TechDay Australia - Australia's technology news network

Offensive Security Stories

Australian Stories

Offensive Security stories

Global Stories

Offensive Security stories

Exploitation overtakes social engineering in Rapid7 report
Ransomware

Exploitation overtakes social engineering in Rapid7 report

Exposed systems are becoming the main target, as Rapid7 says flaws were used in 38% of incidents and patch windows shrank to five days.

By Mark Tarre 3 min read Last week
TrendAI expands bug bounty to cover AI vulnerabilities
Digital Transformation

TrendAI expands bug bounty to cover AI vulnerabilities

The move widens defences for businesses as AI systems become a bigger target for attackers and zero-day flaws multiply across enterprise software.

By Mark Tarre 3 min read Last week
AI security training surges as prompt injection tops list
Security Operations Centres

AI security training surges as prompt injection tops list

AI-related training is shifting as prompt injection, model exploitation and agent hijacking shape how security teams prepare for live attacks.

By Joseph Gabriel Lagonsin 4 min read Last week
Anthropic model can chain bugs into exploits, Cloudflare
Cloud Security

Anthropic model can chain bugs into exploits, Cloudflare

The findings suggest AI-assisted bug hunting is edging closer to practical exploitation, raising the stakes for software teams racing to patch flaws.

By Mark Tarre 4 min read Last week
Synack report says vulnerability testing gap widens
Digital Transformation

Synack report says vulnerability testing gap widens

Enterprises are testing only about 32% of their attack surface, leaving many assets outside regular security checks as threats grow faster.

By Mark Tarre 4 min read This month
Sweet launches AI red-team agent to test attack paths
Cloud Security

Sweet launches AI red-team agent to test attack paths

Security teams under pressure to prove real exploitability can now test live production systems for attack paths rather than theoretical flaws.

By Sofiah Nichole Salivio 4 min read This month
IRONSCALES gets Anthropic verification for email defence
Phishing

IRONSCALES gets Anthropic verification for email defence

Verified access to Anthropic's restricted AI tools could help IRONSCALES test email defences against more realistic phishing and impersonation attacks.

By Sean Mitchell 4 min read This month
Microsoft unveils MDASH to find Windows security flaws
Network Security

Microsoft unveils MDASH to find Windows security flaws

The scanner found four critical remote code execution bugs among 16 Windows flaws, including issues in the kernel TCP/IP stack and IKEv2 service.

By Sean Mitchell 4 min read This month
CyberCX report finds 29% of tests exposed severe flaws
Digital Transformation

CyberCX report finds 29% of tests exposed severe flaws

AI systems and social engineering tests proved especially risky, as CyberCX found severe weaknesses in half and 77% of cases respectively.

By Sean Mitchell 4 min read This month
Synack launches Sara AI Pentesting for wider coverage
Data Protection

Synack launches Sara AI Pentesting for wider coverage

The move aims to widen security coverage as firms struggle to test expanding attack surfaces quickly enough.

By Joseph Gabriel Lagonsin 4 min read This month
CrowdStrike widens QuiltWorks & launches Defender hunting
Endpoint Protection

CrowdStrike widens QuiltWorks & launches Defender hunting

Enterprises using Microsoft Defender will get round-the-clock human-led threat hunting, as CrowdStrike also broadens its AI risk coalition across partners.

By Joseph Gabriel Lagonsin 4 min read This month
Intruder launches AI pentesting for faster validation
DevOps

Intruder launches AI pentesting for faster validation

Security teams can now validate scanner findings in minutes as Intruder rolls out AI agents to cut false positives and speed remediation.

By Catherine Knowles 3 min read This month
Anthropic's Mythos sparks governance fears over cyber risk
Digital Transformation

Anthropic's Mythos sparks governance fears over cyber risk

Businesses could face faster cyber attacks as experts warn Anthropic's leaked Mythos model may outpace remediation and widen governance gaps.

By Catherine Knowles 5 min read Last month
AI flaws & supply-chain risks top new pentesting report
Data Protection

AI flaws & supply-chain risks top new pentesting report

Three-quarters of organisations now see third-party software as a top risk, as AI flaws and supply-chain gaps slow security fixes.

By Joseph Gabriel Lagonsin 4 min read Last month
Anthropic & OpenAI split on cyber AI release strategy
DevOps

Anthropic & OpenAI split on cyber AI release strategy

As cyber tools become more powerful, Anthropic is limiting access while OpenAI is widening it, raising fresh fears over misuse.

By Shannon Williams 5 min read Last month
HackerOne launches h1 Validation to verify exploitable flaws
DevOps

HackerOne launches h1 Validation to verify exploitable flaws

Enterprises face a growing backlog as AI tools uncover more flaws, with HackerOne saying 25% still prove exploitable and many are critical.

By Catherine Knowles 4 min read Last month

Stories from Other Regions

Offensive Security stories

Cybersecurity has a speed problem
DevOps

Cybersecurity has a speed problem

Vulnerability exploitation has collapsed from years to hours, leaving organisations racing to fix exposed systems before attackers do.

By Jorge Monteiro 4 min read This month