News we paid attention to today:
- Surge in shadow GenAI usage. Menlo Security’s 2025 report found significant growth in shadow usage of generative AI services, which puts company information at risk. 68% of employees use free-tier AI tools like ChatGPT via personal accounts; with 57% inputting sensitive data. A staggering 155,005 copy and 313,120 paste attempts were logged in a single month, demonstrating how users, often unaware of the risks, are inadvertently exposing sensitive company information while simply trying to get their work done. In addition, the report notes a 50% increase in traffic to GenAI sites over a 12 month period. Menlo Security
- Open Systems launched an enhanced managed SASE solution. Open Systems updated its Managed, Universal Secure Service Edge service, including seamless integration with its Truly Universal ZTNA offering. All the SSE core components offered by Open Systems are unified into a single agent, for better security and operational efficiency. Open Systems
- Malware getting more complex and evasive. OPSWAT’s new research report finds that malware complexity has risen by 127% over the past year (with multi-stage malware a significant contributor). It also found that 1 in 14 files were actually malicious, even though traditional legacy detection systems said otherwise. The data is from 890,000 sandbox scans via Filescan.io, part of its MetaDefender platform. OPSWAT
- Reco and Black Kite partnership. Reco announced a partnership with Black Kite, for introducing an outside-in perspective on the risk profile of SaaS vendors to complement Reco’s review of risks in an organization’s SaaS ecosystem. Black Kite offers a third-party cyber risk intelligence service. Enhanced visibility is an immediate benefit: Reco now integrates Black Kite’s cyber ratings for each discovered SaaS app vendor, offering a 360-degree risk assessment within its platform. Available immediately. Reco
- MCP Server from Horizon3.ai. Horizon3.ai released its Model Context Protocol (MCP) Server, which turns pentest findings from Horizon3.ai’s NodeZero platform into actions, e.g., rotate credentials, tune defenses, open tickets, and more. Intent is to shrink the time between discovering vulnerabilities and fixing them – with automated and continuous risk assessment. Available immediately. Horizon3.ai