Penetration testing stories

Anthropic rolls out Claude Opus 4.7 with sharper coding, stronger image handling and new cyber safeguards, plus fresh API controls and review tools.

Banks and regulators race to assess Anthropic's controlled Mythos access, as AI cyber testing raises fears over payments, trading and wider financial stability.

CyberUp urges ministers to modernise the Computer Misuse Act as a report warns outdated rules are hampering cyber research and investment.

Study finds UK telecom firms exposing security-critical server data as Europe-wide analysis flags widespread certificate failures and critical asset weaknesses.

Synack launches AI-driven assessment to expose overlooked attack surface gaps as offensive tools speed up vulnerability discovery.

iProov warns iOS injection attacks surged 1,151% in late 2025 as generative AI fuels deepfake impersonation and identity fraud.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Acronis rolls out globally available managed detection and response for MSPs, bundling 24/7 monitoring, incident response and recovery tools.

ChatGPT flaw may have let attackers siphon sensitive user data via DNS queries, prompting OpenAI to issue a fix after researchers exposed the bug.

ExpressVPN expands beyond its VPN roots with ExpressAI, a privacy-focused platform using confidential computing to keep prompts and chats hidden.

ExpressVPN expands beyond VPNs with encrypted AI chats, launching ExpressAI on confidential computing enclaves after an audit by cybersecurity firm Cure53.

Novee unveils an autonomous AI red teaming tool to probe LLM apps for prompt injection, jailbreaks and other emerging security flaws.

Horizon3.ai doubles ARR as more than 5,200 organisations adopt its NodeZero platform, fuelled by MSSP demand and rising cyber risks.

NSS Labs warns many enterprise AI guardrails fail basic security tests, urging independent, real-world validation of protections.

Rapid7 warns that hands-on attacks against cellular IoT hardware can pivot through trusted modules to breach cloud and backend systems.

Qualys rolls out Agent Val to live‑test exploit paths in production, promising sharper risk prioritisation and major remediation noise cuts.

Simbian unveils an AI-driven cyber security platform uniting offence and defence via a shared Context Lake to speed, link and automate response.

Security flaws in 17 AI companion apps used by 150m people could expose intimate chats, photos and voice messages to attackers.

Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.