AWS launches Agent Registry to enhance visibility and control of AI agents
AWS' Agent Registry functions as a central repository for metadata describing AI agents, tools, and associated resources.
Amazon
20 articles
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most critical flaws are exploited before de...
TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover
Cybersecurity researchers have uncovered five significant security vulnerabilities in the TP-Link Archer AX53 v1.0 router.
What vibe hunting gets right about AI threat hunting, and where it breaks down
In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that ...
AWS Fixes Severe RCE, Privilege Escalation Flaws in Research and Engineering Studio
AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web po...
What Project Glasswing Means for Security Leaders
Anthropic’s Project Glasswing matters because it offers an early look at how quickly software flaws may soon be found, validated, and potentially turned into...
12 Best Practices for Securing AWS Cloud in 2026
Key Takeaways What Securing the AWS Cloud Really Means in 2026 Amazon Web Services (AWS) cloud security is the discipline of protecting cloud infrastructure,...
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the...
Cracks in the Bedrock: Agent God Mode
Unit 42 reveals "Agent God Mode" in Amazon Bedrock AgentCore. Broad IAM permissions lead to privilege escalation and data exfiltration risks.
A framework for securely collecting forensic artifacts into S3 buckets
When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and v...
Trent AI secures $13 million seed funding to enhance AI cybersecurity
Founded by former Amazon Web Services engineers, Trent AI has developed a platform designed to identify cybersecurity vulnerabilities within AI agents and th...
IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security Verify Access. These fl...
Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling
A newly disclosed flaw in OpenSSL could allow attackers to access sensitive data stored in application memory. Tracked as CVE-2026-31790, this moderate-sever...
Flatpak 1.16.4 fixes sandbox escape and three other security flaws
Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox
Unit 42 uncovers critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, demonstrating DNS tunneling and credential exposure. The post Cracks in the ...
Building AI defenses at scale: Before the threats emerge
At AWS, we’ve spent decades developing processes and tools that enable us to defend millions of customers simultaneously, wherever they operate around the wo...
GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration
GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa
China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Sto...
CUPS Vulnerabilities Could Allow Remote Attackers to Achieve Root-Level Code Execution
A team of AI-driven vulnerability hunting agents directed by security researcher Asim Viladi Oglu Manizada has discovered two critical security flaws in CUPS...
Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published
Cybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmi...