IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand

Security vulnerabilities Stories

Global Stories

Security vulnerabilities stories

AI coding tools raise debt & security risks, SIG warns
DevOps

AI coding tools raise debt & security risks, SIG warns

Enterprise teams using AI coding tools may face higher technical debt, security gaps and costs, according to new SIG research.

By Joseph Gabriel Lagonsin 4 min read 2 days ago
Broadcom expands Spring security for AI threat surge
Application Security

Broadcom expands Spring security for AI threat surge

Enterprises using Spring will get faster access to validated fixes as Broadcom responds to a 1700% surge in monthly security advisories.

By Joseph Gabriel Lagonsin 4 min read 2 days ago
Thoughtworks launches Agent/works for AI governance
Digital Transformation

Thoughtworks launches Agent/works for AI governance

Enterprise teams are getting a single control plane to track agent sprawl, tighten permissions and curb AI spending as autonomous systems spread.

By Joseph Gabriel Lagonsin 4 min read 3 days ago
Automotive cyber vulnerabilities surge 105%, PCA says
Cloud Security

Automotive cyber vulnerabilities surge 105%, PCA says

Connected cars face a widening attack surface as PCA flags 265 new flaws in the first quarter, with most exploitable without specialist tools.

By Joseph Gabriel Lagonsin 4 min read Last week
Liquibase launches free CVE library for Community users
DevOps

Liquibase launches free CVE library for Community users

Older Liquibase Community users can now check release-by-release vulnerabilities in a free public library covering Docker images and binaries.

By Joseph Gabriel Lagonsin 4 min read Last week
Chief information security officers face pressure over flaws
Application Security

Chief information security officers face pressure over flaws

AI-generated code is widening security gaps, with most organisations still shipping vulnerable software and CISOs under pressure to delay fixes.

By Joseph Gabriel Lagonsin 4 min read Last week
Forrester finds agentic AI stuck in enterprise pilots
Digital Transformation

Forrester finds agentic AI stuck in enterprise pilots

Most enterprises are still failing to turn agentic AI trials into usable gains, as weak governance and orchestration keep deployments in pilot mode.

By Sean Mitchell 3 min read Last week
Anthropic expands Project Glasswing to 150 organisations
Application Security

Anthropic expands Project Glasswing to 150 organisations

The wider rollout targets critical infrastructure and software maintainers after early users found more than 10,000 serious flaws.

By Mark Tarre 4 min read Last week
Visibility can shield you against $15k/min downtime
Disaster Recovery

Visibility can shield you against $15k/min downtime

Blind spots in monitoring are pushing outage bills higher, with Splunk estimating average downtime now costs USD $15,000 a minute.

By Anthony Caruana 4 min read This month
Origina expands independent maintenance to SAP customers
Digital Transformation

Origina expands independent maintenance to SAP customers

Many SAP users face rising costs and migration risk as support deadlines loom, pushing demand for independent maintenance alternatives.

By Sean Mitchell 4 min read This month
DevOps platform vulnerabilities rise in 2025 report
Disaster Recovery

DevOps platform vulnerabilities rise in 2025 report

More than half of patched flaws in major DevOps tools were high or critical in 2025, putting software supply chains at greater risk.

By Mark Tarre 4 min read This month
Australia's sovereign AI adoption stays governance-led
Data governance

Australia's sovereign AI adoption stays governance-led

Security, privacy and skills shortages are slowing Australian agencies, even as most weigh sovereign AI for defence and public health.

By Mark Tarre 4 min read Last month
IBM & Red Hat launch £5bn open-source security plan
Fintech

IBM & Red Hat launch £5bn open-source security plan

The move targets vulnerabilities in software used by large firms, as AI makes it easier to find and exploit flaws.

By Sean Mitchell 4 min read Last month
Qualys data shows vulnerability backlog widening sharply
Security Operations Centres

Qualys data shows vulnerability backlog widening sharply

Patch teams are falling behind as exploited flaws pile up, with 47 million instances still open after a year, Qualys data shows.

By Sean Mitchell 4 min read Last month
Anthropic model can chain bugs into exploits, Cloudflare
Cloud Security

Anthropic model can chain bugs into exploits, Cloudflare

The findings suggest AI-assisted bug hunting is edging closer to practical exploitation, raising the stakes for software teams racing to patch flaws.

By Mark Tarre 4 min read Last month
Bitdefender finds FamousSparrow energy sector campaign
Supply Chain

Bitdefender finds FamousSparrow energy sector campaign

Repeat breaches exposed an Azerbaijani oil and gas operator to espionage as FamousSparrow exploited Microsoft Exchange flaws for two months.

By Sean Mitchell 4 min read Last month
Qilin drives 43% rise in ransomware attacks
Ransomware

Qilin drives 43% rise in ransomware attacks

Ransomware activity stayed elevated in March, with NCC Group saying Qilin alone was linked to 136 attacks and drove a 43% monthly rise.

By Catherine Knowles 4 min read Last month

Stories from Other Regions

Security vulnerabilities stories

Secure.com flags 21 flaws in AI pentest on live stacks
Network Security

Secure.com flags 21 flaws in AI pentest on live stacks

Seven critical weaknesses were found in live production systems over a weekend, showing AI-driven pentests can now uncover basic flaws cheaply.

By Mark Tarre 5 min read Fri, 1st May 2026