Security and AI news from the week beginning 16 March 2026

Last week was extremely interesting across the wider business market around AI. After months of being told how AI would replace individuals and companies, there was a rebound. IBM stocks clawed back some of their losses after a 20% drop on the back of Anthropic announcing COBOL programming advances. With over 250 billion lines of COBOL still powering mainframes, this news shocked the market. Industry analysts, however, said AI will enhance rather than replace IBM services. IBM is also a major player in AI infrastructure across its cloud systems.

After a lot of negativity from the US Government about the EU AI Act, it finally passed the US AI Accountability Act. While it doesn’t go as far as the EU legislation, it does mean that AI use must be clear and accountable. Anyone using it for hiring, lending, healthcare, and criminal justice must conduct and publish regular bias audits.

Global consultancy firm McKinsey published its 2026 Global Institute Report. It gives an interesting perspective on the impact of AI on jobs. While it saw 12% of current job tasks across the economy automated by AI in the last two years, that is not the whole story. It says that 8% of the new job categories created were AI-related.

UK Companies House suffered a security problem with its WebFiling Service. It was forced to take it offline after it was revealed that, since October 2025, it had allowed users to view companies with which they were not associated. It was further reported that people were able to make unauthorised changes, leading to companies being told to check their information.

TeamPCP compromised Aqua Security’s Trivy vulnerability scanner. It allowed them to inject credential-stealing malware into the v0.69.4 release. Although the malicious code was only active for 12-hours, it read GitHub Actions Runner worker memory to extract secrets and exfiltrated them to an attacker-controlled domain.

Just 20 hours after being announced, a critical unauthenticated RCE Zero-Day in Longflow, CVE-2026-33017, was weaponised. The flaw, caused by missing authentication and a code injection weakness, triggered rapid scanning and data exfiltration activity across exposed environments.

In Case You Missed It

The Adecco Group, the global talent and technology services company, has signed a new, multi-year agreement with Salesforce through 2027. The contract provides for unlimited global access to Agentforce 360, Salesforce’s portfolio of solutions that support the Agentic Enterprise.

Fisent Technologies has expanded its Fisent BizAI agentic solution with the introduction of Tabulate. The solution is a robust new feature within its suite of Agentic Actions (Classify, Split, Extract, Verify, and Analyze).

Artificial intelligence agents are already inside your organisation. They are writing code, managing workflows, processing loans, and even diagnosing patients. But here’s the uncomfortable truth: most of them have no real identity, no boundaries, and no accountability. In this podcast, Alex Laurie, Go-to-Market CTO at Ping Identity, talks about what you can do to improve your AI Agent security.

Workday has announced a major evolution of its business platform, with the first update to its integration with Sana, the AI platform company it acquired in November 2025. Sana from Workday is now available to customers worldwide. And early adopters are already praising the quantifiable benefits they have received.

Reco has released Reco AI Agent Security to fill the visibility gap for AI agents across the enterprise. Autonomous tools such as Copilot, ChatGPT, Make, and n8n now operate across SaaS environments without oversight. They access data, execute actions, and connect to systems, all without human intervention. Traditional SaaS security tools were not built for this challenge.

Spacelift has launched Spacelift Intelligence to help infrastructure teams escape drowning in provisioning requests. Developers using AI coding assistants now ship features in hours. But infrastructure provisioning still relies on outdated playbooks and processes that can’t scale.

Nintex, a provider of agentic business orchestration, has launched Nintex Agent Designer and Nintex Orchestration. The new native AI capabilities include a new agentic AI and business orchestration capabilities available to select customers natively in Nintex CE. Together, these solutions help organisations design and orchestrate AI agents alongside people, workflows, and core systems to deliver consistent results on a scale.

Most companies think they’re AI-ready. Unfortunately, they’re not even close. In the latest Enterprise Times podcast, Ian Murphy sits down with Dave Shuman, Chief Data Officer at Precisely, to expose the brutal truth around your AI projects. If your data isn’t clean, governed, and connected, your AI is just expensive theatre.

Dropzone AI has announced its AI-driven Threat Hunter, a continuous, autonomous hunting tool without adding headcount or complexity. It is designed to help all teams shift from reactive to proactive threat hunting. For smaller teams and SOCs, it will give them an alternative to just automating processes. That still leaves them overwhelmed by the number of alerts they have to deal with.

In Other News

Aera Technology

Aera Technology today announced it has been named to the Constellation ShortList for Decision Automation in Q1 2026, recognising leading technology providers that enable enterprises to define, govern, execute, and continuously improve automated business decisions.

BlueVoyant

BlueVoyant has launched the BlueVoyant Continuous Optimization for Microsoft Solutions (COMS) for Purview. It’s a comprehensive managed service that enables organizations to achieve optimal outcomes from their Microsoft Purview investments. The announcement follows BlueVoyant’s recent recognition by Microsoft as the MISA Data Security & Compliance Trailblazer.

Digicert

DigiCert announced strong fiscal year 2026 momentum marked by platform innovation, industry recognition, strategic expansion, and record financial performance. The company closed FY26 with its largest fourth quarter in company history in annual recurring revenue (ARR), outperforming 100%+ attainment on topline bookings targets, underscoring sustained market demand and strong execution.

FBI

The FBI IC3 team has issued a Flash Actionable Cyber Intelligence alert. It warns that Iranian cyber actors are using a Telegram command & control infrastructure to push malware. The targets of the malware are Iranian dissidents, journalists opposed to Iran and other opposition groups around the world.

ManageEngine

ManageEngine announced the expansion of its unified endpoint management and security (UEMS) platform, Endpoint Central, to include endpoint detection and response (EDR) and secure private access capabilities. The additions bolster Endpoint Central’s endpoint security capabilities by enabling AI-powered threat detection, automated remediation, and Zero Trust access to internal applications through device trust verification.

US Department of Justice

The Justice Department announced the seizure of four domains as part of an ongoing effort to disrupt hacking and transnational repression schemes conducted by the Islamic Republic of Iran’s Ministry of Intelligence and Security (MOIS). The seized domains were used by the MOIS in furtherance of attempted psychological operations targeting adversaries of the regime.

The post Security and AI news from the week beginning 16 March 2026 appeared first on Enterprise Times.