Tag:AI
CovertSwarm's web testing agent identified a critical broken access control vulnerability in a retail subscription platform's GraphQL middleware. The platform enforced authentication on its auto-generated queries, but every custom action handler bypassed the permission layer entirely, returning customer PII, subscription data, and health assessments to unauthenticated requests. This is a step-by-step breakdown of how RAID found it in under two minutes.
How RAID found unauthenticated customer data in a retail GraphQL API
CovertSwarm's web testing agent identified a critical broken access control vulnerability in a retail subscription platform's GraphQL middleware. The platform…
CovertSwarm is a founding signatory of the CREST AI Charter
CovertSwarm has become a founding signatory of the CREST AI Charter, endorsing nine principles for responsible AI use in cybersecurity.
Frontier AI models are exciting.
CovertSwarm COO Luke Potter on why frontier AI is genuinely exciting, why most of the conversation is asking the wrong…
AI Sharpens the Question. It Doesn’t Change the Answer.
The cyber security industry has spent decades selling findings instead of answers. AI tools like Mythos make the problem faster…
Mythos found a $20,000 bug. It won’t tell you who’s already inside.
Anthropic's Mythos has dominated the security conversation this week. But the debate about whether it's overhyped is the wrong argument.…
CovertSwarm launches RAID: Our red team AI division
CovertSwarm COO Luke Potter announces RAID, our Red Team AI Division, and why real adversaries made it non-negotiable.
Claude Jailbroken To Attack Mexican Government Agencies
A threat actor jailbroke Claude to orchestrate a month-long attack on Mexican government networks, stealing 150 GB of sensitive data.…
When Your IDE Becomes An Insider: Testing Agentic Dev Tools Against Indirect Prompt Injection
Agentic development tools don't need to bypass your firewall. They're already inside. And if an attacker can control what they…
What Moltbook reveals about AI agent security
The Moltbook launch exposed a critical gap: organizations deploying AI agents faster than they can secure them. Research shows 22%…