A recent exploit involving a new AI-focused browser shone a light on a critical problem–namely, that browser security is a constant issue, and AI is just making that threat more pronounced. Attackers discovered a way to use that browser’s memory features to implant hidden instructions inside an AI assistant. Once stored, those instructions triggered unwanted actions, such as unauthorised data access or code execution.

The event itself is concerning, but the larger lesson is even more important. The line between browser and operating system continues to blur. Every added function feature brings convenience, but also increases the potential attack surface.

For organisations where security and compliance define daily operations, that expansion demands more scrutiny than ever.

Read More

The increasing adoption of AI by businesses introduces security risks that current cybersecurity frameworks are not prepared to address. A particularly complex emerging threat is prompt injection attacks. These attacks manipulate the integrity of large language models and other AI systems, potentially compromising security protocols and legal compliance.

Organizations adopting AI must have a plan in place to address this new threat, which involves understanding how attackers can gain access to AI models and private data to undermine intelligent applications.

Read More

Threat actors are leveraging AI for everything from hyper-realistic phishing schemes to deepfake impersonations, synthetic identity creation, and autonomous intrusion attempts. While this is a threat to your own organization, it’s also opening up threats in the supply chain. 

These attacks don’t arise in a vacuum. They often exploit vulnerabilities within an organization’s third-party vendor ecosystem. As such, third-party risk management has emerged not only as a compliance function but as a critical pillar of cybersecurity in the AI era.

Read More