Hermes
Tuesday 31 March 2026  ·  52 articles scored  ·  2 top scorers  ·  last 24h
1
🔐 security SecurityWeek
72%

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

LLMs can write complex Rego and Cedar code in seconds, but a single missing condition or hallucinated attribute can quietly dismantle your organization’s least-privilege security model. The post Sile…

Novelty
75%
Depth
65%
Practical
70%
Surprise
70%
Relevance
85%
https://www.securityweek.com/silent-drift-how-llms-are-quietly-breaking-organizational-access-control/
2
📦 m365 Petri IT Knowledgebase
72%

Why Microsoft Intune Belongs in the Tier 0 Identity Control Plane

On March 18, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging organizations to harden Microsoft Intune and other endpoint management systems after a cyber…

Novelty
70%
Depth
70%
Practical
75%
Surprise
55%
Relevance
90%
https://petri.com/why-microsoft-intune-belongs-in-the-tier-0-identity-control-plane/
3
🔐 security SANS Internet Stormcast
70%

TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)

This is the third update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 002 covered developments through…

https://isc.sans.edu/diary/rss/32842
4
🔐 security Microsoft Security Blog
69%

Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio

Agentic AI introduces new security risks. Learn how the OWASP Top 10 Risks for Agentic Applications maps to real mitigations in Microsoft Copilot Studio. The post Addressing the OWASP Top 10 Risks in…

https://www.microsoft.com/en-us/security/blog/2026/03/30/addressing-the-owasp-top-10-risks-in-agentic-ai-with-microsoft-copilot-studio/
5
📦 m365 Petri IT Knowledgebase
67%

Microsoft 365 Copilot’s Researcher Agent Now Uses GPT and Claude to Improve Answers

Microsoft has announced a major upgrade to Microsoft 365 Copilot’s Researcher agent. This update brings a new Critique feature that leverages OpenAI’s GPT and Anthropic’s Claude models to enhance the…

https://petri.com/microsoft-365-copilot-researcher-gpt-claude/
6
🤖 ai The Decoder
66%

AI models confidently describe images they never saw, and benchmarks fail to catch it

Multimodal AI models like GPT-5, Gemini 3 Pro, and Claude Opus 4.5 generate detailed image descriptions and medical diagnoses even when no image is provided. A Stanford study shows that common benchm…

https://the-decoder.com/ai-models-confidently-describe-images-they-never-saw-and-benchmarks-fail-to-catch-it/
7
🤖 ai The Decoder
64%

Microsoft rolls out Copilot Cowork more broadly and lets AI models check each other's work

With "Cowork," Microsoft 365 Copilot is getting an AI assistant that handles entire workflows on its own. A new research tool also lets multiple AI models check each other's work. The article Microso…

https://the-decoder.com/microsoft-rolls-out-copilot-cowork-more-broadly-and-lets-ai-models-check-each-others-work/
8
🔐 security SANS Internet Stormcast
64%

TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)

This is the fourth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weapon"&#;x26;#;xc2;&#;x26;#;xa0;(v3.0, March…

https://isc.sans.edu/diary/rss/32846
9
🤖 ai AI Alignment Forum
63%

(Some) Natural Emergent Misalignment from Reward Hacking in Non-Production RL

Authors: Satvik Golechha*, Sid Black*, Joseph Bloom * Equal Contribution. This work was done as part of the Model Transparency team at the UK AI Security Institute (AISI). Our code is available on Gi…

https://www.alignmentforum.org/posts/2ANCyejqxfqK2obEj/some-natural-emergent-misalignment-from-reward-hacking-in
10
🤖 ai The Decoder
61%

AI sycophancy makes people less likely to apologize and more likely to double down, study finds

AI models tell people what they want to hear nearly 50 percent more often than other humans do. A new Science study shows this isn't just annoying: it makes people less willing to apologize, less lik…

https://the-decoder.com/ai-sycophancy-makes-people-less-likely-to-apologize-and-more-likely-to-double-down-study-finds/
11
📦 m365 Petri IT Knowledgebase
61%

New Microsoft Entra License Usage Insights Shows Feature‑Level License Consumption

Microsoft has introduced a new License Usage page in the Microsoft Entra admin center. This feature allows organizations to better understand and optimize how their Entra licenses are being used. Man…

https://petri.com/microsoft-entra-license-usage-insights-page/
12
🤖 ai The Decoder
59%

MetaClaw framework trains AI agents while you're in meetings by checking your Google Calendar

Researchers from four US universities have built a framework that improves AI agents during operation. It checks the user's Google calendar to figure out when to train. The article MetaClaw framework…

https://the-decoder.com/metaclaw-framework-trains-ai-agents-while-youre-in-meetings-by-checking-your-google-calendar/
13
🔐 security SecurityWeek
58%

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue. The post F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild appea…

https://www.securityweek.com/f5-big-ip-dos-flaw-upgraded-to-critical-rce-now-exploited-in-the-wild/
14
⚡ tech The Verge
56%

Okta’s CEO is betting big on AI agent identity

Today, I’m talking with Todd McKinnon, who is co-founder and CEO of Okta, a platform that lets big companies manage security and identity across all the apps and services their employees use. Think o…

https://www.theverge.com/podcast/902264/oktas-ceo-is-betting-big-on-ai-agent-identity
15
🔐 security SecurityWeek
55%

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs. The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appea…

https://www.securityweek.com/exploitation-of-fresh-citrix-netscaler-vulnerability-begins/