Crestvale Newsroom

Ramp Stack launches agentic close for accounting

6 min · 4. juni 2026
episode Ramp Stack launches agentic close for accounting cover

Description

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] Automation is moving from assistance to execution inside accounting firms. Ramp's new Stack platform signals a shift where AI agents can run the monthly close end to end, with auditability built in. That changes how work gets done and how firms price it. For firm leaders, this is not just another tool. It challenges the labor model behind core revenue. At the same time, risks are expanding at the identity layer, large firms are acquiring implementation capability, and platforms are opening to direct agent access. The common thread is clear: control is shifting toward systems that execute, not just advise. Also covered: a Microsoft 365 mobile security concern, Grant Thornton's acquisition strategy, Morgan Stanley opening platforms to AI agents, and key signals from GitLab, Coralogix, Google, Meta, and Uber. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Comments

0

Be the first to comment

Sign up now and become a member of the Crestvale Newsroom community!

Get Started

1 month for 9 kr.

Then 99 kr. / month · Cancel anytime.

  • Podcasts kun på Podimo
  • 20 lydbogstimer pr. måned
  • Gratis podcasts

All episodes

170 episodes

episode GhostLock kernel bug lets users get root artwork

GhostLock kernel bug lets users get root

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] A long standing Linux kernel bug is now a reliable privilege escalation path, just as patch timelines are collapsing and attackers begin operating at machine speed. This episode breaks down what changed and why it matters right now. For security and IT leaders, the message is consistent across all stories. Speed is now a primary control. Slow patch cycles, weak visibility into kernel versions, and delayed detection after identity compromise all translate directly into risk. At the same time, early examples of autonomous attack chains suggest defenders are no longer dealing with human paced intrusions. We also cover shifts in ransomware targeting, supply chain exposure from major vendors, and why identity hygiene continues to drive most breaches. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

Yesterday6 min
episode Fake Entra passkey enrollment steals Microsoft 365 artwork

Fake Entra passkey enrollment steals Microsoft 365

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] Passkeys are not being broken. They are being bypassed at enrollment. Attackers are using fake Microsoft Entra setup flows to trick users into binding attacker-controlled credentials, turning a security upgrade into an access grant. For security and IT leaders, this shifts the focus from authentication strength to identity lifecycle control. Enrollment, recovery, and device binding are now high-risk operations. At the same time, a CISA-linked secrets leak shows how basic controls still fail without enforcement, and Progress advising customers to shut down ShareFile controllers highlights the real-world impact of unmanaged infrastructure risk. Add in ransomware using a Microsoft-signed driver to disable defenses, and the pattern is clear: attackers are moving to the trust layers you assume are safe. Also covered: a major credential-driven breach, insider risk in incident response, WordPress plugin compromise, Citrix exploitation markets, and growing regulatory concern around AI-driven cyber risk. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

11. juli 20266 min
episode Wiz: GhostApproval breaks AI coding sandboxes artwork

Wiz: GhostApproval breaks AI coding sandboxes

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] AI coding assistants are introducing a new class of risk by reusing old attack techniques in ways most teams are not prepared for. A recent finding shows these tools can be tricked into writing outside their sandbox, while still showing safe paths to users, breaking the trust model many teams rely on. This matters because AI agents are now embedded in developer workflows with real access to code and systems. If their guardrails are unreliable, they become a new execution layer that must be treated as untrusted. At the same time, regulators in Europe are escalating enforcement, and identity-driven breaches continue to expose how fragile access controls remain. Also covered: NIS2 enforcement actions, a 6.9 million record breach tied to a single employee account, and rising risks across AI supply chains and credential exposure. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

10. juli 20265 min
episode HalluSquatting weaponizes coding agents via fake packages artwork

HalluSquatting weaponizes coding agents via fake packages

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] AI coding agents are introducing a new kind of risk: silent, large-scale code execution driven by model hallucination. Attackers are exploiting this behavior by registering fake packages that agents are likely to fetch and run, turning development environments into entry points without any user interaction. This matters because it shifts security from user-driven mistakes to system-level trust failures. At the same time, a reported Accenture breach highlights how exposed tokens and keys can create downstream risk across entire client ecosystems. Meanwhile, IBM and Red Hat are pushing signed, pre-remediated dependencies to move security earlier in the software supply chain, and new data shows identity weaknesses still dominate real attack paths. Also covered: a long-standing Linux flaw, a major credential-driven breach, autonomous SOC response, unpatched edge devices, and evolving AI phishing tactics. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

9. juli 20266 min
episode Dialogflow CX bug enabled chatbot session hijacks artwork

Dialogflow CX bug enabled chatbot session hijacks

Send us Fan Mail [https://www.buzzsprout.com/2602483/fan_mail/new] AI interfaces are becoming part of the identity layer, whether teams realize it or not. A newly patched Dialogflow CX flaw shows how easily a chatbot can become a point of impersonation, surveillance, and data extraction if isolation and controls are weak. For security and IT leaders, this shifts the boundary of what needs to be protected. Chatbots, automation layers, and AI agents now sit directly in the path of sensitive user interactions. At the same time, governments and vendors are accelerating toward autonomous security models to keep up with attacker speed, while identity platforms continue to consolidate into single control planes. This episode also covers the UK's Cyber Shield initiative, Barracuda's move into unified identity defense, and a critical KVM vulnerability that challenges VM isolation. Learn more at https://crestvale.io Support the show [https://www.buzzsprout.com/2602483/support]

8. juli 20265 min