AI-Powered Phishing 2026 — How BEC Became a Multi-Persona AI Campaign

Business email compromise used to involve one attacker impersonating one executive. In 2026, Proofpoint documented BEC campaigns where AI coordinates multiple fake personas simultaneously — a fake CFO, a fake legal adviser, and a fake supplier contact all building a relationship over weeks before the final payment request arrives. The multi-persona campaign builds trust that no single-source impersonation can achieve, and AI handles all the coordination. My breakdown of how AI transformed phishing from a volume game to a precision…

Read full article →

Shadow AI Security Risks 2026 — Biggest Worry for IT Industry

Gartner surveyed 175 employees and found that 57% use personal GenAI accounts for work purposes. 33% admit to inputting sensitive information into unapproved tools. These aren't reckless employees — they're efficient ones, using the fastest available tool to get their job done. Shadow AI is what happens when an organisation deploys AI tools without clear policies, or when the approved tools are slower or less capable than the personal ones employees already use. My complete breakdown of what shadow AI…

Read full article →

Google SAIF — The Secure AI Framework Every Security Team Needs in 2026

Mandiant's M-Trends 2026 report — released this week — specifically recommends Google's Secure AI Framework (SAIF) as the foundational approach for organisations trying to secure their AI deployments. SAIF is Google's answer to the question every security team is asking: how do we build and deploy AI systems that don't create the exact vulnerabilities we're trying to defend against? My breakdown of the six SAIF principles, how they map to the real attack patterns documented in 2026, and how to…

Read full article →

How Hackers Attack AI Agents in 2026 — The Complete Threat Model

A single sentence from M-Trends 2026 — released this week — captures the 2026 AI threat landscape: adversaries are integrating AI to accelerate the attack lifecycle. My deeper version: adversaries aren't just using AI to write better phishing emails — they're targeting AI systems directly, exploiting the AI as the attack vector, and deploying AI as autonomous attack agents. Here's the complete 2026 threat model for AI agent security, built from the documented incidents and the attack patterns Mandiant, IBM…

Read full article →

How to Audit AI-Generated Code for Security — Complete 2026 Checklist

AI coding assistants generate code that works. That's a different standard from code that's secure. My experience across dozens of security assessments of AI-assisted codebases in 2026: the vulnerability classes are consistent — SQL injection from string interpolation, hardcoded credentials from placeholder patterns, missing auth checks, hallucinated package names. The good news is that these are all detectable with the right tooling and a systematic review process. My complete audit methodology for AI-generated code, from solo developers to enterprise engineering…

Read full article →

PROMPTFLUX and PROMPTSTEAL explained — AI Malware That Queries LLMs Mid-Attack (2026)

Mandiant's M-Trends 2026 report — released this week — named two malware families that represent a genuinely new category of threat in 2026: PROMPTFLUX and PROMPTSTEAL. These are not AI-assisted malware where humans use AI to write malicious code. They are malware families that actively query large language models during execution — using AI as part of their attack logic to evade detection and adapt in real time. My analysis of why this matters and what it changes for defenders.…

Read full article →

MCP Server Security Risks 2026 — Why Hackers Are Already Targeting Them

In early 2026, a supply chain attack called ClawHavoc targeted users of the OpenClaw AI agent platform through its community skill repository. Malicious packages disguised as trading bots and developer utilities deployed information-stealing malware the moment they were installed. The attack vector was MCP — Model Context Protocol — the standard that connects AI agents to external tools and services. Most developers integrating MCP servers into their AI applications have never security-reviewed them. My breakdown of why this is the…

Read full article →