News for today:
- Ping’s new Identity for AI. Ping Identity introduced Identity for AI, for securing and enabling AI agents. The solution includes visibility, access control, governance, and privilege oversight – all good things. Ping Identity is tackling the challenges enterprises face when adopting AI agents—removing the guesswork and providing the foundation to deploy them responsibly, efficiently, and at scale. Identity for AI will provide organizations with a single control plane to manage the entire agent lifecycle. Available early 2026. Ping Identity
- Claude Desktop vulnerable to remote code execution. Koi Security found remote code execution vulnerabilities is extensions written, published, and promoted by Anthropic for Claude Desktop. A single malicious website could turn an innocent question like “Where can I play paddle in Brooklyn?” into arbitrary code execution on your machine. SSH keys, AWS credentials, browser passwords – all could be exposed simply because you asked Claude a question. No malware installation. No phishing link. Just a normal interaction with your AI assistant. Pretty nasty stuff. All three vulnerabilities in these three extensions were confirmed as high-severity (CVSS 8.9) by Anthropic. But don’t fret, they’re all fixed now. Koi Security
- Vulnerabilities in ChatGPT. Tenable Research documented seven vulnerabilities and attack techniques in ChatGPT, which could be used for exfiltration of private information from users’ memories and chat history, among other threats. The vulnerabilities include three types of prompt injections, bypassing of safety mechanisms, and conversation injection. Tenable
- Blackwired ThirdWatch updates. Blackwired enhanced ThirdWatch, its pre-emptive, intelligence-driven defense platform, with AI. ThirdWatch delivers a future-ready, AI-enhanced approach to pre-emptive defence that goes far beyond the outdated “detect and respond” systems of the past. The platform’s 3D visualisation capability provides a real-time, multi-layered view of cyber-attack campaigns and threat sequences directly targeting organisations, while its ARFi methodology actively disrupts adversaries during their reconnaissance phase. IBS Intelligence