From writing assistance to intelligent summarization, generative AI has already transformed the way businesses work. But we’re now entering a new phase where AI doesn’t just generate content, but takes independent action on our behalf.
This next evolution is called ‘agentic AI’, and it’s moving fast. Amazon recently announced a dedicated R&D group focused on agentic systems. OpenAI is advancing its Codex Agent SDK to build more capable AI “workers.” And a growing number of businesses are actively experimenting with autonomous agents to handle everything from code generation to system orchestration. While the potential is significant, so are the risks. These new systems bring fresh challenges for security teams, from unpredictable behavior and decision-making to new forms of supply chain exposure.
Read more…
Source: Rapid7
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- ‘ZombieAgent’ zero click vulnerability allows for silent account takeover
January 9, 2026
OpenAI recently introduced a new feature for ChatGPT which, unfortunately, also puts users at risk of data exfiltration and persistent access. In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows ChatGPT to connect to numerous other apps, such as calendars, cloud storage, email accounts, and similar ...
- FBI: Senior U.S. Officials Continue to be Impersonated in Malicious Messaging Campaign
December 19, 2025
This is an update to Public Service Announcement I-051525-PSA, released May 15, 2025, which can be found here. Activity dating back to 2023 reveals malicious actors have impersonated senior U.S. state government, White House, and Cabinet level officials, as well as members of Congress to target individuals, including officials’ family members and personal acquaintances. If ...
- The AI Chip Arms Race: How China Built Its Own “Manhattan Project”
December 17, 2025
In a high-security laboratory in Shenzhen, China, scientists have developed a prototype machine capable of producing advanced semiconductor chips crucial for technologies such as artificial intelligence and military applications, a goal that the U.S. has long sought to prevent. This prototype, completed in early 2025 and currently in the testing phase, occupies almost an entire factory ...
- NMFTA Releases 2026 Transportation Industry Cybersecurity Trends Report
December 16, 2025
The National Motor Freight Traffic Association, Inc. (NMFTA)™ announced the release of its 2026 Transportation Industry Cybersecurity Trends Report, the latest annual assessment of cyber threats, adversary tactics, and resilience trends shaping the future of freight and logistics in North America. Building on years of research and industry engagement, the 2026 report expands NMFTA’s flagship cybersecurity ...
- AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
December 8, 2025
Hunting high-impact, advanced malware is a difficult task. It becomes even harder and more time-consuming when defenders focus on low-detection or zero-detection samples. Every day, a huge number of files are sent to platforms like VirusTotal, and the relevant ones often get lost in all that noise. Identifying malware with low or no detections is ...
- New Prompt Injection Attack Vectors Through MCP Sampling
December 5, 2025
This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application. MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for ...