In a sobering reminder of the persistent threats facing modern software development, a sophisticated NPM supply chain attack has successfully compromised multiple critical packages belonging to automation platform Zapier and the Ethereum Name Service (ENS). This incident underscores the urgent need for enhanced software supply chain security measures across enterprise development environments.

Artificial intelligence has emerged as the defining force reshaping cybersecurity in 2025, fundamentally transforming both offensive and defensive capabilities at an unprecedented pace. Security leaders now face a paradoxical reality: the same AI technologies revolutionizing threat detection and incident response are simultaneously empowering adversaries with sophisticated attack automation, adaptive malware, and hyper-personalized social engineering campaigns.

The rapid adoption of artificial intelligence agents in enterprise environments has introduced a fundamentally new category of security vulnerability that transcends traditional attack vectors. Security researchers from AppOmni are warning ServiceNow’s Now Assist generative artificial intelligence (GenAI) platform can be hijacked to turn against the user and other agents.

How five AI agents working together are changing the game for developers who code at the speed of thought

The rapid adoption of AI agents is fundamentally changing web security paradigms, creating new vulnerabilities that malicious actors are actively exploiting. AI agents from major providers like OpenAI (ChatGPT), Anthropic (Claude), and Google (Gemini) now require elevated permissions to perform transactional operations, breaking the traditional cybersecurity assumption that “good bots only read, never write.” This shift has opened the door to sophisticated spoofing attacks that can bypass traditional bot detection systems.

Underground advertising reveals the tools threat actors use — and how defenders can respond.

On October 29, 2025, OpenAI unveiled Aardvark, a groundbreaking autonomous AI security agent that promises to fundamentally transform how organizations approach software vulnerability management. Built on the advanced GPT-5 model, Aardvark represents a paradigm shift from reactive security patching to continuous, proactive threat mitigation- all without disrupting development workflows.

Researchers uncover critical vulnerability allowing manipulation of AI browsers through specially crafted content

The world is facing a fundamentally new type of cyberattack that exploits not code, but the very logic of artificial intelligence operation. Agent-aware cloaking technology uses AI browsers like OpenAI’s ChatGPT Atlas to deliver misleading content that can poison the information AI systems ingest, potentially manipulating decisions in hiring, commerce, and reputation management.

The cybersecurity landscape has entered an inflection point. Where traditional ransomware once involved attacker-coded payloads and direct encryption demands, modern campaigns are now increasingly driven by artificial intelligence: self-learning, adaptive, tailored, and increasingly difficult to detect or defend against. According to recent research, as much as 80 % of ransomware attacks now utilise artificial intelligence.