I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature.

Here’s some interesting research on training AIs to automatically exploit smart contracts:

AI models are increasingly good at cyber tasks, as we’ve written about before. But what is the economic impact of these capabilities? In a recent MATS and Anthropic Fellows project, our scholars investigated this question by evaluating AI agents’ ability to exploit smart contracts on Smart CONtracts Exploitation benchmark (SCONE-bench)­a new benchmark they built comprising 405 contracts that were actually exploited between 2020 and 2025. On contracts exploited after the latest knowledge cutoffs (June 2025 for Opus 4.5 and March 2025 for other models), Claude Opus 4.5, Claude Sonnet 4.5, and GPT-5 developed exploits collectively worth $4.6 million, establishing a concrete lower bound for the economic harm these capabilities could enable. Going beyond retrospective analysis, we evaluated both Sonnet 4.5 and GPT-5 in simulation against 2,849 recently deployed contracts without any known vulnerabilities. Both agents uncovered two novel zero-day vulnerabilities and produced exploits worth $3,694, with GPT-5 doing so at an API cost of $3,476. This demonstrates as a proof-of-concept that profitable, real-world autonomous exploitation is technically feasible, a finding that underscores the need for proactive adoption of AI for defense...

The post AIs Exploiting Smart Contracts appeared first on Security Boulevard.

AI is transforming enterprise productivity and reshaping the threat model at the same time. Unlike human users, agentic AI and autonomous agents operate at machine speed and inherit broad network permissions and embedded credentials. This creates new security and compliance … Read More

The post Ring-fencing AI Workloads for NIST and ISO Compliance  appeared first on 12Port.

The post Ring-fencing AI Workloads for NIST and ISO Compliance  appeared first on Security Boulevard.

CISA and global partners issue new guidance for secure AI integration in operational technology, highlighting risks, governance, behavioral analytics, and OT safety.

The post CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks appeared first on Security Boulevard.

For too long, security has been cast as a bottleneck – swooping in after developers build and engineers test to slow things down. The reality is blunt; if it’s bolted on, you’ve already lost. The ones that win make security part of every decision, from the first line of code to the last boardroom conversation...

The post Cultural Lag Leaves Security as the Weakest Link appeared first on Security Boulevard.

Organizations are spending more than ever on cybersecurity, layering defenses around networks, endpoints, and applications. Yet a company’s documents, one of the most fundamental business assets, remains an overlooked weak spot. Documents flow across every department, cross company boundaries, and often contain the very data that compliance officers and security teams work hardest to protect...

The post Closing the Document Security Gap: Why Document Workflows Must Be Part of Cybersecurity appeared first on Security Boulevard.

The Cybersecurity Coalition, an industry group of almost a dozen vendors, is urging the Trump Administration and Congress now that the government shutdown is over to take a number of steps to strengthen the country's cybersecurity posture as China, Russia, and other foreign adversaries accelerate their attacks.

The post Cybersecurity Coalition to Government: Shutdown is Over, Get to Work appeared first on Security Boulevard.

The EU’s Cyber Resilience Act is reshaping global software security expectations, especially for SaaS, where shared responsibility, lifecycle security and strong identity protections are essential as attackers increasingly “log in” instead of breaking in.

The post The Cyber Resilience Act and SaaS: Why Compliance is Only Half the Battle  appeared first on Security Boulevard.

SANTA CLARA, Calif., Nov 25, 2025 – Recently, NSFOCUS Generative Pre-trained Transformer (NSFGPT) and Intelligent Security Operations Platform (NSFOCUS ISOP) were recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation [1]. Frost & Sullivan Best Practices Recognition awards companies each year in […]

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on Security Boulevard.

In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the […]

The post AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage appeared first on Shared Security Podcast.

The post AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage appeared first on Security Boulevard.

Do you think cyberattacks are headlines anymore? Given the frequent occurrences, it has turned headlines into a day-to-day reality, and that’s scarier! Organizations that are big names to small organizations that are still growing, every one of them is being hit one way or the other. From supply chain attacks to data breaches, the impact […]

The post Making A Cyber Crisis Plan! Key Components Not To Be Missed appeared first on Kratikal Blogs.

The post Making A Cyber Crisis Plan! Key Components Not To Be Missed appeared first on Security Boulevard.

For every organization, no matter the size or industry, the integrity and security of data is more crucial than ever as it faces the possibility of a cyber breach everyday. But what separates a company that bounces back quickly from one that suffers irreparable damage? The answer largely resides in how promptly and accurately the […]

The post Master how to report a breach for fast and effective cyber incident response first appeared on TrustCloud.

The post Master how to report a breach for fast and effective cyber incident response appeared first on Security Boulevard.

how proper JWT governance helps your organization stay compliant with SOC 2, ISO 27001, and GDPR. Explore best practices, governance frameworks, and how SSOJet ensures secure token management.

The post JWT Governance for SOC 2, ISO 27001, and GDPR — A Complete Guide appeared first on Security Boulevard.

In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright, and Kevin Johnson as they explore the changes, the continuity, and the significance of the update for application security. Learn about the importance of getting involved with the release candidate to provide feedback and suggestions. The […]

The post OWASP Top 10 for 2025: What’s New and Why It Matters appeared first on Shared Security Podcast.

The post OWASP Top 10 for 2025: What’s New and Why It Matters appeared first on Security Boulevard.

See how Morpheus AI transforms managed security economics—delivering 24/7 autonomous coverage, unified data, and exponential returns without increasing headcount.

The post How MSSPs Turn Security Alerts Into Exponential Revenue With Morpheus AI appeared first on D3 Security.

The post How MSSPs Turn Security Alerts Into Exponential Revenue With Morpheus AI appeared first on Security Boulevard.

System Audit is a mandatory technical and compliance assessment introduced by SEBI and implemented by the National Stock Exchange (NSE). Its primary purpose is to ensure that every trading member or broker operates secure, reliable, and compliant IT systems capable of safeguarding investors and market operations. Note that this audit isn’t a superficial formality. It […]

The post NSE System Audit – What is it and Who Needs It? appeared first on Kratikal Blogs.

The post NSE System Audit – What is it and Who Needs It? appeared first on Security Boulevard.

AI agents are transforming governance and compliance from slow, manual processes into real-time, autonomous systems. By eliminating data silos, automating risk assessments, and enabling multi-modal collaboration, enterprises can achieve governance at Mach speed.

The post AI Agents Mark the End of Traditional GRC  appeared first on Security Boulevard.

So long and thanks for all the fish: Peter Williams admits to selling unpatched iPhone bugs to a shady Russian broker.

The post US Defense Contractor Boss Sold Zero Days to Russia — Cops a Plea appeared first on Security Boulevard.

If your software serves federal missions, you face twin pressures to move faster and prove exactly what's in your software.

The post Transforming Software Compliance with AI SBOM Management appeared first on Security Boulevard.