IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada

Offensive Security Stories - Page 2

Global Stories

Offensive Security stories

Anthropic model can chain bugs into exploits, Cloudflare
Cloud Security

Anthropic model can chain bugs into exploits, Cloudflare

The findings suggest AI-assisted bug hunting is edging closer to practical exploitation, raising the stakes for software teams racing to patch flaws.

By Mark Tarre 4 min read Last month
Synack report says vulnerability testing gap widens
Digital Transformation

Synack report says vulnerability testing gap widens

Enterprises are testing only about 32% of their attack surface, leaving many assets outside regular security checks as threats grow faster.

By Mark Tarre 4 min read Last month
Sweet launches AI red-team agent to test attack paths
Cloud Security

Sweet launches AI red-team agent to test attack paths

Security teams under pressure to prove real exploitability can now test live production systems for attack paths rather than theoretical flaws.

By Sofiah Nichole Salivio 4 min read Last month
IRONSCALES gets Anthropic verification for email defence
Phishing

IRONSCALES gets Anthropic verification for email defence

Verified access to Anthropic's restricted AI tools could help IRONSCALES test email defences against more realistic phishing and impersonation attacks.

By Sean Mitchell 4 min read Last month
Microsoft unveils MDASH to find Windows security flaws
Network Security

Microsoft unveils MDASH to find Windows security flaws

The scanner found four critical remote code execution bugs among 16 Windows flaws, including issues in the kernel TCP/IP stack and IKEv2 service.

By Sean Mitchell 4 min read Last month
CyberCX report finds 29% of tests exposed severe flaws
Digital Transformation

CyberCX report finds 29% of tests exposed severe flaws

AI systems and social engineering tests proved especially risky, as CyberCX found severe weaknesses in half and 77% of cases respectively.

By Sean Mitchell 4 min read Last month
Synack launches Sara AI Pentesting for wider coverage
Data Protection

Synack launches Sara AI Pentesting for wider coverage

The move aims to widen security coverage as firms struggle to test expanding attack surfaces quickly enough.

By Joseph Gabriel Lagonsin 4 min read Last month
CrowdStrike widens QuiltWorks & launches Defender hunting
Endpoint Protection

CrowdStrike widens QuiltWorks & launches Defender hunting

Enterprises using Microsoft Defender will get round-the-clock human-led threat hunting, as CrowdStrike also broadens its AI risk coalition across partners.

By Joseph Gabriel Lagonsin 4 min read Last month
Intruder launches AI pentesting for faster validation
DevOps

Intruder launches AI pentesting for faster validation

Security teams can now validate scanner findings in minutes as Intruder rolls out AI agents to cut false positives and speed remediation.

By Catherine Knowles 3 min read Last month
PhantomRPC flaw lets attackers reach SYSTEM on Windows
Endpoint Detection and Response

PhantomRPC flaw lets attackers reach SYSTEM on Windows

No patch exists for a Windows RPC weakness that can let attackers turn a service foothold into SYSTEM-level control on a host.

By Sean Mitchell 5 min read Wed, 29th Apr 2026
Anthropic's Mythos sparks governance fears over cyber risk
Digital Transformation

Anthropic's Mythos sparks governance fears over cyber risk

Businesses could face faster cyber attacks as experts warn Anthropic's leaked Mythos model may outpace remediation and widen governance gaps.

By Catherine Knowles 5 min read Mon, 27th Apr 2026
AI flaws & supply-chain risks top new pentesting report
Data Protection

AI flaws & supply-chain risks top new pentesting report

Three-quarters of organisations now see third-party software as a top risk, as AI flaws and supply-chain gaps slow security fixes.

By Joseph Gabriel Lagonsin 4 min read Sat, 25th Apr 2026
Anthropic & OpenAI split on cyber AI release strategy
DevOps

Anthropic & OpenAI split on cyber AI release strategy

As cyber tools become more powerful, Anthropic is limiting access while OpenAI is widening it, raising fresh fears over misuse.

By Shannon Williams 5 min read Thu, 23rd Apr 2026
HackerOne launches h1 Validation to verify exploitable flaws
DevOps

HackerOne launches h1 Validation to verify exploitable flaws

Enterprises face a growing backlog as AI tools uncover more flaws, with HackerOne saying 25% still prove exploitable and many are critical.

By Catherine Knowles 4 min read Thu, 23rd Apr 2026
HackerOne launches h1 Validation to tackle AI flaws
DevOps

HackerOne launches h1 Validation to tackle AI flaws

Rising AI-generated vulnerability reports are leaving security teams with record backlogs and only hours to judge which flaws hackers can exploit.

By Catherine Knowles 4 min read Wed, 22nd Apr 2026
LangWatch launches open-source tool for AI red-teaming
Data Protection

LangWatch launches open-source tool for AI red-teaming

The framework is designed to expose hidden risks in production AI systems that can be missed by conventional one-off tests.

By Sean Mitchell 4 min read Tue, 21st Apr 2026

Stories from Other Regions

Offensive Security stories

Secure.com flags 21 flaws in AI pentest on live stacks
Network Security

Secure.com flags 21 flaws in AI pentest on live stacks

Seven critical weaknesses were found in live production systems over a weekend, showing AI-driven pentests can now uncover basic flaws cheaply.

By Mark Tarre 5 min read Fri, 1st May 2026
White Rook Cyber wins CREST accreditation for testing
Firewalls

White Rook Cyber wins CREST accreditation for testing

Procurement teams in defence and critical infrastructure may now view White Rook Cyber more favourably after its CREST testing approval.

By Shannon Williams 4 min read Fri, 24th Apr 2026