Penetration testing stories - Page 3

F5 Labs launches monthly AI security leaderboards, ranking popular models on new indices of risk, resilience and cost under live attack.

Security debt hits 82% of organisations as legacy flaws linger over a year, with third-party code driving most critical vulnerabilities.

Simbian launches an AI Pentest Agent that runs continuous, adaptive penetration tests, promising faster, context-aware vulnerability detection.

3DiVi unveils four-layer defence model to harden face authentication against deepfakes and spoofing as remote ID checks surge globally.

CompTIA unveils SecAI+ certification to equip cybersecurity professionals with AI security, risk management and governance skills.

Hackers are abandoning noisy ransomware to quietly steal data, as a report finds 80% of top attack techniques now focus on evasion.

Cyber firms warned over 'verification crisis' as tools flag floods of flaws but only 0.47% prove exploitable, leaving real risk unresolved.

Bitget and BlockSec launch a UEX Security Standard, urging provable, system-wide safeguards for unified multi-asset trading platforms.

SpecterOps has launched BloodHound Scentry, a managed identity risk service to find and remediate attack paths across complex environments.

Flare reports 114% annual growth among MSSPs as providers consolidate threat intelligence tools to boost services without extra analyst strain.

Routine admin tools, not exotic exploits, let attackers race across networks, compromising over half of systems in under an hour.

Netpoleon partners with Hack The Box to deliver hands-on cyber skills training and readiness tools to address ANZ's growing security gap.

AI security fears and rapid release cycles are pushing firms to demand faster, deeper pentesting - and many are ready to ditch existing vendors.

HackerOne launches Agentic PTaaS, blending AI agents with human experts to deliver continuous, always-on penetration testing for enterprises.

AI-driven cloud adoption is forcing firms to swap static privacy checklists for continuous, real-time defence of sensitive data flows.

A critical flaw in Apache bRPC's /pprof/heap endpoint allows unauthenticated remote code execution on exposed services, researchers warn.

New UK cyber bill pushes critical sectors towards continuous offensive security testing as state-backed and criminal threats intensify.

NCC Group and Delinea launch managed privileged access service, targeting AI-era identity threats with Zero Trust, cloud-native controls.

Attackers are abusing LinkedIn private messages to deliver Python-based malware via booby-trapped archives, ReliaQuest has warned.

HackerOne unveils Good Faith AI Research Safe Harbor, giving security testers clearer authorisation and protection for probing AI systems.