Offensive Security stories

Cloud identity compromise now drives over 80% of cyber incidents, as attackers increasingly abuse trusted accounts and workplace tools.

Terra Security unveils Terra Portal, a desktop hub fusing AI agents with human pentesters to speed vulnerability fixes from months to hours.

Terra Security appoints Anna Sarnek VP of business strategy to steer partner-led growth and define its AI-native offensive security push.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

New research from Cobalt finds 98% of surveyed pentesters prefer PTaaS to bug bounties and show almost no faith in AI-only security scanning.

Agentic AI massively accelerates elite cyber teams but can slow inexperienced hackers, Hack The Box's large-scale benchmark reveals.

LevelBlue debuts Exposure Management for Partners with Tenable, giving MSSPs and MSPs tiered, unified exposure and risk visibility tools.

LevelBlue launches Resilience Retainer, a flexible funds-based cyber incident response service with rapid SLAs and rollover security spend.

Anthropic unveils Claude Code Security, an AI tool that scans codebases for complex bugs, verifies risks and suggests patches for developers.

Horizon3.ai appoints defence veteran Dan Bird MBE as EMEA field CTO to sharpen offensive security amid rising regional cyber threats.

CompTIA unveils SecAI+ certification to equip cybersecurity professionals with AI security, risk management and governance skills.

Bitget and BlockSec launch a UEX Security Standard, urging provable, system-wide safeguards for unified multi-asset trading platforms.

SpecterOps has launched BloodHound Scentry, a managed identity risk service to find and remediate attack paths across complex environments.

AI security fears and rapid release cycles are pushing firms to demand faster, deeper pentesting - and many are ready to ditch existing vendors.

HackerOne launches Agentic PTaaS, blending AI agents with human experts to deliver continuous, always-on penetration testing for enterprises.

AI-driven cloud adoption is forcing firms to swap static privacy checklists for continuous, real-time defence of sensitive data flows.

New UK cyber bill pushes critical sectors towards continuous offensive security testing as state-backed and criminal threats intensify.

Misconfigured cloud training labs on AWS, Google Cloud and Azure expose major firms to live attacks via overly permissive access roles.

Agentic AI promises rapid software gains, but a recent Claude Code cyberattack shows how “double agents” can outpace unprepared developers.

Astra launches a continuous cloud scanner for AWS, Azure and GCP, promising fewer false alerts by validating which risks are truly exploitable.