惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
量子位
M
MIT News - Artificial intelligence
Y
Y Combinator Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Google DeepMind News
Google DeepMind News
Hugging Face - Blog
Hugging Face - Blog
博客园_首页
雷峰网
雷峰网
I
InfoQ
罗磊的独立博客
博客园 - 聂微东
酷 壳 – CoolShell
酷 壳 – CoolShell
大猫的无限游戏
大猫的无限游戏
D
Docker
H
Hackread – Cybersecurity News, Data Breaches, AI and More
腾讯CDC
博客园 - 三生石上(FineUI控件)
The GitHub Blog
The GitHub Blog
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
S
SegmentFault 最新的问题
T
Threat Research - Cisco Blogs
H
Help Net Security
小众软件
小众软件
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
CERT Recently Published Vulnerability Notes
WordPress大学
WordPress大学
T
Tenable Blog
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
博客园 - Franky
A
Arctic Wolf
T
Threatpost
Scott Helme
Scott Helme
C
Cybersecurity and Infrastructure Security Agency CISA
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
G
GRAHAM CLULEY
Security Latest
Security Latest
Spread Privacy
Spread Privacy
L
LINUX DO - 热门话题
V
Vulnerabilities – Threatpost
P
Privacy International News Feed
S
Schneier on Security
Latest news
Latest news
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Cyber Attacks, Cyber Crime and Cyber Security
C
CXSECURITY Database RSS Feed - CXSecurity.com

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
Introducing Google AI Threat Defense to help you outpace the adversary
Francis deSouza · 2026-05-27 · via Hacker News - Newest: "AI"

AI-powered cyber threats have been receiving a lot of attention lately. AI has changed the threat landscape; cybercriminals are using it to find security cracks faster than cybersecurity teams can manually fix them. Attacks that used to take weeks to carry out can now happen in mere hours or days. Organizations need to be able to keep pace and protect themselves against AI agent-driven, high-speed attacks — but they can no longer rely on legacy, manual methods.

To defend against this range of threats, organizations need more than one model or agent. No single model will catch everything, you want to use a collection of models for multiple passes. And you need a solution that can analyze your systems, prioritize the most significant threats, patch vulnerabilities quickly, and continuously monitor for new attacks.

That’s why we’re launching Google AI Threat Defense — an automated security system designed to help you continuously monitor for and stop AI-powered threats before they can impact your business.

Built on a decade of security leadership

Security isn’t just a layer of Google’s tech stack; it’s the part of the foundation. Our secure-by-default architecture automatically blocks 10 million spam emails every minute, and protects billions of users and customers across our broad portfolio.

But protecting the modern enterprise requires constant evolution. When we needed an architecture built on trust, we pioneered Zero Trust. To secure hardware, we built Titan chips. And to help enterprises manage an avalanche of threat data, we created Google Security Operations.

Now, AI is rewriting the rules of cybersecurity. By combining the expertise of Mandiant and Wiz with the advanced reasoning and code-generation capabilities of Gemini, we’re automating defense at scale for customers. We’re deploying LLM-powered analysis to help autonomously discover software flaws, and AI agents across Wiz and CodeMender to validate risk, generate fixes, and support remediation workflows before vulnerabilities can be exploited. Unlike other model providers that simply hand security teams a massive, unprioritized list of AI-generated alerts, we deliver prioritized fixes to accelerate remediation and secure the Defender’s Advantage.

Introducing Google AI Threat Defense

Google AI Threat Defense fuses the reasoning power of Gemini and other frontier models, the contextual risk prioritization of Wiz, the code remediation capabilities of Gemini and CodeMender, and the frontline expertise of Mandiant.

By connecting real-world exposure directly to autonomously creating and prioritizing patching, AI Threat Defense helps organizations actively predict attack paths, prioritize the most significant threats, and deploy verified fixes faster than adversaries can exploit them.

AI Threat Defense is based on Google’s own approach to combating today’s threats and transforming vulnerability management across a four-step framework:

  1. Prepare: Harden your foundation, and operationalize your framework for machine-speed prioritization and response.
  2. Scan and prioritize: Conduct deep-dive analysis and AI-driven posture validation.
  3. Remediate: Implement a workflow to autonomously verify and accelerate the patching of vulnerabilities.
  4. Monitor: Transition to continuous detection and rehearsed, active response playbooks.
https://storage.googleapis.com/gweb-cloudblog-publish/original_images/Final_-_BLOG-ALT_AIThreatChart_2436x1200_v2.gif

Google AI Threat Defense can help transform vulnerability identification and remediation.

Prepare: Harden the foundation for machine-speed response

As more vulnerabilities are discovered and exploitation accelerates, the first priority is to reduce unnecessary exposure. Sensitive assets should not be reachable from the internet or exposed through untrusted paths, regardless of patch status. The goal is not only to fix known critical issues, but to reduce what is reachable, validate what can actually be exploited, and make sure new risk does not depend on manual triage.

From there, organizations need to understand how quickly they can patch and respond across exposed technologies. As common vulnerabilities and exposure (CVE) volume grows and exploitation windows shrink, teams need clear ownership, prioritization, and execution paths before the next urgent vulnerability appears. Any exposed application, service, or technology should be prioritized based on reachability, exploitability, and business impact, with a fast process to route the issue to the right owner and drive remediation.

Finally, organizations need to scan every exposure with AI. This cannot be limited to code scanning, because not every vulnerability lives in code. Many real attack paths emerge from how applications, APIs, identities, configurations, permissions, and business logic interact in a live environment. Traditional attack surface management helps identify what is exposed, but organizations now need an AI penetration tester that can continuously analyze every exposure, determine whether it can actually be exploited, and understand what it would enable an attacker to do before attackers do the same.

AI Threat Defense operationalizes this process through Wiz. Wiz continuously discovers exposed applications, infrastructure, APIs, identities, and runtime environments, creating a live exposure map so teams can reduce unnecessary reachability. Wiz’s AI, context-aware, pen-testing agent simulates attacks to identify and validate complex exploitable paths, including application-layer and identity-driven risks traditional testing often misses.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Final_-_Wiz_Ai_Demo.max-2000x2000.png

Learn how Wiz continuously scans code repositories, CI/CD pipelines, AI platforms and models, hybrid clouds, and more to surface AI-native risks.

Scan and prioritize: Conduct deep-dive analysis, AI-driven adversarial testing and exploitability validation

Strategic defense requires multiple levels of environmental scanning — moving from superficial checks to deep, AI-driven code analysis.

Frontier models can uncover complex logic flaws, risky trust boundaries, vulnerable dependencies, exposed APIs, and chains of lower-severity issues that combine into exploitable paths. But these deeper scans are more expensive, slower, and harder to run continuously across every asset.

That’s why organizations need to prioritize deep scanning for internet-facing applications, customer-facing services, sensitive data flows, authentication and authorization logic, privileged services, and other business-critical systems.

Using multiple models and multiple passes can improve coverage, because model performance varies by cybersecurity task. Some models may be stronger at application logic, others at cloud configuration, binary analysis, exploitability validation, or remediation guidance. No single model finds the superset of vulnerabilities that other models find — organizations need to use a collection of models to find a broad range of vulnerabilities with optimal cost per token.

Our multi-AI strategy creates a more cost-effective scanning strategy: Use lighter-weight, faster models for broad, continuous coverage, and reserve frontier models for the highest-risk applications and findings. With Wiz, those priorities are guided by real risk context — exposure, vulnerabilities, identity, sensitive data access, and runtime signals — so the highest-risk assets are scanned deeply not just once, but continuously as risk changes.

AI Threat Defense operationalizes this process by deploying AI security agents to help you actively hunt for deep vulnerabilities. These agents draw on multiple industry-leading frontier models via the Gemini Enterprise Agent Platform — where customers will be testing CodeMender — helping organizations choose the best model for the job, without sacrificing strict enterprise privacy, security, or data governance.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Final_-_CodeMender_title_card_-thumbnail_A.max-1300x1300.png

This demo showcases how developers can easily secure their applications using CodeMender's command-line interface (CLI).

Once a code flaw is discovered, AI Threat Defense instantly enriches and validates findings with live architectural and runtime context from Wiz. This capability transforms a raw list of model findings into a prioritized map of real business risk, filtering out the noise to focus exclusively on what is reachable. This visibility enables developers to look at the dependencies across source code libraries and binaries to understand the changes that may need to be made in concert — for example, if the signature or behavior of specific libraries needs to be altered.

Translating deep analysis into effective action, AI Threat Defense incorporates Mandiant’s expertise to create actionable response plans. This strategic guidance helps organizations manage sudden surges in critical issues, create strategies for safely retiring legacy products, and assist with rolling out AI-generated patches without overwhelming engineering teams.

Remediate: Accelerate resolution with immediate fixes

After identifying vulnerabilities, the goal is to shrink the time to remediate from weeks to minutes. AI Threat Defense achieves that velocity by driving a high-speed, autonomous workflow that provides and prioritizes fixes without placing a heavy implementation burden on your development teams.

To ensure your security keeps pace with deployment, the platform proactively generates vulnerability fixes directly in a developer’s IDE or CLI as they build. Harnessing the full reasoning power of Gemini, CodeMender works seamlessly with Antigravity and Wiz to empower engineering teams to replace vulnerable code, re-write older code to modern, memory-safe languages, and to analyze library dependencies to coordinate seamless rollouts. In parallel, it automates triage and prioritizes remediation across applications and cloud infrastructure.

Before any patch goes live, the platform automatically generates tests to verify every fix. Once remediated, libraries are tagged across both source control and production environments, providing complete end-to-end tracking to allow the organization to see which model was used to generate what patches and when.

As part of your overall risk posture, you need to understand where vulnerable systems can access sensitive data, since these paths increase exfiltration risk. By consolidating visibility across your data estate, you can identify sensitive data services that are reachable from risky workloads, and prioritize encryption, identity, network controls, exfiltration monitoring, and more.

In addition, consolidating visibility over your software development lifecycle gives you control over how software and configuration changes are being deployed.

Ultimately, our approach delivers autonomy under human supervision — empowering teams to burn down security backlogs and harden the software development lifecycle without sacrificing speed or strategic control.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Final_-_CodeMaster_devworkflow_2.max-2000x2000.png

CodeMender can find and fix deep vulnerabilities in your codebase.

Monitor: Establish machine-speed detection and rehearsed, active response

Even with a hardened foundation, true resilience requires constant vigilance in runtime. While code-level scanning pipelines are excellent at catching flaws before deployment, they cannot block an active exploit. AI Threat Defense shifts operations from manual oversight to machine-speed detection and real-time defense.

As exposure cycles accelerate, AI Threat Defense builds resilience by establishing a consistent operational framework — informed by Mandiant’s frontline expertise — where ownership is defined and outcomes are tracked.

To support active defense against automated adversaries, AI Threat Defense leverages autonomous agents, enabling teams to rapidly hunt for hidden threats, investigate suspicious activity, and respond to live attacks in real time. Together with AI Threat Defense, agentic security operations center (SOC) capabilities from Google Security Operations further enable automated detections, triage and investigation, and hunting of emerging anomalies across your network, identity, and application telemetry. This provides an ongoing monitoring capability to help you discover vulnerabilities before your adversaries do.

Finally, the platform secures the environment from the ground up, minimizing the attack surface right from the start using hardened container images built, signed, and verified daily.

How our partners use AI Threat Defense

To realize the full potential of autonomous defense, our customers are increasingly teaming up with trusted strategic advisors to guide their cloud security journey. Our ecosystem partners, including Accenture, Deloitte, Netenrich, PwC, and TENEX.AI, bring the critical expertise needed to assess your unique cloud architecture and embed AI-driven security capabilities into your existing development pipelines.

Beyond initial deployment of AI Threat Defense, these partners will deliver continuous management, custom harness building, and tailored security workflows. Together, we will help ensure that threats are being identified at machine speed and being automatically remediated, aligning with your organization's specific operational and compliance requirements.

The path forward: Outpacing the adversary with AI

The collapse of the exploit window has made one thing clear: Human-speed vulnerability management is no longer a viable strategy for enterprise risk. The era of machine-speed attacks demands an autonomous, continuous defense.

By combining the contextual risk prioritization of Wiz, the code remediation capabilities of CodeMender, the intelligence of Gemini, and the frontline expertise of Mandiant, we provide the architecture needed to match the speed of the adversary. AI Threat Defense also uses a variety of models to enable organizations to find the largest collection of vulnerabilities while managing costs enabling you to scan, remediate, and maintain your software assets on an ongoing basis.

A key part of our approach is the Google Cloud CISO Community, our close partnership with an important, growing community of industry leaders. This group includes executives from companies including Morgan Stanley, MSCI, TELUS, and Thales. Together, we are building real-time ideas into solutions and shaping the future of AI defense.

To ensure that your enterprise doesn't just keep pace with automated adversaries, but consistently outpaces them, learn more about how Google AI Threat Defense can help you fight AI with AI.

Posted in