Trump Delays AI Security Executive Order
President Donald Trump has postponed the release of an executive order focused on AI security, citing concerns it could harm US AI industry competition with countries like China.
77 articles
President Donald Trump has postponed the release of an executive order focused on AI security, citing concerns it could harm US AI industry competition with countries like China.
Security teams must prepare for AI applications moving into production, leveraging data-driven discussions, agility, and future-proofing to secure them.
Cyber resilience is crucial for business continuity, as it helps organizations manage risk and ensure operations continue uninterrupted despite disruptions.
Security teams can manage shadow AI tools by building a full picture of what's running, writing a policy that works with employees, and creating a fast lane for new tool requests.
Sean Plankey, former nominee for director of the Cybersecurity and Infrastructure Security Agency, has been named US CEO of defense startup UFORCE.
Microsoft is testing a resizable taskbar and customizable Start menu in the latest Windows 11 Insider Preview Build 26300.8493.
The FTC will begin enforcing the Take It Down Act on May 19, requiring websites to remove nonconsensual deepfake media within 48 hours or face fines up to $53,088 per violation.
Advanced artificial intelligence models will fundamentally change warfare, according to a top Pentagon cyber official, representing a 'watershed moment' in the development of frontier AI models.
Anthropic's Claude Mythos Preview and OpenAI's GPT-5.5 have significantly surpassed benchmarks for autonomous cybersecurity tasks, with the AISI estimating a doubling time of approximately five months.
A group of international government agencies has released guidance on what an artificial intelligence 'ingredients list' tool should include to make AI more secure.
Hiring more analysts won't solve the SOC's alert problem due to the volume of alerts exceeding human investigation capacity.
The trial between Elon Musk and OpenAI's leaders has sparked concerns about the risks of artificial intelligence to humanity, with both sides accusing each other of trying to control the company's development of advanced AI technology.
The Cybersecurity and Infrastructure Security Agency has seen significant gains from AI automation in its security operations unit, enabling faster threat triage and response.
Data centers have become vital to modern society, making them high-value targets for cyber and physical attacks, with potential disruptions affecting not just businesses but also national security and entire economies.
The National Geospatial Intelligence Agency faces challenges in integrating AI tools, including job loss anxiety and ensuring safety while moving quickly.
The US military has reached deals with 7 tech companies, including Google and Microsoft, to use their AI in classified computer networks to augment warfighter decision-making.
Federal Chief Information Officer Greg Barbaccia is approaching Anthropic's Mythos model with caution, acknowledging its potential to strengthen federal cyber defenses despite uncertainties about its real-world performance.
Microsoft has introduced a new modern Run dialog in Windows 11, which is faster and supports dark mode, with a median time-to-show of 94ms.
Illinois Representative Delia Ramirez has been appointed as the top Democrat on the House Homeland Security Committee's Cybersecurity and Infrastructure Protection Subcommittee, replacing Eric Swalwell following his resignation from Congress.
Static audits and point-in-time dashboards can no longer keep pace with AI-accelerated threats. Security leaders must shift toward runtime visibility, identity governance, and outcome-based metrics.
NATO's Locked Shields 2026 wrapped up on Friday, bringing together more than 4,000 cybersecurity professionals from 41 countries to defend critical infrastructure against simulated live-fire cyberattacks.
As agentic AI systems capable of autonomous action take center stage at RSA Conference 2026, cybersecurity experts argue the most effective defense strategy is straightforward: if it can act, treat it like an identity.
The EU's Digital Operational Resilience Act, in force since January 17, 2025, makes credential security a binding regulatory obligation under Article 9 — and financial institutions that cannot prove compliance face direct supervisory consequences.
This week's cybersecurity highlights include unauthorized access to Anthropic's Claude Mythos, Sean Plankey withdrawing his CISA director nomination, and the UK NCSC unveiling a new hardware display-security device called SilentGlass.
Microsoft is restructuring the Windows Insider Program into just two channels — Experimental and Beta — while ending gradual feature rollouts in the Beta Channel to address long-standing tester frustrations.
Senior U.S. military leaders are confronting urgent questions about securing and controlling AI systems as the Pentagon accelerates adoption of autonomous weapons and machine-learning tools for battlefield decisions.
Microsoft is introducing several Windows Update improvements giving users greater control over update timing and reducing unexpected restart interruptions, now rolling out to Windows Insiders in Dev and Experimental channels.
Microsoft has made a new RemoveMicrosoftCopilotApp policy setting broadly available following the April 2026 Patch Tuesday, allowing IT administrators to silently remove the Copilot AI assistant from managed enterprise devices.
Israel-based Copperhelm has emerged from stealth mode after securing $7 million in seed funding for an AI-driven cloud security platform that deploys autonomous agents to investigate threats and execute remediation in real time.
Artifact management firm Cloudsmith has raised $72 million in a Series C round led by TCV, bringing its total funding to $124 million as it expands its secure software supply chain platform.
McLean, VA-based startup Rilian has closed $17.5 million in combined seed and seed extension funding to expand its agentic security orchestration platform, Caspian, targeting government, critical infrastructure, and law enforcement customers.
Sean Plankey formally asked President Trump to pull his nomination to lead CISA, citing Senate gridlock after more than a year without confirmation. The agency continues to operate under acting leadership amid deep budget cuts and ongoing personnel instability.
A House Oversight subcommittee roundtable on 'Artificial Intelligence and American Power' turned deeply anxious as lawmakers questioned AI's threat to national security, civil liberties, and humanity itself.
BleepingComputer and Kaseya are hosting a live webinar on May 14, 2026, examining how AI-powered phishing, ransomware, and business email compromise are outpacing MSP defenses and why backup and recovery must be part of every security strategy.
NAKIVO has released Backup & Replication v11.2, delivering automated real-time replication, full VMware vSphere 9 and Proxmox VE 9.0/9.1 support, OAuth 2.0 authentication, and expanded ransomware resilience for over 16,000 customers worldwide.
Flare analysts discovered an underground forum guide titled 'The Underground Guide to Legit CC Shops: Cutting Through the Bullshit,' revealing how threat actors systematically evaluate carding marketplaces, manage operational security, and build trust in a deceptive ecosystem.
Launched in early April 2026, CoChat is a new enterprise platform designed to expose and govern shadow AI usage, offering teams shared access to leading LLMs and agentic systems while enforcing human oversight over autonomous actions.
As Congress debates extending Section 702 of FISA, experts on both sides acknowledge deep uncertainty about whether the 2024 reform law improved or worsened controversial warrantless surveillance powers.
White House Chief of Staff Susie Wiles is set to meet Anthropic CEO Dario Amodei to discuss the company's new Mythos AI model, which has drawn federal attention for its national security and cybersecurity implications.
Modern cyberattacks have outpaced what governments can realistically defend alone. A shift toward deeper public-private collaboration is no longer optional — it's the only viable path forward.
National Cyber Director Sean Cairncross confirmed Wednesday that additional executive orders are expected as the Trump administration moves to implement its national cybersecurity strategy published last month.
CISA has notified CyberCorps: Scholarship for Service participants that summer 2025 internships are canceled due to a DHS funding lapse, leaving hundreds of cyber scholars in limbo for a second consecutive year.
Operational technology asset owners are being required to attest to post-quantum cryptographic readiness, but the frameworks, tools, and visibility needed to make those attestations meaningful simply don't exist in most OT environments.
Forgotten laptops issued to contractors and former employees represent a growing and underappreciated attack surface, combining credential exposure, lateral movement risk, and compliance failures into one persistent blind spot.
Researchers at Rutgers University have developed VitalID, a biometric authentication system that uses low-frequency skull vibrations generated by breathing and heartbeat to verify the identity of XR headset users without requiring any additional hardware.
Most AI detection systems learn from post-compromise artifacts, but new data from GreyNoise reveals that attacker behavior — including fresh infrastructure and behavioral spikes — frequently surfaces well before a breach is confirmed.
A new Ekoparty report based on 605 LatAm cybersecurity professionals reveals the region faces 40% more cyberattacks than the global average while struggling to tap its largely self-trained talent pool.
OpenAI has introduced a new $100 monthly Pro subscription for ChatGPT, directly mirroring Anthropic Claude's pricing structure and targeting coders and enterprise users who need advanced AI capabilities.
Healthcare professionals are turning to unsanctioned AI tools to manage crushing workloads, creating dangerous visibility gaps that compound ransomware recovery challenges. Experts say denial is no longer viable — containment and discovery are now the priority.
The OWASP Foundation has released updated AI security guidance splitting recommendations into generative AI and agentic AI tracks, while cataloguing 21 data security risks and expanding its solutions matrix from 50 to more than 170 providers.
RSAC 2026 placed artificial intelligence front and center, with more than two-thirds of sessions featuring an AI component, yet the conference's own theme — 'The Power of Community' — served as a pointed reminder that human oversight remains non-negotiable. A conspicuous absence of the US federal government added further tension to an already charged event.
Autonomous AI assistants like OpenClaw are transforming productivity for developers and IT workers, but security researchers warn they are simultaneously creating one of the largest attack surfaces the internet has ever seen.
Full Sail University is opening an on-campus IBM Cyber Defense Range powered by AWS and Cloud Range in April 2026, giving cybersecurity and IT students hands-on experience in realistic attack-and-defense simulations.
Dark Reading Editor-in-Chief Kelly Jackson Higgins reflected on RSAC 2026, noting that agentic AI arrived far sooner than the industry expected, leaving most companies playing catch-up while threat actors continue to raise the stakes.
With no US federal government representation at RSAC 2026, European Union regulators stepped in to fill the void as CISOs grapple with AI-driven threats, quantum computing, and a rapidly shifting geopolitical landscape.
With the US and Iran reaching a fragile ceasefire, security researchers warn that pauses in kinetic conflict historically do little to slow — and often accelerate — cyber operations from state-aligned threat actors.
Despite record spending and expanding security teams, breach counts and economic losses keep rising. A San Francisco panel of five security executives identified the flawed assumptions undermining the entire industry.
Nearly one in three cyber intrusions now involve valid employee credentials, and AI is making these attacks faster and cheaper than ever. Security teams must fundamentally rethink how they detect and respond to identity-based threats.
CrowdStrike has integrated Microsoft Defender for Endpoint telemetry into its Falcon Next-Gen SIEM, marking a significant shift in the once-adversarial relationship between the two cybersecurity giants.
Reddit CISO Frederick Lee and Omdia principal analyst Dave Gruber explain how AI is delivering real value in cybersecurity today — from automating runbooks to accelerating threat intelligence — and what risks organizations must still navigate.
AI dominated conversations at RSAC 2026 Conference, but new research reveals that cybersecurity professionals face mounting stress, widening skills gaps, and growing complexity — making the human factor more critical than ever.
Pluralsight has unveiled SecureReady, an end-to-end security skill development platform combining on-demand content, hands-on labs, and expert seminars to help organizations build operationally ready cybersecurity teams.
Niobium has unveiled The Fog, a private cloud infrastructure platform that keeps data encrypted throughout computation using fully homomorphic encryption. The platform enters private beta now, with a public launch targeted for late Q2 2026.
At RSAC 2026, AI dominated conversations for the fourth consecutive year, with industry leaders debating agentic systems, SOC replacement, and whether humans can realistically stay in every security decision loop.
The FBI's Internet Crime Complaint Center recorded nearly $20.9 billion in cybercrime losses in 2025, a 26% rise from the prior year and a staggering 400% increase since 2020, according to the agency's annual report.
The Department of Commerce is soliciting proposals to assemble a government-backed catalog of full-stack American AI technologies for promotion to allies and partners abroad, as mandated by President Trump's AI executive order.
Orange Business is rolling out branded calling, deepfake detection, and AI-augmented telephony to address rising impersonation fraud and eroding trust in enterprise voice channels across more than 7,000 enterprise customers worldwide.
Industrialized fraud rings are deploying AI to build synthetic identities at unprecedented scale, rendering traditional detection methods obsolete. Experts argue the only viable response is to stop reacting and start hunting.
BleepingComputer is hosting a live webinar on April 30, 2026 at 2:00 PM ET exploring how security teams can detect early threat actor signals across dark web forums, Telegram channels, and access broker marketplaces.
The February 2026 Figure breach exposed nearly 967,200 email records without a single exploit — and the downstream attack chain it enables exposes a fundamental flaw in how most organizations think about MFA.
New research from CalTech and Google suggests fault-tolerant quantum computers capable of breaking classical encryption may need far fewer qubits than previously thought, compressing the window for post-quantum migration.
Black Hat USA 2026 returns to Mandalay Bay Convention Center in Las Vegas from August 1–6, featuring four days of expert-led Trainings, a Summit Day, and a two-day main conference packed with Briefings and Arsenal tool demos.
New Qualys research analyzing over one billion CISA KEV remediation records from 10,000 organizations finds that 88% of tracked weaponized vulnerabilities were remediated slower than they were exploited, exposing a structural ceiling that staffing alone cannot fix.
MITRE has released the Fight Fraud Framework (F3), a free, open knowledge base mapping the tactics, techniques, and procedures used by fraudsters across cyber channels to steal money, assets, and information.
API attacks surged 68% year-over-year as organizations struggle with shadow APIs, broken authorization, and inadequate rate limiting. Our analysis covers the key findings from the latest industry data.
The latest analysis of global internet traffic reveals that automated bot traffic accounts for 49.1% of all web requests, with malicious bots representing a growing share. E-commerce and financial services remain the most targeted sectors.
The legal status of web scraping has shifted significantly in 2026, with new court decisions, legislative updates, and diverging approaches between the US and EU. Here is what businesses need to know about the current state of scraping law.