AI/ML , Vulnerability Management AI adoption brings back old security gaps, says Mandiant April 28, 2026 Share By SC Staff Infosecurity Magazine reports that Mandiant, a cybersecurity company and subsidiary of Google, has warned firms that reckless integration of artificial intelligence into their systems could lead to new security flaws and the re-emergence of vulnerabilities that were identified and resolved in the past. The company has identified major security gaps in organizations using AI during controlled attack simulations. These include weak data management, exposed unencrypted data flows between AI tools and browsers, and flaws that enable attackers to modify security settings and bypass protections. After gaining initial access through social engineering, the AI-enabled systems were sometimes leveraged by attackers to escalate actions such as data theft and policy manipulation. The company emphasizes the importance of strict AI governance and consistent cybersecurity practices. "It's possible that these mistakes partly come from the fact that CISOs aren't always involved in the deployment of AI workflows, among many other reasons, I don't want to speculate, but the lack of basic security controls around AI workflow deployments is there and its a significant risk," says Jurgen Kutscher, vice president of Mandiant. An In-Depth Guide to AI Get essential knowledge and practical strategies to use AI to better your security program. Learn More SC Staff Related Identity 95% of Singapore firms push weaker AI identity rules SC Staff April 28, 2026 A stark new Delinea study reveals that 95% of Singaporean organizations are pressuring their security teams to relax identity controls in the rush to deploy artificial intelligence, even as nearly half acknowledge that their governance frameworks for AI systems remain critically deficient, according to Security Brief Asia. AI/ML Agent identity blind spot exposes enterprises SC Staff April 28, 2026 Organizations racing to deploy AI agents into production are overlooking a critical design failure: identity frameworks built for human cadences and static permissions are collapsing under the velocity of autonomous, continuously operating machine identities, creating a cascading risk where blurred accountability, assumed trust, and outdated access controls converge, according to Forbes. Security Operations Microsoft Entra ID vulnerability allowed global admin impersonation SC Staff April 28, 2026 The vulnerability, discovered by Silverfort researchers, resided in the Agent ID Administrator role. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds