AppSec stories - Page 5

A security lapse at AI agent service Moltbook exposes risky default database settings, raising fresh alarms over agentic system safeguards.

DigiCert warns Q4 internet traffic stayed high as DDoS and app-layer attacks grew longer and more intense, eroding traditional peak seasons.

AI security fears and rapid release cycles are pushing firms to demand faster, deeper pentesting - and many are ready to ditch existing vendors.

HackerOne launches Agentic PTaaS, blending AI agents with human experts to deliver continuous, always-on penetration testing for enterprises.

AI-driven cloud adoption is forcing firms to swap static privacy checklists for continuous, real-time defence of sensitive data flows.

Cloudbrink adds Safe AI controls to its zero trust platform, securing hybrid enterprise use of AI agents and browser-based AI services.

Radware acquires Pynt to add pre-production testing and deliver unified lifecycle API security from design through to runtime defence.

Radware launches cloud-based API Security Service unifying discovery, posture management and runtime defence to counter evolving API threats.

Attackers are already exploiting AI agents, extracting hidden prompts, bypassing safety checks and abusing tools tied to data and systems.

Cobalt debuts a two-way penetration testing integration for Microsoft Teams, promising faster remediation and real-time security collaboration.

GitLab releases Duo AI Agent Platform to orchestrate AI across the full DevOps lifecycle, promising faster, governed software delivery.

F5 rolls out AI Guardrails and AI Red Team to harden runtime security, blending adversarial testing with real-time policy enforcement.

Agentic AI promises rapid software gains, but a recent Claude Code cyberattack shows how “double agents” can outpace unprepared developers.

WaveMaker predicts by 2026 AI will speed prototyping but boost demand for senior oversight, personalised UIs and specialised software agents.

Codific urges boards to prioritise preemptive cyber defence, identity and supply-chain control as 2026 scrutiny and rules tighten.

DryRun lands USD $8.7m seed round as demand grows for its AI-native code security tools targeting LLM-driven and autonomous coding workflows.

Backslash Security wins InfoWorld 2025 Technology of the Year award for AI security, spotlighting risks in AI-native software development.

Intruder finds over 42,000 sensitive tokens hidden in JavaScript bundles, exposing a major blind spot in modern web app security tools.

OWASP has launched its first Top 10 list for agentic AI, warning autonomous systems act as a powerful but risky new digital workforce.

AI-native malware, deepfake fraud and attacks on connected devices will dominate enterprise cyber risk in 2026, VIPRE has warned.