Amazon is leveraging AI not just to automate tasks, but to actively defend systems, with AI agents harnessed to simulate both attackers and defenders. Defensive agents train protocols for proactive threat detection, generate digital signatures and respond in minutes — far faster than traditional methods, according to Steve Schmidt, senior vice president and chief security officer at Amazon. Amazon.com Inc. is redefining security at the intersection of AI, physical safety and public-private collaboration. Its evolving strategy blends digital resilience with real-world safeguards to counter the speed and complexity of today’s threat landscape. “We also build tools that are defenders — their job is to identify the attacks and to extract from the attacks the signatures, which our systems can use to prevent access in the future,” he said. “What we measure now is, instead of situations where it used to take days, weeks or months to build new signatures for attacks, these agents can do it in minutes — and it’s really transformative for our ability to defend systems.” While AI unlocks accuracy and expediency, a human in the loop is still critical for validating actions before deployment. Eventually, some agents could become fully autonomous in low-risk environments, but high-stakes systems will continue to require human oversight, Schmidt added.
Princeton University study says agents may be vulnerable to memory attacks that trick them into handing over cryptocurrency
A new paper from researchers at Princeton University and the Sentient Foundation found that certain agents—AI systems that can act beyond the realm of a chatbot—could be vulnerable to memory attacks that trick them into handing over cryptocurrency. Targeting agents created with the platform ElizaOS, the researchers were able to implant false memories or “malicious instructions” that manipulated shared context in a way that could lead to “unintended asset transfers and protocol violations which could be financially devastating.” They wrote that the vulnerabilities point to an “urgent need to develop AI agents that are both secure and fiduciarily responsible.” Tyagi said the paper focused on ElizaOS because it’s “the most popular open-source agentic framework in crypto,” and on cryptocurrency because its traders have most readily embraced these types of autonomous agentic payments. While these agents do protect against basic prompt injection attacks—inputs designed to exploit the LLM—more sophisticated actors might be able to manipulate the stored memory or contexts in which these agents operate. The researchers designed a benchmark to evaluate the defenses of blockchain-based agents against these types of attacks. They also argued that the vulnerabilities extend beyond just cryptocurrency-based or even financial agents: “The application of AI agents has led to significant breakthroughs in diverse domains such as robotics, autonomous web agents, computer use agents, and personalized digital assistance. We posit that [memory injection] represents an insidious threat vector in such general agentic frameworks.”
Threat actors leverage DeepSeek-R1 popularity to attack users running Windows devices; targets users’ browsing infrastructure and establishes persistent network monitoring capabilities
Cybercriminals are exploiting the popularity of DeepSeek-R1, a popular artificial intelligence chatbot, to distribute a sophisticated new malware strain targeting Windows users. The malware, known as “BrowserVenom,” targets users’ browsing infrastructure and establishes persistent network monitoring capabilities. The campaign begins with a malvertising campaign that places fraudulent websites at the top of Google search results when users search for “deepseek r1”. The malware reconfigures all browser instances to route traffic through an attacker-controlled proxy server, allowing cybercriminals to intercept, monitor, and manipulate network communications. The infection process demonstrates sophistication through its multi-stage deployment and social engineering components.
Kusari’s AI-based pull request tool provides security risk analysis early during the pull request process, adds real-time inspection and clear “safe to merge” guidance and remediates vulnerabilities before code integration
Software supply chain security company Kusari unveiled Kusari Inspector, an AI-based pull request security tool that provides security risk analysis early during the pull request process and address them before code integration. In addition to core supply chain analysis, Kusari Inspector adds real-time pull-request inspection and clear “safe to merge” guidance. Using the tool, developers receive instant, annotated reports with inline explanations, plus step-by-step remediation instructions that flag exposed secrets, misconfigurations, risky licenses and typo-squatted dependencies. Kusari Inspector prioritizes risk by ranking vulnerable or low-trust dependencies, both direct and transitive against trusted sources such as Common Vulnerability Scoring System, Exploit Prediction Scoring System and the Known Exploited Vulnerabilities catalog. The idea is that by filtering out non-exploitable issues, the tool cuts alert noise and keeps teams focused on the threats that matter most. The AI model used by Kusari Inspector continuously learns from each codebase to refine its recommendations. Engineers can chat with the assistant to clarify findings, customize security standards and receive precise coding fixes that accelerate approvals. Additionally, it generates Software Bill of Materials data to support compliance and bolster software supply chain resilience from development through deployment.
Kyndryl to integrate Commvault’s immutable data vault based on zero-trust principles that secures backup data from unauthorized access and forensic analysis module into its cyber resiliency services
Data protection provider Commvault Systems announced a new partnership with information technology consultancy Kyndryl Holdings to help customers recover faster, advance cyber resilience and navigate the evolving regulatory landscape. The partnership between the two companies will see Commvault augment Kyndryl’s portfolio of cyber resiliency services, encompassing Incident Recovery Services, including Cyber Incident Recovery, Managed Backup Services and Hybrid Platform Recovery. The services from Commvault and Pure Storage provide a modular, four-layer architecture designed to assist with compliance and accelerate recovery across hybrid cloud environments. Commvault and Pure Storage bring to the table the Cyber Resilient Vault, an isolated and immutable data vault based on zero-trust principles that protects backup data from unauthorized access and corruption, as well as the Clean Recovery Zone, a secure space for forensic analysis, backup validation and staged recovery. The architecture also features Production Rapid Restore for fast and reliable restoration of large datasets using Pure Storage FlashBlade, enhanced with immutability via S3 Object Lock and SafeMode. Additionally, Immutable Snapshot Recovery offers application-consistent snapshot replication through Commvault IntelliSnap and Pure Storage FlashArray, enabling rapid restoration of Tier-1 workloads.
AWS to integrate CrowdStrike’s AI-powered cybersecurity platform with its automated triage and investigation capabilities, allowing customers to address the entire lifecycle of a security incident
CrowdStrike and Amazon Web Services (AWS) have launched Falcon for AWS Security Incident Response, a new program that allows AWS customers to access the CrowdStrike Falcon cybersecurity platform at preferred rates via the AWS Marketplace. The AI-driven platform enables organizations to detect more threats in less time, detecting 96% more threats twice as fast and investigating incidents 66% more quickly. The Falcon platform complements AWS Security Incident Response’s automated triage and investigation capabilities, allowing customers to address the entire lifecycle of a security incident. CrowdStrike’s offerings have been designated “Deployed on AWS”, verifying their availability and compatibility through the AWS Marketplace. The Falcon platform is based on CrowdStrike Security Cloud and uses a single, lightweight agent to simplify deployment across multiple environments while reducing security complexity. The bundled offer is managed through a customer’s existing AWS procurement channel, supporting operational efficiency and making incident response and threat investigations more accessible.
New quishing attacks see hackers embed JavaScript payloads into QR codes that execute instantly upon scanning, with no link clicks required and then hijack login pages, capture keystrokes and exfiltrate data
A new report from cybersecurity company INKY Technology Corp. is sounding the alarm over a new wave of phishing threats that use QR codes in increasingly dangerous and deceptive ways, including leveraging embedded JavaScript payloads that execute instantly upon scanning, with no link clicks required. INKY says that attackers are now going a step further by embedding raw HTML and JavaScript into QR codes using data uniform resource identifiers. The new quishing methodology differs from traditional QR threats that redirect users to malicious websites and instead include payloads that execute entirely within the browser, hijacking login pages, capturing keystrokes and even launching exploits as soon as a user scans the code. Often, users don’t even need an active internet connection if the payload is self-contained. The new technique sees attackers embed base64-encoded HTML in the QR code itself. When scanned by a mobile camera or QR scanning app, the code is automatically opened in the system browser and executed. Once the QR code has been scanned and has become active, malicious JavaScript can then simulate login portals, exfiltrate data via hidden forms and fingerprint devices for further exploitation. The QR codes also evade standard email security tools, proxies and threat intelligence systems, as the payload is embedded in the code and never touches an external URL, at least when initially executed.
Hackers drain money from mobile wallets like Apple Pay and Google Pay in seconds without the need for a card skimmer by exploiting Express Transit mode through NFC payment data relaying malware
Hackers exploit features like Express Transit mode to steal money quickly, without the need for a card skimmer. Mobile wallets like Apple Pay and Google Pay have revolutionized the way we pay, but they are not immune to attack. Some of their most convenient features, like Express Transit mode, are being exploited by hackers to steal money in seconds, without the need for a card skimmer. This mode allows commuters to bypass turnstiles without fumbling for Face ID, fingerprints, or PINs. Hackers can now grab unlocked phones, drain funds within minutes, trick users into approving payments, and exploit users who leave Express Transit enabled or use weak PINs. Recent reports show cases where phone-grabbers drained bank accounts in minutes and malware like “Ghost Tap” relayed NFC payment data globally, enabling fraudsters to make purchases anywhere in the world.
Atsign’S solution enables securely deploying AI models by eliminating open ports on AI inference nodes, data services, and MCP servers thereby removing network attack surfaces entirely and preventing discovery by botnets and external reconnaissance
Atsign announced MCP NoPorts™, a ground-breaking solution for securely deploying AI models and Model Context Protocol (MCP) servers. NoPorts Solves AI’s Core Security & Deployment Challenges: Eliminates AI Exposure (Pre-Emptive Security); Invisible Infrastructure – MCP NoPorts eliminates open ports on AI inference nodes, data services, and MCP servers. This removes network attack surfaces entirely, preventing discovery by botnets and external reconnaissance. They can’t attack what they can’t see; Cryptographic Identity Access – Every AI model, tool, or service is assigned a unique, cryptographically authenticated identity. This eliminates the need for vulnerable tokens or shared secrets. Access is granted only after identity is confirmed, delivering a zero-trust architecture that directly prevents unauthorized access and AI agent impersonation before any interaction with your tools occurs; Prevents Sensitive Data Exposure & Malicious Invocations; End-to-End Encrypted Connections – All communication to and from private AI models and MCP servers is fully encrypted by Atsign’s NoPorts, safeguarding sensitive data, proprietary logic, and AI interactions from eavesdropping and tampering, thereby preventing sensitive data exposure; Accelerates AI Deployments; No IT Bottlenecks – NoPorts removes the need for complex firewall exceptions, static IPs, or VPN setups. Developers can securely deploy and connect AI models and MCP servers in minutes, not weeks, freeing IT and networking teams from tedious configurations; Streamlined Collaboration – Securely connect developers, AI models, MCP servers and other systems globally, making seamless collaboration possible without exposing any of them to external threats.
Salt Security’s API security solution for AWS is 100% agentless and read-only, automatically discovers all APIs instantly and automates posture governance
Salt Security has launched Salt Cloud Connect for AWS, the first API security solution to provide full API visibility and posture governance without traffic data or agents. This read-only integration allows AWS customers to see every API in their environment in under two minutes, making it the fastest and least intrusive deployment in the market. Built for speed and designed for simplicity, Salt Cloud Connect for AWS helps security and DevOps teams: Get Complete Visibility in Minutes: Automatically discover all APIs across your AWS infrastructure instantly. Skip the Agents and Sensors: 100% agentless and read-only. Just connect and go. See Posture, Not Just Traffic: Identify risk exposures and misconfigurations right away—before attackers do. Automate Posture Governance: Continuously monitor and manage API posture across services and accounts. Integrate Seamlessly: Native support for AWS gateways and services ensures smooth setup and fast time-to-value. Minimize Permissions, Maximize Security: Built-in guardrails and least-privilege access ensure strong protection and compliance alignment.