Offensive Security stories

White Rook Cyber gains CREST accreditation as defence and critical infrastructure buyers seek certified penetration testing providers.

Anthropic and OpenAI take rival paths on AI cyber tools, as one keeps access tightly restricted while the other widens vetted user access.

HackerOne rolls out h1 Validation to help enterprises sort AI-found bugs by real-world exploitability as submissions jump 76% and critical flaws rise.

HackerOne unveils h1 Validation as vulnerability reports surge 76% and AI tools speed up discovery, leaving firms struggling to triage real threats.

LangWatch releases open-source AI red-teaming framework to expose hidden vulnerabilities in production agents through multi-turn attack simulations.

FIRST conference in Scottsdale draws 500-plus as security leaders and AI firms debate vulnerability disclosure, CWE's role and CVE's future.

TrendAI and Anthropic join forces to embed Claude in Vision One, targeting AI vulnerability research and automated cyber defences.

Synack launches AI-driven assessment to expose overlooked attack surface gaps as offensive tools speed up vulnerability discovery.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Anthropic’s Claude Code is under scrutiny after researchers found deny rules can weaken in long workflows, raising fresh concerns for AI-driven development.

Slipstream Cyber has named Chris Pallister as Head of Cyber Engineering and Operations, bolstering its 24/7 security operations centre and AI-led defence push.

Novee unveils an autonomous AI red teaming tool to probe LLM apps for prompt injection, jailbreaks and other emerging security flaws.

Qualys debuts Agent Val to validate real exploit paths in live systems, promising sharply reduced noise and faster remediation for teams.

Qualys rolls out Agent Val to live‑test exploit paths in production, promising sharper risk prioritisation and major remediation noise cuts.

Simbian unveils an AI-driven cyber security platform uniting offence and defence via a shared Context Lake to speed, link and automate response.

Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

NetSPI unveils an AI-powered overhaul of its pentesting platform UX, promising two-click workflows and sharper risk-based remediation focus.

HackerOne launches live Agentic Prompt Injection Testing to expose real-world AI exploit paths as prompt injection threats surge 540%.

Tenzai's autonomous AI agent has placed in the top 1% of major global hacking CTF contests, beating more than 125,000 human rivals.