Security and AI news from the week beginning 27 April 2026

Last week saw the opening salvos in the Musk-Altman dispute. Testimony very quickly got spicy with both sides making accusations against the other. This is all about Musk alleging that OpenAI has violated its original non-profit charter. Altman says it was necessary for survival.

While the court case plays out, the $250bn SpaceX acquisition of xAI is also taking place. It will create a single company that is likely to be valued at $1.25 trillion. Also playing into this is Musk’s latest Tesla payout of $158bn. But while Musk is distracted with fighting OpenAI and merging SpaceX and xAI, it means he won’t be collecting. That is down to the goals set by the Tesla board, which have not yet been achieved.

At Google Cloud Next ’26, Google and Apple announced a deeper partnership. It will see Google’s Gemini models power the next generation of Apple Intelligence features. This will lead to a complete overhaul of Siri.

It has also been revealed that Google Chrome silently downloads and installs a 4GB AI model onto devices without consent. It is downloaded again if the user deletes it. Apple users will now be asking what that means for their security settings and data usage. Additionally, those who have blocked Siri will want confirmation that this will not be downloaded or capture data from their devices.

A report from Mandiant shows that the time-to-exploit for software vulnerabilities has effectively gone negative. In 2026, 28.3% of CVEs were exploited within 24 hours of disclosure. It means they are exploited before patches are available. The cause is AI and its ability to act before organisations can defend.

Hackers stole hundreds of thousands of Roblox accounts last week. It prompted urgent advice for users to enable multi-factor authentication and reset credentials. This is yet another breach targeting gaming platforms. Attackers see users on these platforms as being target-rich and security-poor.

In Case You Missed It

NetApp has followed the experiences of its customers and adopted Google Gemini Enterprise across the organisation. This is an extension of its existing work with Google. The company says this is about adopting AI-driven operations. Its sales and product teams are the first to make this change, turning themselves into a test case. That means they will have the same experience as customers.

At SuiteConnect San Francisco, NetSuite has announced NetSuite SuiteCloud Agent Skills. These SuiteCloud Agent Skills are platform-agnostic skill collections for coding assistants. They are compatible with the agentskills.io specification.

Precisely Automate has earned SAP Clean Core Certification (Conditional, Level C) for SAP S/4HANA Cloud Private Edition. This is about the ability of Precisely Automate to support high-volume SAP data updates without affecting the SAP core. For SAP customers, this is critical. It means that they can trust how data is imported and managed without risk of business disruption. It also proves that Precisely is able to meet SAP Clean Core Principles.

Silverfort has acquired Fabrix Security for an undisclosed amount. This deal is about improving security around autonomous AI systems. What makes it of interest is the shift towards making AI agents a first-class identity. That move makes it possible to track each agent as we track users. They get their own rights and permissions to access apps and data, providing a key level of governance.

Ulf Viney, EVP of engineering support and operations at Precisely, appeared on the Enterprise Times podcast. He talked about how Agentic AI is transforming software development from manual coding to orchestrating intelligent workflows. In particular, Viney explained what this has meant for his team/ They moved from writing every line to defining strict constraints while AI handles requirements, testing, and legacy modernisation.

Panzura has announced the general availability of Panzura Nexus. It calls it an industry-first extensible AI platform that brings trusted, permission-aware intelligence to enterprise file data. It sits on top of Panzura CloudFS and manages the interaction between Microsoft 365 Copilot and the enterprise data. Unlike a traditional integration bridge, Nexus captures the data and metadata, including security and access controls.

Nintex has added a new built-in AI engine into the latest version of its on-premises business orchestration platform. The update also includes out-of-the-box AI Actions and an updated identity provider setup and synchronisation. The release of Nintex K2 (5.9.1) also includes accessibility improvements for organisations working in complex, regulated environments.

Fang Wu, Vice President of Business Development at NTT Research, appeared on the Enterprise Times podcast to talk about ABE, Salt Grain and the future. For the last few years at its Upgrade conference, NTT Research has been showing Proof of Concept (PoC) models around Attribute-Based Encryption (ABE). Despite many of these looking production-ready, there has been a lack of product. That is changing.

Panasonic has released TOUGHBOOK Guard, a firmware-based security solution that is built into the BIOS. Organisations have become used to a combination of endpoint security and a trusted OS to protect users. TOUGHBOOK Guard addresses a more fundamental problem. That is the swapping of hardware, which is not detected by endpoint security.

The MACH Alliance hosted a panel discussion on Towards a Fully Enabled Enterprise at its MACH X event in Toronto. The event, The Agentic Advantage, aimed to help enterprise leaders shift from AI trials to developing “AI-ready” systems with composable technology. The panel explored how their organisations are moving beyond pilots towards embedding AI into the fabric of the business.

The software market is fracturing into two distinct worlds, and it’s being accelerated by Artificial intelligence. Enterprise Times talked with Richard Davies, UK Country Manager at Netcompany, and a veteran of the industry, about what this means. It is having more impact on software than any previous technology shift, and it’s happening before our eyes. Who will survive this shift?

In Other News

DigiCert

DigiCert has introduced a new AI Trust architecture designed to help organisations secure AI systems and their outputs. The company is also unveiling new capabilities to help secure autonomous agents and AI models, along with separate capabilities to provide verifiable content authenticity in the age of AI.

The company also announced the availability of Content Trust Manager, a new solution within the DigiCert ONE platform. Content Trust Manager allows organisations to add a secure, verifiable credential to digital media so people can see where it came from, how it has been changed over time, and who was responsible for those changes, helping bring greater transparency and accountability to digital content.

Europol

Europol has said that a criminal network operating a large-scale online fraud scheme has been dismantled through a collaborative investigation involving Austrian and Albanian authorities, with support from Europol and Eurojust. The operation, which spanned over two years, resulted in the arrest of ten individuals, the search of multiple premises, and the seizure of nearly EUR 900 000 in cash.

FBI

The FBI IC3 has published a report on adapting Zero Trust principles to operational technology. It says that for operational technology (OT), applying Zero Trust requires careful consideration because OT systems interact with the physical environment and are constrained by availability and safety requirements, as well as legacy technology with long lifespans.

National Cyber Security Centre

On Friday, the NCSC released a paper entitled “Preparing for a vulnerability patch wave.” It says that organisations must act now to prepare for a wave of patches that will address decades of technical debt.

US Department of Justice

The US DoJ has announced that two American cybersecurity professionals have been sentenced to four years each in prison. They were found guilty of their role in a conspiracy to obstruct, delay, or affect commerce through extortion in connection with ransomware attacks occurring in 2023. They were part of a group that deployed the ransomware known as ALPHV BlackCat between April 2023 and December 2023 against multiple victims located throughout the United States.

Security and AI news for the two weeks beginning 13 April 2026

The post Security and AI news from the week beginning 27 April 2026 appeared first on Enterprise Times.