As John Watts, the Gartner VP Analyst presenting the ThreatScape, put it: cybersecurity leaders must be able to find the threat signal in all the noise. This piece is one read of that signal.
A security hole within AI dev tools has allowed attackers to escape sandboxes by misleading the humans in the loop who were supposed to knowingly approve the tool’s actions, according to cybersecurity research firm Wiz.
“We discovered GhostApproval, a systematic vulnerability pattern affecting six of the top AI coding assistants: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf [now known as Devin Desktop],” the Wiz report said. “In each case, a malicious repository can trick the agent into accessing arbitrary files outside the workspace sandbox, potentially achieving remote code execution on the developer’s machine.”
The first report of the hole came earlier this month from Cato Networks, but was limited to one platform, Cursor, whereas Wiz found that its impact was far wider.
The underlying security problem, symbolic links (symlinks), is well known and has been leveraged for decades. But GhostApproval, Wiz noted, goes well beyond their his
AI hallucinations could lead to scalable botnets, posing significant cybersecurity risks as AI systems gain more autonomous capabilities.
The post Researchers warn AI agents could become botnets through hallucinations appeared first on Crypto Briefing.
Staggered release of ChatGPT 5.6 follows similar restrictions on rival firm Anthropic’s latest AI models
OpenAI released its latest advanced AI model, called ChatGPT 5.6, on Thursday after earlier delaying the public rollout over US government concerns about cybersecurity. The Trump administration had requested last month that OpenAI limit the release to a small group of government-approved users.
OpenAI complied with the White House’s request last month. The company stated in a blogpost that it had briefed government officials on ChatGPT 5.6’s capabilities and restricted the model to trusted partners at their behest. The product’s wider release came after additional testing by the government’s Center for AI Standards and Innovation agency, according to Axios.
Continue reading...
July 9, 2026 — The European Commission has presented an Action Plan for a structured response to address the risks and harness the opportunities of advanced artificial intelligence (AI) models for […]
The post European Commission Presents EU Action Plan on Cybersecurity and Artificial Intelligence appeared first on AIwire.
The post Lithuania Solar Cybersecurity Rules Expose Europe’s Renewable Remote Access Risks appeared on BitcoinEthereumNews.com.
Grid operators in Lithuania can now disconnect solar plants above 100 kilowatts that lack required cybersecurity measures. 2. A solar installation in Lithuania. New rules test whether Europe can impose security boundaries on distributed renewable assets after they are already deployed and remotely connected. (Photo by Christopher Furlong/Getty Images) Getty Images Lithuania’s grid operators can now disconnect solar plants above 100 kilowatts that fail new cybersecurity rules. That sounds like narrow local regulation. It isn’t. It is one of the clearest signs yet that Europe’s renewable build-out has become a critical-infrastructure problem as much as a climate one. For utilities, storage developers, infrastructure investors and regulators, the question is no longer just how fast to add solar and batteries. It is who still holds remote access once those assets
Building an agent in an afternoon is now within reach of almost anyone in the enterprise with a credit card. The tools are accessible, the deployments are easy. The hard part is delivering the intended results.
Gartner predicts that more than 40% of agentic AI projects will be canceled by 2027, and the EU AI Act Article 14 requirements for human oversight for high-risk AI systems take effect on August 2, 2026. The deciding factor for whether agentic AI reaches production isn’t the model, the framework, or the use case. It’s the infrastructure beneath the agent: the part the people building agents have never had to think about.
Organizations are racing to deploy agentic AI to stay competitive, which means pressure-testing is often overlooked. Every agent project should be scrutinized by three executives asking three different sets of questions. The CISO asks whether we are exposed. The CFO asks whether we are overspending. The chief AI officer asks whether we are getting value.
As a pr
The rise in phishing scams targeting Bitcoin platforms highlights the urgent need for enhanced cybersecurity measures and user vigilance.
The post Fraudulent emails impersonate River Financial, urge recipients to update agreements appeared first on Crypto Briefing.