At Infosecurity Europe 2026, in front of a live audience of potential customers, partners and investors, five startups competed at the inaugural Infosecurity Europe Cyber Startup competition.

After pitching the idea to a judging panel which included pioneering cybersecurity investor Shlomo Kramer, founder of Check Point, Imperva and Cato Networks, AI-native vulnerability triage platform startup Konvu won the competition.

The prize package includes exhibition space at Infosecurity Europe 2027, PR support from cybersecurity PR agency Origin Communications and a future-brand workshop package from Dusted brand consultancy.

Konvu automates vulnerability investigation. At a time when attackers are at weaponizing issues and probing complex environments faster than ever before, Konvu looks to aid organizations stay on top of the bottleneck.

The company was established in 2024 by co-founder and CEO Lucas Masson. In this conversation with Infosecurity he discussed what it means to have won the inaugural Infosecurity Europe Cyber Startup competition and what’s next for Konvu.

Infosecurity Magazine: How does it feel to have the backing of the judging panel at Infosecurity Europe?

Lucas Masson: If I take Schlomo as an example, he has built generational companies like Check Point and Imperva. He understands the problems in the cybersecurity space better than probably anyone else in the world, so it’s a privilege to have validation from someone like him.

IM: What does mean for Konvu?

LM: In early-stage startups, particularly in security, it’s all about trust. I think that this win builds trust for potential buyers. We’re excited to get the products in the hands of new companies. And hopefully this win will help us on this journey.

IM: What do you think it was about Konvu that helped you win the competition?

LM: I think we’re living in a very specific moment right now. Mythos and all of the other LLM products have created a lot of strain on the vulnerability management programs that were already overflowing with vulnerabilities.

We see that Mythos and other similar products are going to trigger massive spikes of vulnerabilities detected, creating downstream problems in vulnerability management programs.

You need dedicated people to investigate vulnerabilities, decide which ones matter and how to fix them. But that’s a human component that’s hard to scale, especially around false positives which need to be triaged by dedicated teams: we help specifically with that.

All the companies here address very significant problems for organizations. We’ve probably benefited from the fact that is a lot of spotlight on this problem now.

IM: How does Konvu help companies solve this problem?

LM: Most enterprise companies today have a lot of different scanners that find hundreds of thousands – and sometimes millions – of vulnerabilities. Those millions of vulnerabilities need to be prioritized because you can’t remediate a million vulnerabilities. That’s the current state of the problem.

What we do is sit on top of the scanners. We don’t require an enterprise to replace their anything, we integrate nicely into their investigation process.

We help augment the existing security teams with AI agents which help them automate the very repetitive and manual part of their jobs, collecting information on vulnerabilities and understanding what is vulnerable and needs fixing and then remediation.

The goal for us for enterprises which are using us is cut down the backlog, but more importantly, speed up the time it takes from a vulnerability to be detected to for that vulnerability to be triaged and remediated.

IM: What’s next? Where do you see Konvu in a year?

LM: We’ve started with a very specific niche in the role of security and vulnerability management, with application security as an initial sector and the triage-as-a-platform functionality.

Right now, we are at the stage where we’ve built initial traction on that and want to start expanding to other areas.

The goal is that in a year or two that the whole program will become more autonomous than it is today. Today we still have a human in the loop to validate the results but based on the confidence of the output the algorithm produces, they won’t need to touch it anymore.

Then, in two or three years, if we do our jobs well, 90% of vulnerabilities get triaged and remediated without humans in the loop. There’s still 10% where you will need deep expertise to be able to make it work, but we can envision a whole vulnerability management system where teams can constantly scale.

We test every single new model based on our evaluations to see how it impacts the quality of the result, trust in the results, so we stay at the frontier.

We’re building a product that solves problems for our customers. A lot of the work we’re doing sees Konvu embedded as a team within the customers we are working with, this ensures we can solve more of the problems better and faster.

Cybersecurity software regularly fails to detect and prevent the cyber-attacks they are designed to protect organizations from, especially within the bowser layer, research by Menlo Security has warned.

Published on June 9, Menlo Security’s 2026 Browser Threat Report found that one in five phishing attacks which target the enterprise browser users go completely undetected by the tools which are supposed to protect the network and its users from attacks.

Based on platform telemetry across millions of active browser sessions in enterprise customer environments between January 1 and March 31 2026, the research warned that threat actors are gaining entry to enterprise environments through the browser session layer.

The problem, the paper said, is that attacks via the browser target areas which many traditional enterprise cybersecurity products are not designed to identify or prevent suspicious activity in.

Enterprise activities like email, SaaS applications, collaboration tools, AI assistants, financial systems and credential management software now commonly take place inside a browser session rather than within an application.

But many enterprise security products are not built with this in mind, creating opportunities for cybercriminals. One out of five phishing links actively engaged by users went completely undetected by legacy URL filtering, according to Menlo.

“The tools most enterprises rely on are performing exactly as designed. That is the problem. None of them were built to operate at the browser session layer, and that is precisely where attackers have learned to live,” said Bill Robbins, CEO of Menlo Security.

Social Engineering as a Security Bypass

One of the key issues surrounding browser-based attacks is that they don’t just exploit technical vulnerabilities, they actively exploit how people interacts with the browser too.

Humans regularly need to interact with in-browser alerts such as CAPTCHAs, error messages and Cloudflare verification screens. Attackers have responded to this by adapting their social engineering techniques to fit this reality.

For example, by deploying ClickFix attacks, the attacker encourages the human to paste code into tools which are not typically monitored by cybersecurity solutions.

Or even if they are, because the victim has run the command themselves, the activity bypasses technical controls on ‘malicious behavior’ because the activity is viewed as a legitimate user performing a legitimate action. Either way, the nature of modern phishing attacks has found ways to bypass traditional defenses.

According to Menlo, to counter this threat, organizations must pay more attention to securing the browser session layer.

“Enterprises that govern this layer will be positioned to protect both their workforce and the AI agent sessions already operating in their environments by default. Those that don’t will continue relying on tools built for a threat model attackers have moved on from,” the company said.

AI adoption is accelerating in the workplace, and organizations are rushing to implement AI governance policies.

ChatGPT, Microsoft Copilot, and Claude are among the common tools employees use to summarize meetings, draft reports and emails, and speed up decision-making. The point of concern is whether employees are using these tools faster than security teams can establish oversight controls.

The cybersecurity concern is valid. Proprietary and sensitive data is being uploaded to external, unauthorized AI tools, which can have detrimental effects, including financial and reputational damage.

This issue is appearing across enterprise environments, with organizations reporting that employees are using unapproved AI tools at least occasionally as part of their day-to-day work. Governance teams are facing heightened pressure from regulators and leadership to implement immediate controls around AI usage.

This is often referred to as shadow AI, with many organizations responding to it the same way they approached cybersecurity compliance problems for years: by focusing heavily on policy creation while overlooking how employees actually work operationally.

This is becoming a major governance issue. Most organizations already have experience implementing cybersecurity frameworks that are technically sound and aligned with standards such as NIST CSF or ISO/IEC 27001.

Adapting Governance For the AI Era

Yet despite widespread framework adoption, security incidents involving human behavior continue to rise. The reason is not always a lack of policies or awareness. In many cases, governance controls fail because they were designed around compliance requirements rather than around operational workflow realities. Shadow AI is exposing the same implementation gap.

Employees are not adopting generative AI tools simply because they want to bypass governance. They are adopting them because the tools reduce friction. AI helps employees complete tasks faster, manage workload pressure, and improve productivity in environments where teams are increasingly expected to deliver more with fewer resources.

When governance controls significantly slow down operational work, employees often create informal workarounds. This pattern is not unique to the emergence of AI use. Cybersecurity teams have seen it repeatedly with password-sharing, unauthorized cloud storage, personal devices, and unsanctioned collaboration tools.

Employees frequently default to the path of least resistance when governance structures conflict with productivity. They say it is worth the security risk if it helped them work faster or meet deadlines.

Security leaders are operating under pressure. Organizations cannot afford to leave AI usage unmanaged while waiting for perfect governance frameworks. Restrictive policies are often implemented because security teams are trying to reduce immediate exposure to data leakage, compliance violations, and uncontrolled AI adoption.

But governance strategies focused only on restriction can unintentionally drive AI usage further outside organizational visibility, and this is where the real risk is.

Employees who believe approved tools are too restrictive or inefficient may continue using unauthorized AI platforms privately, creating even larger visibility gaps for security teams. In this environment, governance becomes reactive rather than sustainable.

AI Governance: Understand How to Adopt AI

This is where organizations need to rethink how AI governance is implemented.

The most effective AI governance programs will likely not be the ones with the longest policy documents or the strictest restrictions. They will be the organizations that successfully integrate governance into how employees already work, further aligning with their current workflows. A practical starting point is understanding how employees are already using AI tools within their workflows.

Many organizations are attempting to control AI usage before understanding why adoption accelerated in the first place. Security teams should identify which tasks employees are trying to simplify, where operational bottlenecks exist, and which departments are experiencing the highest workflow pressure.

This operational visibility is critical because governance controls that ignore workflow realities are far less likely to be followed and sustained consistently. Organizations that are succeeding in this area are those who understand their people and establish tools such as Microsoft Copilot with embedded controls that still provide employees with what they need.

Approved alternatives must exist. Organizations that prohibit public AI platforms without offering secure, usable alternatives often create the conditions for shadow AI adoption to continue. Governance works more effectively when compliant behavior is also the operationally easier behavior.

Different AI Tools Come With Different Risks

Organizations should also avoid treating all AI usage as equally risky. A risk-based governance model is more sustainable than broad restrictions. Employees using AI to summarize internal meeting notes present a very different risk profile from employees uploading sensitive client or regulated data into public AI systems. Governance should reflect these distinctions clearly.

Finally, organizations should treat AI governance as an ongoing operational process rather than a one-time policy rollout. AI tools, employee workflows, and organizational risks are evolving rapidly. Governance models that remain static will struggle to keep pace with how AI is being used across the enterprise.

Shadow AI is not simply a technology oversight problem. It is exposing a broader governance design issue that cybersecurity teams have faced for years: policies alone do not guarantee operational adoption.

The organizations that manage AI risk most effectively will likely be those that design governance around human behavior and operational workflow realities rather than relying solely on restrictive policy enforcement after adoption has already occurred

Google has released an emergency update to patch 74 Chrome vulnerabilities, including a high-severity flaw that has been exploited in the wild.

This is the fifth Chrome zero-day vulnerability in 2026 that has been exploited before a patch has been made available.

The security bulletin, published on June 8, include fixes for 17 critical vulnerabilities, 55 high-severity ones and tow medium-severity ones.

The security fixes will roll out “over the coming days/weeks” for Chrome users on Windows, Mac and Linux.

$55,000 For Reporting CVE-2026-11645 to Google

Among these, CVE-2026-11645 is an out of bounds read and write vulnerability affecting V8 in Google Chrome versions prior to 149.0.7827.103.

It was reported to Google on April 27 by a security researcher identified by Google as ‘303f06e3,’ who has previously reported Chrome vulnerabilities. They were awarded $55,000 for disclosing it to the Chrome security team.

When exploited, CVE-2026-11645 allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. It has been allocated a high-severity rating of 8.8.

Google confirmed it is aware of this flaw being exploited in the wild.

However, it did not provide any additional details about the exploitation evidence.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in the advisory.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

Image credits: Mijansk786 / Wachiwit / Shutterstock.com

Read now: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

The UK’s Department of Science, Innovation and Technology (DSIT) is responsible for securing over half a million domains across thousands of government organizations.

This ranges from the smallest Parish Councils to the behemoth that is the National Health Service (NHS) and its various sub-organizations.

That makes advising these organizations on what the latest cybersecurity vulnerabilities are and how to fix them a challenge, especially in an era when frontier AI Models are uncovering more vulnerabilities than ever before.

However, that does not mean each individual organization must fully understand the technical details of what vulnerabilities could be exploited. Rather, it is more important that they are provided with the correct information on what to fix and how to fix it, explained Nick Woodcraft service owner for vulnerability monitoring at DSIT.

“When you come with a problem, rather than talking about the technology, talk about the outcomes,” he said said,

Woodcraft was speaking at Infosecurity Europe 2026, in a session on the Resilience and Cyber Risk stage, titled ‘From Months to Days: How DSIT Is Rethinking Remediation at Scale’.

Making Vulnerability Management Simple to Understand

For example, he detailed how DSIT has simplified discussion around DNS vulnerabilities. A local council does not need to know what exactly a DNS vulnerability is, but they are told that if the issue is not fixed, they may lose access to their website.

“Most of the people we talk to are extremely competent at what they are do, but they are not cybersecurity or vulnerability experts,” said Woodcraft.

Read More: What Fronter AI Models Like Mythos and GPT-Cyber Mean for Modern Cybersecurity

“But when you explain this is what it is, this is what it means – that you could lose access to your website – they understand and appropriately prioritize it. That’s been important, finding ways to help people understand,” he explained.

However, with over half a million domains across thousands of government organizations to help with managing security, it’s impossible for DSIT to be hands-on with every single one of those bodies.

How Technology Helps DSIT Manage Vulnerabilities

That is why DSIT has also invested in creating additional channels to analyse and pass on information, including Security Information and Event Management (SIEM) solutions and online resources where people can easily find the data.

“We can push everything we get into a SIEM, and they can prioritize it themselves,” Woodcraft explained.

“The National Cyber Security Centre (NCSC) has a portal with early warnings, so we started pushing our data into there, where people might expect to find it, they see the data and trust it. We’re trying to make it clear in ways they can understand,” he added.

In addition, DSIT stressed that it is important not to overwhelm other governmental departments and organizations with information about too many issues at once. Instead, organizations will respond more positively if the information is fed to them in stages.

“We quickly found that if you discover 15 issues within an organization and we said that we had found 15 things, it gets their backs ups and it’s too much information,” said Woodcraft.

“We started drip feeding stuff instead – we would gradually feed issues and help them fix it. We also have humans who were prepared to spend the time with them with the sole focus to get it fixed,” he added.

DSIT is already thinking about how it can help organizations stay secure in a post-Mythos world where new vulnerabilities could be uncovered faster than ever before.

According to Woodcraft, while it is a problem which will need to solved, what can go a long way to protecting organizations is by ensuring that they are doing the basics correctly.

“If we know to keep patching, to keep things up to date and to have the right processes in place, we’re not going to be in as much danger,” he said.

The Open Worldwide Application Security Project (OWASP) has rolled out a new agentic AI security maturity framework intended to help organizations close the gap between the agentic systems they deploy and the governance those systems require.

The framework appears in the OWASP GenAI Security Project’s latest paper, State of Agentic AI Security and Governance, published on June 3, and is presented as a practical decision tool rather than a catalog of ever‑growing rules.

Ariel Fogel, AI security researcher at Pillar Security’s Office of the CTO and one of the report’s co‑leads, introduced the new framework at the OWASP GenAI Security Summit, at Infosecurity Europe 2026, on June 4.

The new guidance has been dubbed the ‘Enterprise Adoption Maturity Model.’

“Most organizations are deploying agents faster than they can govern them. Governance is still operating at the maturity levels designed for AI copilots while teams are shipping and running custom and multi-agent systems,” Fogel commented.

How OWASP’s New Agentic AI Security Maturity Model Works

The framework maps the governance problem across two linked dimensions. One axis captures what is being deployed, ranging from shadow AI and single‑vendor tools through custom agents to multi‑agent and federated systems.

The authors have defined six levels of agentic AI adoption:

• AT0 – Shadow AI: No organizational awareness or approval. Users self-adopting AI tools outside governance
• AT1 – Vendor embedded assistant: Fully vendor-controlled. You consume it, not build it
• AT2 – Platform integrated: AI-native platform with your data. Cannot execute arbitrary code
• AT3 – Citizen developer agent: Low-code/no-code platform. User configures flows and prompts, not code. Actions on real organization data
• AT4 – Code executing agent: Generates and executes code with local/cloud privileges
• AT5 – Custom in-house agent: You built it. You control identity, tools and boundaries

The other criterion measures governance maturity, from ad hoc processes up to continuous monitoring and adaptive automated enforcement.

The authors have defined four level of maturity:

• Level 0 – Unaware and ad hoc: No formal recognition of agentic AI’s distinct governance/security risks beyond traditional AI. Shadow IT experiments lack policies, AI-software bills of materials (SBOMs) or guardrails; oversight is informal with minimal logging and generic IT incident handling
• Level 1 – Experimentation without guardrails: Pilot projects with single agents/small workflows lack defined autonomy limits, decision scopes or escalation criteria. Generic AI policies and occasional red-teaming provide governance without continuous monitoring or risk-tiering; accountability is diffuse
• Level 2 – Policy-defined, human-in-the-loop: Formal policies map use cases to regulations (EU AI Act, GDPR) with mandatory human-in-the-loop for high-impact decisions. Cross-functional governance includes named owner (e.g. CAIO); logging/versioning/AI-SBOM established but monitoring is periodic
• Level 3 – Integrated, continuous oversight: Agentic AI treated as critical infrastructure with risk-tiered workflows and autonomy ladders across regulated domains. Real-time dashboards track drift/anomalies; kill switches enable autonomy pauses. Governance-as-code enforces machine-readable policies across AI lifecycle

Assessing Agentic AI Adoption-Maturity Matches and Mismatches

By combining these two criteria, for each agentic AI workflow organizations can assess whether their governance matches their deployment or governance cannot see what the agents are doing.

Fogel presented this with a table showing green areas (when governance matches the deployment), yellow areas (when security and governance teams may not have full oversight) and red areas (when deployment is applied without the right level of governance).

“Don’t operate in the red cells,” Fogel warned.

The framework’s operational logic is straightforward. Organizations place an agent on the deployment axis and then check whether their governance maturity lines up.

If governance is insufficient, the framework points to two practical responses: invest in controls specifically designed for agentic systems or reduce the agent’s permissions and autonomy until existing controls suffice.

The paper emphasizes that the needed controls are not merely stronger versions of traditional security measures.

As Fogel put it, agents operate at machine speed and scale, so teams need monitoring infrastructure that operates on the same speed as their agent workloads.

That means live behavioral baselines, real time containment and stop mechanisms, joined incident response across safety and security teams and better identity hygiene (e.g. ephemeral credentials and cryptographic attestation) so that each action can be traced and limited.

How to Make Agentic AI Guidance Directly Actionable

John Sotiropoulos, co-lead and board member of OWASP’s GenAI Security Project and Agentic Security Initiative, stressed that the new framework also aims to reduce human and organizational friction.

“There is a cognitive tax on us giving you stuff again and again,” he said, warning that large, frequently updated volumes of guidance become unusable for busy teams.

He pushed the framework’s simple decision posture as a way to focus action: discover the most advanced agents in use, prioritize the riskiest workloads and decide whether to invest in faster, different controls or to constrain deployments.

Sotiropoulos also linked governance upgrades to broader business goals, asking, “How do we actually accelerate innovation? I think people hiding and not doing AI is a vulnerability.”

He argued that prudent governance enables safe adoption rather than just blocking it.

Finally, Fogel emphasized the convergence of AI safety and security at the deployment layer: the same architectural choices that create safety exposure often create security exposure too and the maturity framework encourages aligned telemetry and incident playbooks to avoid misdiagnosis during live incidents.

Developers of the most powerful AI models have been invited, but not required, to hand their models to the US government for cybersecurity review before release, under an executive order signed on June 2.

The order, signed by President Donald Trump, sets up a voluntary framework. It directs agencies to design a process through which developers could give the government access to a “covered frontier model” for up to 30 days before releasing it to other trusted partners. A separate clause expressly rules out any mandatory licensing or preclearance requirement for new models.

The move marks a shift for an administration that has favored a light touch on AI, and follows a May near-miss when Trump pulled an earlier draft, citing concerns that included its longer review window.

The Threat Driving the Order

Although the text does not name it, the order lands amid mounting concern over frontier models that can find and exploit software flaws at scale, chief among them Anthropic’s Claude Mythos Preview.

Anthropic has recently warned that rival labs could field comparable models within a year, possibly without safeguards against misuse.

The NSA, the Cybersecurity and Infrastructure Security Agency (CISA) and NIST, the order said, must build a classified benchmark to decide which models cross the “covered” threshold.

Read more on frontier cyber models: What Frontier AI Models Like Mythos & GPT-Cyber Mean for Cybersecurity.

The framework closely echoes Anthropic’s Project Glasswing, which gives vetted partners early access to Mythos to scan critical software for vulnerabilities.

A Wider Federal Cyber Push

Beyond the review framework, the bulk of the order is a defensive overhaul. It gives agencies 30 days to harden national security, military and civilian federal systems and directs CISA to issue binding directives that expand AI-enabled defensive tools and widen access for smaller operators such as rural hospitals and local utilities.

It also creates an “AI cybersecurity clearinghouse,” led by the Treasury Department, to coordinate vulnerability scanning, validation and patching.

Industry reaction was broadly supportive but wary of whether a voluntary scheme can be truly effective. “Voluntary security programs can work, but only when they create real accountability,” said Diana Kelley, CISO at Noma Security, noting that coordinated disclosure matured once intake channels, timelines and safe-harbor terms were added.

Rajeev Gupta, co-founder of Cowbell, was blunter. “The government simply isn’t equipped to meaningfully oversee frontier AI models on its own,” he said. As an alternative, he floated a public-private body funded by the labs but backed by regulatory authority.

For now, the framework’s force will rest on whether Congress later ties pre-release review to procurement or export rules.

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection and response (EDR) software, in what was presented as a red team project.

The activity was uncovered by Sophos X-Ops. According to new analysis from its Counter Threat Unit, the activity was discovered after an unusual endpoint in a customer environment raised alerts for malicious files in a local test folder. 

Those files, alongside a linked Git repository, revealed a lab built to develop evasion tooling and test it against EDR agents from Sophos, CrowdStrike and Microsoft. Many of the Python scripts were partly AI-generated and written in Russian.

Humans Stayed in the Loop

The most important finding is what the AI did not do. Sophos stressed that the workflow was not run by an autonomously reasoning model, and that no AI was embedded in the malware itself.

Instead, AI sped up a structured cycle of building, testing and refining that still relied on human review at each turn. The actor worked inside Cursor, an AI-native development environment, and assigned roles to several agents.

One, running on Claude Opus, set the rules for the others, while the rest handled testing, operational security and documentation.

A separate playbook tasked them with mining public security research, mapping techniques to the MITRE ATT&CK framework and reproducing them in the lab, with commits flowing back through the Model Context Protocol (MCP).

A Red Team Cover Story

At the core of the lab was a Python tool that wrapped payloads in layers of encryption and evasion to produce custom loaders, drawing on offensive frameworks such as Cobalt Strike and Sliver.

Sophos said nearly 80 modules covering more than 70 techniques were built this way. The agents reported the modules became almost universally effective after iteration, though Sophos noted its documented test output did not clearly support that.

Read more on AI-generated malware: VoidLink Linux Malware Was Built Using an AI Agent, Researchers Reveal

Although the project was framed as red teaming, Sophos assessed that the label was likely a cover, used in part to get past Claude’s guardrails around malware development.

”In reality, the framework was built for stealthy post-exploitation activity in target environments,” the team said. Sophos also linked the activity to known ransomware and data theft operations.

For defenders, the company argued the shift changes little in practice, even as AI lowers the barrier to building such tooling and helps attackers find gaps faster.

The team urged organizations to maintain defense-in-depth fundamentals: timely patching, multi-factor authentication (MFA), modern methods such as passkeys, and broad EDR deployment.

Offerings of fully autonomous security operations centers (SOCs) are flourishing on the cybersecurity market and trigger anxiety about a future with empty desks.

In reality, however, top security vendors exhibiting at Infosecurity Europe 2026 actually agree on one thing: AI won’t replace the SOC. It will replace the mind-numbing copy-pasting and routine ticket-taking.

Speaking to Infosecurity, Brett Candon, VP of International at Dropzone AI, said AI is shifting the traditional multi-tiered SOC model into a leaner, smarter operation powered by accelerated ‘tier-1.5’ analysts and strategic engineers.

AI SOC: A Glass Box, Not a Black Box

Automation has promised to fix the SOC for over fifteen years, but vendors argue that true autonomy requires absolute transparency.

Candon emphasized that AI must be treated as a supportive “glass box” rather than a mysterious black box. The goal, he noted, is to replace heavy manual investigation work while logging every procedural step so human analysts can easily audit the machine’s rationale.

Patricia Titus, Field CISO at Abnormal AI, agreed that human-in-the-loop validation remains a non-negotiable safety net. Organizations still need sharp minds to verify that the machine is performing accurately.

“You actually need someone who understands that to be able to go back and analyze  the data periodically to make sure the tool, the AI tool, is actually catching what you want it to catch,” she said.

Furthermore, an AI is only as good as the security data infrastructure supporting it. Yonni Shelmerdine, chief product officer at Vega Security, pointed out that AI cannot bypass fundamental data architecture gaps. If critical security logs are frozen or filtered out due to high cloud storage costs, human engineering is required to fix the underlying pipeline.

Shelmerdine warned that if the data is gone, “no super-duper AI bot will be able to help.”

Intern Tier-1 and Professional Tier-1.5 SOC Analysts

Rather than eliminating entry-level professionals, this technological shift is entirely redefining their daily responsibilities, the three vendors told Infosecurity.

Instead of losing hours to repetitive data gathering, junior defenders are stepping straight into the role of what Candon called “tier-1.5 analysts,” acting as supervisors and auditors of AI-driven investigations from day one.

According to Candon, when AI handles tedious initial triage at machine speed, the human impact changes drastically. He noted that job satisfaction has increased and employees feel like they are doing more useful tasks within the SOC, allowing organizations to promote junior staff into specialized roles much faster than traditional timelines allowed.

Titus echoed this sentiment, noting that while tier-1 is traditionally where green SOC analysts “cut their teeth” on foundational security concepts, AI radically accelerates this onboarding period. Analysts can learn the basics significantly faster by reviewing and dissecting the automated workflows generated by an AI companion.

To operationalize this shift, Titus shared a practical blueprint from her own security team’s experience. After deploying Abnormal AI’s behavioral models, her team realized they no longer needed to hire five permanent, full-time “tier-1 ticket takers,” as she put it.

Instead, existing full-time staff were instantly elevated to handle high-risk, “truly tier-3 level investigations,” she explained.

Titus then transformed the remaining tier-1 responsibilities into a university intern program, bringing in college students to learn the grassroots basics of email security and behavioral analytics alongside the AI.

Titus strongly advocated against completely erasing entry-level roles, stating: “I think we would be foolish to eliminate tier-1 SOC analysts, largely because what happens if something happens and AI stops working, you need people to be able to go back to the grassroots and handle that tier-1.”

She explained that, by the time these interns graduate, they intimately understand how to audit AI systems and manage security posture, creating a direct pipeline of highly skilled full-time hires.

Emergence of A “Cyber Defense Engineer” Role in AI SOCs

As analysts climb the value chain, Vega’s Shelmerdine anticipates the rise of an entirely new industry archetype: the cyber defense engineer. Advanced defenders are increasingly shedding the passive analyst title to think of themselves as active system builders.

“AI isn’t going to replace the SOC, it’s a cyber defense engineer who will,” Shelmerdine said.

He described these modern professionals as engineers who control their SecOps platforms using advanced management protocols and natural language, effectively “vibe coding their queries, their hunts, their dashboards, their reports, [and] their triage.”

Rather than reacting defensively to an infinite queue of alerts, their daily focus shifts toward proactively engineering better detection postures and tuning AI tools.

Ultimately, the consensus across security vendors is clear: the autonomous SOC is not an empty room, but a significantly smarter one.

By stripping away the manual triage work that has plagued security operations for more than a decade, AI is acting less like a human replacement and more like a talent rescue mission, transforming burned-out ticket takers into strategic cyber engineers.

However, against a stark backdrop of sweeping corporate layoffs currently hitting the broader tech and cybersecurity sectors, it remains to be seen whether this idealistic vendor optimism will hold true or if economic pressures will ultimately tempt enterprises to sacrifice human expertise for pure automation.

You will be able to find Abnormal AI, Dropzone AI and Vega Security at Infosecurity Europe at Booths #D145, #E40 and #F160, respectively. Register for Infosecurity Europe here.

A Russian state-linked worm has been observed hiding its components inside a little-used Windows file feature, allowing it to spread across Ukrainian networks while leaving almost no trace on infected machines.

According to new analysis from Sekoia, the worm is the latest tool of Gamaredon, a long-running espionage group that Ukraine’s security service has formally tied to Russia’s Federal Security Service (FSB).

The group focuses almost entirely on Ukraine, targeting government, military and critical infrastructure to steal documents and keep long-term access.

Working from artifacts on compromised hosts and more than 70 samples from a partner, the team reconstructed an infection chain seen in January 2026 and still active at the time of writing. The campaign has moved almost entirely to fileless VBScript, a clear step up in stealth from Gamaredon’s earlier tooling.

A WinRAR Flaw Drops a Hidden File

The intrusion began with a booby-trapped xHTML file that, once opened, smuggled a malicious RAR archive onto the target’s machine. Sekoia tracks this initial-access stage as GammaPhish.

The archive exploited CVE-2025-8088, a path traversal flaw in WinRAR that Google’s threat analysts have separately tied to Sandworm, Turla and other Russian operators.

Abusing the bug planted a hidden HTA file in the Windows Startup folder, which ran at the next login and fetched the next payload from a remote server. A decoy PDF kept the victim unaware.

Read more on Russian state threats to Ukraine: Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits

A Worm That Lives in Hidden Streams

GammaWorm is where the campaign’s stealth becomes clear, Sekoia explained. Rather than dropping files on disk, the worm hid its modules in NTFS Alternate Data Streams, a native Windows feature that lets data ride alongside an existing file without appearing in standard directory listings.

Once active, it set up persistence through scheduled tasks disguised as routine maintenance and concealed its work by changing registry settings that govern file visibility.

It then propagated to USB sticks and network drives, hiding genuine folders and swapping them for malicious shortcuts that carried provocative Ukrainian-language filenames meant to lure users into opening them.

For command-and-control (C2), GammaWorm pulled live server addresses from legitimate public services, including Telegram and Cloudflare and used them as dead drops before saving the details to the registry. The worm then looped indefinitely as a backdoor, ready to execute whatever code its operators sent.

Sekoia warned that the safest response to infection is a full wipe: “The malware’s reliance on Dead Drop Resolvers (DDR) allows it to constantly download fresh payloads, meaning that cleaning attempts often result in fallback mechanisms restoring the malware.”

Organizations were also urged to update WinRAR to version 7.13 or later, which closes the flaw.