While AI adoption is now nearly universal, governance and visibility have failed to keep pace, according to a new report from Cycode.

The study shows that 97 percent of organizations are already using or piloting AI coding assistants, and all confirm having AI-generated code in their codebases. Yet, despite this near-total adoption, 81 percent lack visibility into AI usage and 65 percent report increased security risks associated with AI.

A new report, based on a global survey of 250 decision makers at large financial services organizations of over 5,000 employees, shows that 82 percent have suffered a data breach via cyberattack, or a data leak, an unintentional exposure of sensitive data, in the past year.

The report from Blancco Technology Group finds 43 percent of breaches or leaks were attributed to stolen devices and drives.

Operational technology and IT have historically tended to follow separate paths. But in recent times the spread of Internet of Things devices has seen the two moving closer together.

We spoke to David Montoya, Paessler global business development manager OT/IoT, to discuss how the OT landscape has evolved and why businesses need to be on top of the change.

AI systems are only as dependable as the data and validation that lies behind them. Yet many organizations struggle to test AI models comprehensively across languages, regions, and use cases.

That’s why crowdsourced testing platform Testlio is launching a new, end-to-end AI testing solution as the latest addition to its managed service portfolio.

New research from Sophos into ransomware in the retail industry shows that among organizations that had data encrypted, 58 percent paid the ransom to get their data back -- the second highest payment rate in five years.

The survey, of 361 retail IT and cybersecurity leaders across 16 countries, also finds that 46 percent of attacks began with an unknown security gap, while 30 percent exploited known vulnerabilities. 58 percent of victims with encrypted data paid, however, only 48 percent of attacks resulted in encryption. The median ransom demand doubled to $2 million from 2024 and average payment increased five percent to $1 million.

New research from Forescout Vedere Labs reveals that 65 percent of devices across organizations are no longer traditional IT. Of these 11 percent are network equipment, while 24 percent are part of the extended IoT, such as IoT, OT and IoMT.

Financial services (54 percent), healthcare (45 percent) and oil, gas and mining (40 percent) are the sectors that have the highest percentages of non-IT devices.

It’s known as an ‘ohno-second’ that moment in time when you realize you’ve clicked send on something you shouldn’t have. But it’s no laughing matter, a new survey of more than 300 security and IT professionals from Abnormal AI highlights the growing threat and business impact of legitimate email messages sent to the wrong recipient.

These misdirected emails can result in data breaches, regulatory violations, remediation costs, and reputational damage. The research shows 98 percent percent of security leaders consider misdirected email as a significant risk when compared to other data loss risks like malware and insider threats.

New research finds that business trust in autonomous AI is growing, with 57 percent of organizations saying they’re ‘very confident’ in the technology’s reliability in core business processes.

Yet, despite this increasing trust, implementation is lagging. The survey from Insight Enterprises shows that six in 10 organizations are stuck in pilot or experimental phases. Most are deploying AI in low-risk, narrowly defined areas, with only 24 percent using it in production for clearly scoped use cases.

A new survey of global technology leaders across Brazil, China, India, Japan, the UK and US suggests that agentic AI will reach mass or near-mass adoption by consumers in 2026.

The study by IEEE shows top uses are likely to be personal assistant/scheduler/family calendar manager (52 percent), data privacy manager (45 percent), health monitor (41 percent), errand and chore automator (41 percent) and news and information curator (36 percent).

APIs were once treated as behind-the-scenes connectors. Today, they are the enterprise nervous system, linking cloud workloads, data platforms, SaaS tools, and increasingly, autonomous AI agents. This centrality makes them irresistible targets.

According to multiple industry reports, API-related vulnerabilities are among the fastest-growing classes of security incidents. The problem isn’t just exposure; it’s amplification. A single unprotected API can open the door to everything it touches, from sensitive customer records to critical operational systems.

Cloud-native platforms are built for speed with ephemeral workloads, rapid deployments, and plenty of third-party app dependencies.

This poses a real challenge to the deployment of runtime security tools. We talked to Bob Tinker, founder and CEO of BlueRock.io, to discuss how organizations can protect their cloud systems effectively.

A new report finds that while 73 percent of employees are encouraged to use AI 33 percent don’t always follow AI policies.

The study from 1Password, based on data from 5,200 desk-based knowledge workers across the US, Canada, the UK, Germany, France, and Singapore, also finds 52 percent of employees have downloaded apps without IT approval.

Date breaches affecting businesses and online services are ever more frequent and can affect anyone who is unfortunate enough to be a customer or supplier.

Finding out the facts about a breach can be tricky, however, as information is heavily reliant on self-disclosure. Proton is launching its Data Breach Observatory, which delivers a truer picture of the risks by monitoring and reporting cyberattacks and data breaches based on data sourced directly from the dark web.

Employees receive large numbers of emails every day and it’s estimated that 25 to 35 percent of these will be from people they haven’t communicated with before. Knowing whether or not a message has come from a legitimate new sender is almost impossible.

Until now that is. Email security specialist StrongestLayer is launching AI Advisor, a security assistant designed specifically to verify first-time senders and unknown contacts in real-time.

The average household now contains 22 connected home devices and is subjected to nearly 29 attacks each day, almost triple the rate recorded last year.

This the key finding of a new joint report from Bitdefender and NETGEAR which highlights how the expanding Internet of Things ecosystem, spanning everything from smart TVs and streaming boxes to routers and cameras, has dramatically increased consumer exposure to automated cyberattacks and large-scale exploitation.