Data exfiltration stories - Page 3

Agentic AI promises effortless digital delegation, but its admin-level access to data and systems creates profound privacy and security risks.

HackerOne launches live Agentic Prompt Injection Testing to expose real-world AI exploit paths as prompt injection threats surge 540%.

Keeper launches KeeperDB to centralise zero-trust database access, hiding credentials and recording sessions within its existing security vault.

TrendAI integrates its AI security platform with HPE Private Cloud AI to secure enterprise AI deployments from infrastructure to applications.

A new Securitybridge index finds SAP Basis the weakest security layer, with just 58% of checks compliant across hardened systems.

Harness has launched AI Security and Secure AI Coding tools to spot and block vulnerabilities in AI-powered apps and AI-generated code.

XM Cyber rolls out AI exposure mapping to track shadow AI, cloud models and MCP servers across hybrid estates in a single attack graph.

Ransomware group LeakNet adopts ClickFix lures and a Deno-based fileless loader to scale attacks and evade traditional endpoint defences.

Okta and partners pull rogue ShieldGuard Chrome extension that stole crypto wallet data and bypassed browser defences via custom code.

Netskope unveils Netskope One AI Security, a unified platform to tackle shadow AI, data leakage and model attacks across enterprises.

HPE warns cybercriminals now run attacks like global enterprises, using repeatable workflows, automation and AI to outpace defences.

SailPoint debuts Shadow AI Remediation to monitor and block risky staff use of unsanctioned generative AI tools in real time.

Okta warns that surging numbers of uncontrolled AI agents pose a major identity and access risk as they become the new digital workforce.

AI agents are fuelling a new wave of cyber risk, as criminals weaponise automation to speed up ransomware and sharpen extortion tactics.

Iranian state-aligned hackers are shifting from spying to destructive cyber strikes, putting Western critical infrastructure on high alert.

Kiteworks and Kasm link governed data exchange with isolated workspaces to tighten control of sensitive information across partners.

Attackers push fake Red Alert Android app via SMS, turning Israel rocket warning tool into spyware that steals messages, contacts and location.

OpenAI agrees to buy Promptfoo, aiming to embed automated security testing and red-teaming tools directly into its Frontier AI coworker platform.

SurePath AI launches real-time MCP policy controls to lock down AI tool access, aiming to secure fast-growing workplace agent workflows.

Fake Claude AI search ads are spreading info-stealing malware, hijacking developer credentials and cloud access via spoofed download sites.