New, by me: How AI Assistants are Moving the Security Goalposts

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.

Read more (and boost please!):

https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/

#openclaw #AI #agentic #aiagents #lethaltrifecta

We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists. We take this very seriously.

To be clear: Signal’s encryption and infrastructure have not been compromised and remain robust. These attacks were executed via sophisticated phishing campaigns, designed to trick users into sharing information – SMS codes and/or Signal PIN – to gain access to users’ accounts.

Who could possibly have foreseen this? Aside from anyone paying even the slightest bit of attention?

"One of the codebases…contained 2,675 distinct licensing conflicts, indicating the complexity of managing IP has grown exponentially…the mean number of vulnerabilities in code has nearly doubled since last year. Eighty-seven percent of the codebases had at least one vulnerability, 78% had high-risk vulnerabilities, and 44% had critical-risk vulnerabilities."

https://sdtimes.com/ai/report-open-source-licensing-conflicts-hit-an-all-time-high-as-organizations-struggle-to-audit-ai-generated-code-for-ip-risks/

#OpenSource