data privacy | Breaking Cybersecurity News | The Hacker News

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not even Google." Private AI Compute has been described as a "secure, fortified space" for processing sensitive user data in a manner that's analogous to on-device processing but with extended AI capabilities. It's powered by Trillium Tensor Processing Units (TPUs) and Titanium Intelligence Enclaves (TIE), allowing the company to use its frontier models without sacrificing on security and privacy. In other words, the privacy infrastructure is designed to take advantage of the computational speed and power of the cloud while retaining the security and privacy assuran...

Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to the privacy of user and enterprise communications, the company noted. The attack has been codenamed Whisper Leak . "Cyber attackers in a position to observe the encrypted traffic (for example, a nation-state actor at the internet service provider layer, someone on the local network, or someone connected to the same Wi-Fi router) could use this cyber attack to infer if the user's prompt is on a specific topic," security researchers Jonathan Bar Or and Geoff McDonald, along with the Microsoft Defender Security Research Team, said . Put differently, the attack allows an attacker t...

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the "libimagecodec.quram.so" component that could allow remote attackers to execute arbitrary code, according to Palo Alto Networks Unit 42. The issue was addressed by Samsung in April 2025. "This vulnerability was actively exploited in the wild before Samsung patched it in April 2025, following reports of in-the-wild attacks," Unit 42 said . Potential targets of the activity, tracked as CL-UNK-1054, are located in Iraq, Iran, Turkey, and Morocco based on VirusTotal submission data. The development comes as Samsung disclosed in September 2025 that another flaw in the same library (CVE-2025-21043, CVSS score: 8.8) had also been exploited in the wild as a...

Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI's GPT-4o and GPT-5 models. OpenAI has since addressed some of them .  These issues expose the AI system to indirect prompt injection attacks , allowing an attacker to manipulate the expected behavior of a large language model (LLM) and trick it into performing unintended or malicious actions, security researchers Moshe Bernstein and Liv Matan said in a report shared with The Hacker News. The identified shortcomings are listed below - Indirect prompt injection vulnerability via trusted sites in Browsing Context, which involves asking ChatGPT to summarize the contents of web pages with malicious instructions added...

Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC) . It's no longer a future concept—it's here, and it's already reshaping how teams operate. AI's capabilities are profound: it's speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more proactive GRC function. However, this powerful shift introduces significant new challenges. AI brings its own set of risks, including potential bias, dangerous blind spots, and regulatory gaps that are only beginning to be addressed by governing bodies. Staying ahead of this curve—not just struggling to keep up—requires clear, practical knowledge. Don't Just Stay Afloat—Master the Change To help you navigate this complex landscape, we invite you to our free, high-impact webinar, " The Future of AI in GRC: Opportunities, Risks, and Practical Insights . " This se...

Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser add-ons collectively have about 20,905 active users. "They are not classic malware, but they function as high-risk spam automation that abuses platform rules," security researcher Kirill Boychenko said. "The code injects directly into the WhatsApp Web page, running alongside WhatsApp's own scripts, automates bulk outreach and scheduling in ways that aim to bypass WhatsApp's anti-spam enforcement." The end goal of the campaign is to blast outbound messaging via WhatsApp in a manner that bypasses the messaging platform's rate limits and anti-spam controls. The activity is assessed to have been ongoing for at lea...

Scaling the SOC with AI - Why now?  Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR's AI-SOC Market Landscape 2025 , the average organization now faces around 960 alerts per day , while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools . Nearly 40% of those alerts go uninvestigated , and 61% of security teams admit to overlooking alerts that later proved critical. The takeaway is clear: the traditional SOC model can't keep up. AI has now moved from experimentation to execution inside the SOC. 88% of organizations that don't yet run an AI-driven SOC plan to evaluate or deploy one within the next year. But as more vendors promote "AI-powered SOC automation," the challenge for security leaders has shifted from awareness to evaluation. The key question is no longer whether AI belongs in the SOC, but how to measure its real impact and select a platform that delivers value without introducing signi...

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front camera; and even send SMS messages or place calls directly from the victim's device," Zimperium researcher Vishnu Pratapagiri said in a report shared with The Hacker News. The malware is also designed to propagate itself by sending malicious links to every contact in the victim's phone book, indicating aggressive tactics on the part of the attackers to leverage compromised devices as a distribution vector. The mobile security company said it has detected no less than 600 samples and 50 droppers over the last 90 days, with each successive iteration incorporating new layers of o...

A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations, which is known to share links with the MSS, according to Recorded Future. The names of the four individuals include Wu Shizhong, He Dequan, You Xingang, and Zhou Linna. "BIETA and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), research, develop, import, and sell technologies that almost certainly support intelligence, counterintelligence, military, and other missions relevant to China's national development and security," the company said in a report shared with The Hacker News. "Their activities include researching methods of steganography that can likely support covert communications (COVCOM) a...

From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome's settings to sneak in malicious extensions. On the defense side, AI is stepping up to block ransomware in real time, but privacy fights over data access and surveillance are heating up just as fast. It's a week that shows how wide the battlefield has become — from the apps on our phones to the cars we drive. Don't keep this knowledge to yourself: share this bulletin to protect others, and add The Hacker News to your Google News list so you never miss the updates that could make the difference. Claude Now Finds Your Bugs Anthropic Touts Safety Protections Built Into Claude Sonnet 4.6 Anthropic said it has rolled out a number of safety and security improve...

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. "They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud Assist; and exfiltration of the user's saved information and location data via the Gemini Browsing Tool," Tenable security researcher Liv Matan said in a report shared with The Hacker News. The vulnerabilities have been collectively codenamed the Gemini Trifecta by the cybersecurity company. They reside in three distinct components of the Gemini suite - A prompt injection flaw in Gemini Cloud Assist that could allow attackers to exploit cloud-based services and compromise cloud resources by taking advantage of the fact that the tool is capable of summarizing logs pulled dir...

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Centers: alert volumes have reached unsustainable levels, forcing teams to leave critical threats uninvestigated. You can download the full report here . The research, conducted primarily among US-based organizations, shows that AI adoption in security operations has shifted from experimental to essential as teams struggle to keep pace with an ever-growing stream of security alerts. The findings paint a picture of an industry at a tipping point, where traditional SOC models are buckling under operational pressure and AI-powered solutions are emerging as the primary path forward. Alert Volume Reaches Breaking Point Security teams are drowning in alerts, with organizations processing an average of 960 alerts per ...

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below - CVE-2025-10643 (CVSS score: 9.1) - An authentication bypass vulnerability that exists within the permissions granted to a storage account token CVE-2025-10644 (CVSS score: 9.4) - An authentication bypass vulnerability that exists within the permissions granted to an SAS token Successful exploitation of the two flaws can allow an attacker to circumvent authentication protection on the system and launch a supply chain attack, ultimately resulting in the execution of arbitrary code on customers' endpoints. Trend Micro researchers Alfredo Oliveira and David Fiser said the AI-powered data repair and photo editing application "contradicted its privacy policy by...

The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM). Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one count of access device solicitation, and one count of possession of child sexual abuse material. Fitzpatrick was initially arrested in March 2023 and pleaded guilty later that July. As part of the plea agreement, Fitzpatrick is also said to have agreed to forfeit over 100 domain names used in the operation of BreachForums, over a dozen electronic devices used to execute the scheme, and cryptocurrency that represented the illicit proceeds of the operation. "Conor Fitzpatrick personally profited from the sale of vast quantities of stolen information, ranging from private personal information to commercial data,...

Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity (C2PA) standard out of the box to verify the origin and history of digital content. To that end, support for C2PA's Content Credentials has been added to Pixel Camera and Google Photos apps for Android. The move, Google said, is designed to further digital media transparency. C2PA's Content Credentials are a tamper-evident, cryptographically signed digital manifest providing verifiable provenance for digital content such as images, videos, or audio files. The metadata type, according to Adobe , serves as a "digital nutrition label," giving information about the creator, how it was made, and if it was generated using artificial intelligence (AI). "The Pixel Camera app achieved Assurance Level 2, the highest security rating currently defined by the C2PA Conformance Program," Google's Android Security and C2PA Core teams said ....

The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million (€325 million) and $175 million (€150 million), respectively, for violating cookie rules. Both companies set advertising cookies on users' browsers without securing their consent, the National Commission on Informatics and Liberty (CNIL) said. Shein has since updated its systems to comply with the regulation. Reuters reported that the retailer plans to appeal the decision. "When creating a Google account, users were encouraged to choose cookies linked to the display of personalized advertisements, to the detriment of those linked to the display of generic advertisements and that users were not clearly informed that the deposit of cookies for advertising purposes was a condition to be able to access Google's services," the CNIL noted . The consent obtained in this manner is not valid and constitutes a violation of the French Data Protection Act (Article 82), it...

The Harsh Truths of AI Adoption MITs State of AI in Business report revealed that while 40% of organizations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions are coming from personal email accounts, where employees are bypassing corporate controls entirely. This has, understandably, led to plenty of concerns around a growing "Shadow AI Economy". But what does that mean and how can security and AI governance teams overcome these challenges? Contact Harmonic Security to learn more about Shadow AI discovery and enforcing your AI usage policy.  AI Usage Is Driven by Employees, Not Committees  Enterprises incorrectly view AI use as something that comes top-down, defined by their own visionary business leaders. We now know that's wrong. In most cases, employees are driving adoption from the bottom up, often without ov...