RSAC 2026 shipped five agent identity frameworks and left three critical gaps open

“You can deceive, manipulate, and lie. That’s an inherent property of language. It’s a feature, not a flaw,” CrowdStrike CTO Elia Zaitsev told VentureBeat in an exclusive interview at RSA Conf [...]

Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta took action without approval and exposed sensitive company and user data to employees who were not authorized to access it. Meta confirmed the incident to The Information on M [...]

CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.

During Operation Lunar Peek in November 2024, attackers gained unauthenticated remote admin access — and eventual root — across more than 13,000 exposed Palo Alto Networks management interfaces. P [...]

CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — and all three missed the same gap

CrowdStrike CEO George Kurtz highlighted in his RSA Conference 2026 keynote that the fastest recorded adversary breakout time has dropped to 27 seconds. The average is now 29 minutes, down from 48 min [...]

Nvidia's agentic AI stack is the first major platform to ship with security at launch, but governance gaps remain

For the first time on a major AI platform release, security shipped at launch — not bolted on 18 months later. At Nvidia GTC this week, five security vendors announced protection for Nvidia's a [...]

OpenClaw has 500,000 instances and no enterprise kill switch

“Your AI? It’s my AI now.” The line came from Etay Maor, VP of Threat Intelligence at Cato Networks, in an exclusive interview with VentureBeat at RSAC 2026 — and it describes exactly what hap [...]

Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help

Adversaries from cybercrime gangs to nation-state cyberattack squads are fine-tuning weaponized AI with the goal of defeating new patches in 3 days or less. The quicker the attack, the more time to ex [...]

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

An attacker embeds a single instruction inside a forwarded email. An OpenClaw agent summarizes that email as part of a normal task. The hidden instruction tells the agent to forward credentials to an [...]

Browser-based attacks hit 95% of enterprises — and traditional security tools never saw them coming

Your web gateway can't see it. Your cloud access broker can't see it. Your endpoint protection can't see it. And yet 95% of organizations experienced browser-based attacks last year, ac [...]