surging, as hackers steal passwords to gain access to accounts. This also means a surge in “suspicious sign in prevented” emails, Google’s warning that “it recently blocked an attempt to access your account.” Attackers know this — that Gmail user concerns are heightened by security warnings, and they use this to frame their attacks. “Sometimes hackers try to copy the ‘suspicious sign in prevented’ email,” Google warns, “to steal other people’s account information,” which then gives those hackers access to user accounts. If you receive this Google email warning, do not click on any link or button within the email itself. Instead, “go to your Google Account, on the left navigation panel, click security, and on the recent security events panel, click to review security events.” If any of the events raise concerns — times or locations or devices you do not recognize — then “on the top of the page click secure your account” to change your password. If you do click a link from within this email or any other email purporting to come from Google, you will be taken to a sign-in page that will be a malicious fake. If you enter your user name and password into that page, you risk them being stolen by hackers to hijack your account. And that will give them access to everything.
Anthropic and OpenAI run first cross‑lab safety tests: o3 and o4‑mini align strongly, GPT‑4o/4.1 show misuse concerns, and all models exhibit varying sycophancy under stress
AI startups Anthropic and OpenAI said that they evaluated each other’s public models, using their own safety and misalignment tests. Sharing this news and the results in separate blog posts, the companies said they looked for problems like sycophancy, whistleblowing, self-preservation, supporting human misuse and capabilities that could undermine AI safety evaluations and oversight. OpenAI wrote in its post that this collaboration was a “first-of-its-kind joint evaluation” and that it demonstrates how labs can work together on issues like these. Anthropic wrote in its post that the joint evaluation exercise was meant to help mature the field of alignment evaluations and “establish production-ready best practices.” Reporting the findings of its evaluations, Anthropic said OpenAI’s o3 and o4-mini reasoning models were aligned as well or better than its own models overall, the GPT-4o and GPT-4.1 general-purpose models showed some examples of “concerning behavior,” especially around misuse, and both companies’ models struggled to some degree with sycophancy. OpenAI wrote in its post that it found that Anthropic’s Claude 4 models generally performed well on evaluations stress-testing their ability to respect the instruction hierarchy, performed less well on jailbreaking evaluations that focused on trained-in safeguards, generally proved to be aware of their uncertainty and avoided making statements that were inaccurate, and performed especially well or especially poorly on scheming evaluation, depending on the subset of testing. Both companies said in their posts that for the purpose of testing, they relaxed some model-external safeguards that otherwise would be in operation but would interfere with the tests. They each said that their latest models, OpenAI’s GPT-5 and Anthropic’s Opus 4.1, which were released after the evaluations, have shown improvements over the earlier models.
They don’t break in — they log in: 79% of genAI attacks are malware‑free as adversaries bypass legacy IAM with stolen credentials and MFA social engineering
CrowdStrike’s 2025 Threat Hunting report reveals that vishing attacks surged by 442% in late 2024, more than doubling last year’s numbers in the first half of 2025. Adversaries are leveraging AI-driven social engineering and deepfake tools to bypass MFA and exploit credentials at scale. The report also found that 52% of all exploited vulnerabilities are related to initial access, most often through compromised identities, while the use of gen AI to create, impersonate, and abuse identities is a driving force behind these trends. Machine identities now outnumber human users by 45:1 across the average enterprise, while attackers move laterally in just 51 seconds. Traditional identity and access management systems built on static rules and quarterly reviews can’t keep pace with threats moving at machine speed. Gartner predicts information security spending will reach $213 billion in 2025, even with growth revised down to 10.7%. Ongoing threat protection is expected to push spending to $323 billion in 2029. The research firm expects to see more organizations replace legacy rule-based systems with AI-powered platforms that learn, adapt, and respond autonomously. IDC predicts robust growth in identity security.