AI-SOCs will automate routine tasks and create new specialized roles such as Data Engineer, Agent-Orchestrator, and Model-Trainer, rather than eliminating existing jobs.
ScarCruft uses fake Microsoft security alerts to distribute NarwhalRAT, a Python-based malware that operates in memory and communicates with command-and-control servers via compromised websites and pCloud APIs.
A large-scale attack affects at least 74,000 Fortinet firewalls and compromises administrative access to security appliances at the core of enterprise networks.
Ransomware group DragonForce disguises its command-and-control traffic via Microsoft Teams’ TURN protocol and exploits multiple CVEs and kernel exploits to bypass security software.
A publicly accessible Elasticsearch server stored 24 billion credentials from infostealer malware collections, placing millions of accounts without MFA at acute risk.
AI agents as active system participants with data access require new security approaches beyond classical governance, as their risks stem from gradual behavioral changes and Shadow AI, not from obvious violations.
Zero-trust architectures are converging with IAM systems to transform authentication from a one-time event into an ongoing process that evaluates contextual signals such as device security status, geographic location, and behavioral patterns.