All Articles

How to apply zero trust principles to machine learning infrastructure — covering training pipeline access controls, model registry security, inference endpoint hardening, and secrets management for AI workloads.

An NHS trust has confirmed a security incident in which adversarial perturbations were applied to medical images prior to processing by an AI-assisted diagnostic system, causing systematic misclassification in a radiology screening programme.

A UK insurance provider has disclosed that its AI customer service chatbot, due to an IDOR vulnerability in the underlying API and excessive tool permissions, allowed authenticated users to retrieve policy documents and PII belonging to other customers.

A detailed post-mortem of a multi-stage intrusion in which threat actors used LLM-generated spear phishing, AI-assisted credential stuffing, and automated reconnaissance to compromise a wealth management firm — from initial access to detection.

NIST has released version 2.0 of the AI Risk Management Framework, significantly expanding guidance on adversarial ML threats, model supply chain security, and AI-specific incident response. Key changes for security teams.