DebitMyData, founded by digital sovereignty pioneer Preska Thomas, has launched its LLM Security API Suite, a next-generation platform that combines reinforcement learning with blockchain-verified digital identity. The suite offers the first plug-and-play APIs for Agentic Logos and Agentic Avatars, designed to secure AI at scale across commercial and regulatory settings. The interoperable identity infrastructure enables verification of authenticity and trust in AI outputs. The platform’s reinforcement learning core dynamically adapts to evolving AI manipulation techniques, delivering: Real-time detection and mitigation of unauthorized AI-generated content, impersonation, and biometric spoofing; Built-in global compliance with GDPR, HIPAA, AI Act, and digital sovereignty protocols, ensuring enterprise-ready, auditable privacy. Plug-and-Play Enterprise Security: Agentic Logos™: Secure your brand’s logos with a blockchain-verified fingerprint, enabling instant scanning and flagging of unauthorized usage across AI platforms—with zero technical barriers and GDPR-first privacy controls. Agentic Avatars™: Convert faces and voices into secure, self-authenticating digital signatures, verified via NFT credentials for safe identity gating in synthetic communications.
Darktrace acquires Mira Security to boost encrypted traffic visibility- with policy control and compliance capabilities that allow administrators to decrypt traffic based on predefined rules
Machine learning cybersecurity firm Darktrace PLC has acquired network traffic visibility solutions company Mira Security Inc. for an undisclosed price. Mira Security specializes in encrypted traffic orchestration with solutions that allow organizations to detect, decrypt and analyze encrypted network traffic at scale. The company’s offerings are purpose-built to provide full traffic visibility without compromising privacy, performance, or compliance mandates. Mira Security’s main offering, its Encrypted Traffic Orchestration platform, includes support for both physical appliances and virtual deployments. ETO can intercept SSL/TLS and SSH traffic across any port, decrypting it for analysis and re-encrypting it before forwarding, without the need for complex re-architecting or performance degradation. Mira also offers granular policy control and compliance capabilities that allow administrators to decrypt traffic based on predefined rules while enforcing blocking of outdated or insecure encryption protocols and managing what data is visible to different tools to ensure sensitive information remains protected. The platform additionally supports full visibility into TLS 1.3 traffic, a major challenge for many existing cybersecurity tools due to the protocol’s stricter encryption practices. The combination of Darktrace and Mira Security is said by Darktrace to close the encrypted data blind spot without impacting network performance or requiring complex re-architecting. The closer integration of Mira Security’s in-line decryption capabilities with Darktrace’s existing analysis and understanding of encrypted traffic will also provide organizations with more in-depth visibility across on-premises, cloud and hybrid environments.
Apple’s AI models are trained to refuse requests when necessary and to adapt their tone depending on where the user lives.
A recent machine learning update from Apple reveals how iOS 26 brings faster, safer AI that was trained without your texts, your photos, or your permission. Apple’s training pipeline starts with Applebot, the company’s web crawler. It collects data from sites that allow it, pulling in pages from across the internet in multiple languages. But it’s not scraping everything it finds. Applebot prioritizes clean, structured web pages and uses signals like language detection and topic analysis to filter out junk. It also handles complex websites by simulating full-page loading and running JavaScript. That allows it to gather content from modern pages that rely on interactive design. The goal is to collect useful, high-quality material without ever touching your private information. Instead of gathering more data at any cost, the company is focused on building smarter datasets from cleaner, publicly available sources. Once the data is collected, Apple trains the models in stages. It starts with supervised examples that show the model how to respond in different situations. Then it uses reinforcement learning, with real people rating model responses, to fine-tune the results. Apple also built a safety system that identifies categories like hate speech, misinformation, and stereotypes. The models are trained to refuse requests when necessary and to adapt their tone depending on where the user lives. Features powered by Apple Intelligence now respond faster, support more languages, and stay on track when given complex prompts. The Writing Tools can follow specific instructions without drifting off-topic. The image parser can turn a photo of a flyer into a calendar event, even if the design is cluttered. And all of that happens without Apple seeing what you type or share. If the model needs help from the cloud, Private Cloud Compute handles the request in encrypted memory, on servers Apple cannot access. For users, the big shift is that Apple Intelligence feels more useful without giving up control. For developers, the new Foundation Models framework offers structured outputs, safer tool integration, and Swift-native design. Developers can now use its on-device foundation model through the new Foundation Models framework. That gives third-party apps direct access to the same model that powers Apple Intelligence across iOS 26. Apple isn’t just matching competitors in model size. Its 3 billion-parameter model is optimized for Apple Silicon using 2-bit quantization and KV-cache sharing. That gives it a performance and efficiency edge without relying on the cloud. Developers get faster results, lower costs, and tighter user privacy. Instead of relying on external APIs or background network calls, apps can now integrate powerful AI locally and privately.
Unit21’s integration of Fingerprint’s device intelligence, which collects and analyzes over 100 signals from the browser, device, and network with its AML platform to help detect complex fraud types such as credential stuffing and geolocation spoofing in real-time
Unit21 announced its new device intelligence capabilities designed to help fintechs combat the ongoing threat of fraud. The company’s fraud-fighting platform now incorporates Fingerprint’s device intelligence, which collects and analyzes over 100 signals from the browser, device, and network to flag potential fraud patterns, such as repeated login attempts across multiple user accounts, in real time. Unit21 is the most flexible real-time fraud and AML platform that empowers fintechs to build and adapt faster than fraudsters without the need for complex coding, cumbersome reporting processes, or lengthy analyses. With access to persistent, highly accurate device IDs and real-time Smart Signals, such as Bot Detection, VPN Detection, and more, fintechs using Fingerprint and Unit21 can expand their arsenal of insights to combat bad actors. These newly added capabilities help tackle complex fraud types, including: Credential stuffing: Detects bot activity and repeated login attempts across multiple accounts from the same device. Elder & emergency scams: Identifies potentially suspicious activity such as new or unrecognized devices accessing an account and IP geolocation mismatches, which can signal scammers attempting to exploit vulnerable users. Tech support scams: Detects use of virtual machines, developer tools and abnormal device behavior, such as unusual spikes in activity, as well as new logins from unfamiliar devices or locations. Geolocation spoofing: Detects mismatched time zones, use of proxies, and other methods fraudsters use to evade detection.
Intruder Solutions’ free, open-source tool detects broken API authorization vulnerabilities by scanning OpenAPI-documented APIs and parsing the documentation to generate a comprehensive list of endpoints for testing
Attack surface management company Intruder Solutions Ltd. has launched AutoSwagger, a free, open-source tool that scans OpenAPI-documented application programming interfaces for broken authorization vulnerabilities. The tool aims to address the growing issue of API-related data breaches, which are up nearly 40% year-over-year. AutoSwagger is the first freely available tool proven effective in detecting dangerous API vulnerabilities. The tool works by identifying API schemas across various formats and locations, searching for OpenAPI and Swagger documentation pages, and parsing the documentation to generate a comprehensive list of endpoints for testing. It then undertakes targeted scans to detect broken authorization vulnerabilities, flags endpoints that return a successful response instead of HTTP 401 or 403 errors, and highlights endpoints where authentication is missing or ineffective. AutoSwagger analyzes any successful responses for signs of exposed sensitive data, such as personally identifiable information, credentials, or internal records.
AI CERTs 40-hour certification program provides professionals with practical skills at the intersection of AI and cybersecurity and covers Python-based security automation, AI-powered threat detection, and real-time cyberattack prevention through predictive analytics
AI CERTs® has launched its AI+ Security Level 1™ program, providing professionals with practical skills at the intersection of AI and cybersecurity. The 40-hour program, designed for modern security professionals, covers Python-based security automation, AI-powered threat detection, and real-time cyberattack prevention through predictive analytics. It covers advanced domains like machine learning in cybersecurity, AI-based authentication, and Generative Adversarial Networks (GANs), giving professionals a competitive edge in next-gen security ecosystems. The program includes 11 in-depth modules and a capstone project, ensuring operational agility in live environments. The course requires no prerequisites but a foundational understanding of Python, basic networking, cybersecurity concepts, and machine learning. The certification is ideal for security analysts, engineers, system administrators, and professionals transitioning into cybersecurity roles. It is now available globally through AI CERTs® and its Authorized Training Partners.
After initial adoption of tokenization centered on bringing legacy financial assets onto modern digital rails, the focus moves to unlocking new financial products and global participation
Real-world asset (RWA) tokenization is gaining momentum as a promising innovation on Wall Street. The US GENIUS Act, which establishes a regulatory framework for the $260 billion stablecoin market, is expected to accelerate growth in the sector. The legislation, signed into law by US President Donald Trump, is a strong signal that Congress is ready to support responsible blockchain innovation. Stablecoins, often excluded from RWA industry metrics, are backed by government bonds and other tangible assets, making them a key on-ramp for tokenization’s future growth. A favorable regulatory environment in the US will be a major catalyst for the continued evolution and adoption of tokenized assets. To date, much of the growth in tokenized assets has been concentrated in private credit and US Treasury debt. The initial adoption of tokenization has been centered on bringing legacy financial assets onto modern digital rails, with treasuries and private credit being perfect starting points. As the financial infrastructure matures, it will focus on unlocking new financial products and global participation. Aptos Labs is emerging as a hub for RWA activity, with the value of tokenized RWAs on the Aptos blockchain exceeding $540 million in late June.
Proton’s AI assistant uses zero-access encryption and keeps no logs of conversations, has end-to-end encryption for storing chats, offers a ghost mode for conversations and doesn’t require the user to have an account to use the chatbot
Privacy-focused productivity tools maker Proton released its AI assistant, called Lumo, which keeps no logs of conversations, has end-to-end encryption for storing chats, and offers a ghost mode for conversations that disappear as soon as you close the window. Lumo doesn’t require you to have an account to use the chatbot and ask questions. You can upload files to have the chatbot answer questions about them, and if you have a Proton Drive account, you can connect it with Lumo to access files stored in the cloud. While the chatbot has access to the web, it might not find you the latest results if you use it to search. Lumo is based on open source models, and will only depend on them for research and development going forward without utilizing user data to train its models. Lumo relies on zero-access encryption, an encryption method that other Proton products also use, to let users store their conversation history, which can be decrypted on the device. “Lumo is based upon open-source language models and operates from Proton’s European datacenters. This gives you much greater transparency into the way Lumo works than any other major AI assistant. Unlike Apple Intelligence and others, Lumo is not a partnership with OpenAI or other American or Chinese AI companies, and your queries are never sent to any third parties,” Proton said.
Blink Operations no-code platform lets users create unlimited, tailored micro‑agents focused on specific security tasks by leveraging visual editors or natural‑language prompts to orchestrate actions from a library of 30,000+ integrations and pre-built workflows
Enterprise cybersecurity automation platform Blink Operations has raised $50 million in new funding to accelerate its go-to-market efforts and scale updeployment of its no-code cybersecurity micro-agents platform. BlinkOps offers cybersecurity automation that gives organizations the ability to build, collaborate on and scale up security workflows via artificial intelligence-driven, no-code and low-code interfaces. The company’s platform serves as an automation hub where security teams leverage visual editors or natural‑language prompts to orchestrate actions from a library of more than 30,000 integrations and pre-built workflows. BlinkOps’ Security Micro‑Agent Builder, which launched in April, provides a drag‑and‑drop, no-code interface that allows users to create unlimited, tailored micro‑agents focused on specific security tasks, such as identity and access management, patching, alert triage, device control or vulnerability response. Agents can be assigned defined roles, domain‑specific knowledge and secure operational abilities, offering deterministic and auditable automation. The company’s micro-agents can work collaboratively as agent “teams,” communicating with each other to manage complex multistep workflows. The idea is that by distributing work across role‑specialized agents, the platform avoids reliance on a single overload‑prone agent, enabling scalable, reliable automation while keeping human-in-the-loop flexibility where needed.
Legion Security’s lightweight browser extension learns directly from SOC analysts by observing their day-to-day investigation, records how they handle alerts and make decisions and translates them into scalable, automated workflows cutting investigation and response times by up to 90%
Browser-native AI security operations center startup Legion Security differs from existing solutions on the market through the use of a lightweight browser extension that learns directly from analysts by observing their day-to-day investigations. The idea is to allow the platform to capture the nuances of human expertise and translate them into scalable, automated workflows tailored to each organization’s unique tools and processes. Legion uses a three-phase operational model that moves from passive observation to full automation. In the initial “Learning Mode,” the platform shadows senior analysts and records how they handle alerts and make decisions. The next step, the “Guided Mode,” offers suggestions and performs tasks under human supervision. Finally, when teams are ready, an “Autonomous Mode” allows Legion to act independently or with selective approvals, drastically accelerating response times and reducing manual workload without sacrificing oversight. Analysts can configure exactly when and where Legion operates, restrict its access to certain tools and mask sensitive data during sessions. Every action taken by the AI is fully auditable and security teams retain final say over what is learned, applied or deployed. The offering from Legion is positioned to solve a longstanding pain point in cybersecurity: the overwhelming volume of alerts and the shortage of qualified personnel to investigate them. By converting institutional knowledge into actionable automation, the platform helps reduce triage time, cut down on false positives and eliminate repetitive documentation work. “What sets Legion apart is its browser-native AI platform,” said Sri Viswanath, managing director at Coatue. “It studies how security analysts work and instantly scales those workflows, cutting investigation and response times by up to 90%.”