Cisco study finds major frontier models susceptible to multi-turn prompt injection attacks

Laura FrenchMay 28, 2026

Single-turn attack success rates are not a reliable benchmark for model safety, Cisco concludes.

RESOURCES

Identity
Laying the groundwork: A practical path to identity security for AI agents
Identity
A new identity class: Why AI agents require runtime control
Application security
APIs under pressure: How AI is rewriting the rules of enterprise security
SASE
Next-generation enterprise defense: Managing risk in the age of agentic AI
Managed Security Services
The CISO shortage: Finding leadership without a leader

PODCASTS

Leadership
What Security Leaders Should Expect from RSAC – Joseph Blankenship – BSW #449
Vulnerability Management
Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland – SWN #584
Application security
AppSec Conversations on Agents, LLMs, and OWASP from RSAC – Scott Clinton, Janet Worthington, Merritt Maxim – ASW #384
AI/ML
Visibility with EDR/MDR is still important, ‘the basics’ are impossible, and the news – Rob Allen – ESW #460
Vulnerability Management
TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet… – SWN #583

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

AI agent data tools and workflow automation concept with businessman typing on laptop and interacting with digital process interface for artificial intelligence development, integration, productivity

Application security

OWASP launches FinBot to help developers secure AI agents

OWASP GenAI Security Project Team May 28, 2026

OWASP’s FinBot gives developers hands-on training to secure AI agents.

Secure By Design Pledge

Vulnerability Management

CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

Steve ZurierMay 27, 2026

CISA warns of exploited LiteSpeed flaw putting shared hosting at risk.

Threat Management

Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor

Laura FrenchMay 27, 2026

Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.

Drupal website. Drupal is a free and open-source web content management system (CMS) written in PHP.

Vulnerability Management

Drupal bug added to CISA list of known exploited vulnerabilities

Steve ZurierMay 26, 2026

Drupal SQL injection flaw CVE-2026-9082 added to CISA KEV as active attacks target sites.

Vulnerability Management

You can now nominate vulnerabilities for CISA’s KEV with this form

Laura FrenchMay 22, 2026

CISA seeks to engage the wider community to more quickly identify active exploitation.

Vulnerability Management

Cisco patches critical 10.0 flaw in Secure Workload APIs

Steve ZurierMay 22, 2026

Cisco patches critical 10.0 API flaw in Secure Workload platform.

Network Security

‘Underminr’ exploitation poses similar risks to domain fronting, researchers say

Laura FrenchMay 22, 2026

ADAMnetworks estimates about 42% of domains could be abused using the technique.

The Cybersecurity and Infrastructure Security Agency (CISA) emblem is seen at its headquarters in Arlington, Va.

Critical Infrastructure Security

Senator urges classified briefing after CISA data leak on GitHub

Steve ZurierMay 21, 2026

A GitHub leak exposed CISA credentials, sparking concerns over secrets management and leadership.

EVENTS