data protection | Breaking Cybersecurity News | The Hacker News

The danger isn't that AI agents have bad days — it's that they never do. They execute faithfully, even when what they're executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe. This isn't some dystopian fantasy—it's Tuesday at the office now. We've entered a new phase where autonomous AI agents act with serious system privileges. They execute code, handle complex tasks, and access sensitive data with unprecedented autonomy. They don't sleep, don't ask questions, and don't always wait for permission. That's powerful. That's also risky. Because today's enterprise threats go way beyond your garden-variety phishing scams and malware. The modern security perimeter? It's all about identity management. Here's the million-dollar question every CISO should be asking: Who or what has access to your critical systems, can you secure and govern that access, and can you actually prove it? Ho...

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware," the Microsoft Threat Intelligence team said in a post shared on X. The tech giant said it disrupted the activity earlier this month after it was detected in late September 2025. In addition to revoking the certificates, its security solutions have been updated to flag the signatures associated with the fake setup files, Oyster backdoor, and Rhysida ransomware. Vanilla Tempest (formerly Storm-0832) is the name given to a financially motivated threat actor also called Vice Society and Vice Spider that's assessed to be active since at least July 2022, delivering various ransomware strains such as BlackCat, Quantum Locker, Zeppelin, and Rhysida over the year...

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results.  The benefits of pen testing are clear. By empowering "white hat" hackers to attempt to breach your system using similar tools and techniques to an adversary, pen testing can provide reassurance that your IT set-up is secure. Perhaps more importantly, it can also flag areas for improvement.  As the UK's National Cyber Security Centre (NCSC) notes, it's comparable to a financial audit . "Your finance team tracks expenditure and income day to day. An audit by an external group ensures that your internal team's processes are sufficient." While the advantages are obvious, it's vital to understand the true cost of the process: indeed, the classic approach can often demand significant time and effort from your team. You need to get yo...

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure. Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong authentication all together Malicious or compromised browser extensions can hijack WebAuthn requests, manipulate passkey registration or sign-in, and drive autofill to leak credentials and one-time codes. Device-bound passkeys in hardware security keys offer higher assurance and better administrative control than synced passkeys, and should be mandatory for enterprise access use cases Synced Passkey Risks Synced passkey vulnerabilities Passkeys are credentials stored in an authenticator. Some are device-bound, others are synced across devices through consumer cloud services like iCloud and Go...

For years, security leaders have treated artificial intelligence as an "emerging" technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single largest uncontrolled channel for corporate data exfiltration—bigger than shadow SaaS or unmanaged file sharing. The findings, drawn from real-world enterprise browsing telemetry, reveal a counterintuitive truth: the problem with AI in enterprises isn't tomorrow's unknowns, it's today's everyday workflows. Sensitive data is already flowing into ChatGPT, Claude, and Copilot at staggering rates, mostly through unmanaged accounts and invisible copy/paste channels. Traditional DLP tools—built for sanctioned, file-based environments—aren't even looking in the right direction. From "Emerging" to Essential in Record Time In just two years, AI tool...

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM (AI Security Posture Management) solutions have gained traction to secure AI pipelines, sensitive data assets, and the overall AI ecosystem. These solutions help organizations identify risks, control security policies, and protect data and algorithms critical to their operations.  However, not all AI-SPM tools are created equal. When evaluating potential solutions, organizations often struggle to pinpoint which questions to ask to make an informed decision. To help you navigate this complex space, here are five critical questions every organization should ask when selecting an AI-SPM solution: 1: Does the solution offer comprehensive visibility and control over AI and associated data risk? With the proliferation of AI models across enterprises, m...

Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core mechanics. Passwork 7 introduces significant changes to how credentials are organized, accessed, and managed, reflecting feedback from real-world users. The redesign prioritizes usability and security, with a focus on streamlining workflows and making key features more accessible. Passwork isn't trying to reinvent the wheel. Instead, it focuses on solving a very real problem: how do businesses keep credentials organized, secure, and accessible without adding complexity or risk? In this article, we'll look at what Passwork 7 delivers, how it fits into a business environment, and what makes it different. Below is a walkthrough of its main features and workflows. Getting started: User experience and onboarding The...

The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and development to finance and HR. This transformation unlocks innovation and efficiency, but it also introduces new risks. Enterprises must balance the promise of AI with the responsibility to protect their data, maintain compliance, and secure their expanding application supply chain. The New Risk Landscape With AI adoption comes a new set of challenges: AI Sprawl : Employees adopt AI tools independently, often without security oversight, creating blind spots and unmanaged risks. Supply Chain Vulnerabilities : interapplication integrations between AI tools and enterprise resources expand the attack surface and introduce dependencies and access paths enterprises can't easily control. Data Exp...

Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance requirements. At the same time, clients want better protection without managing cybersecurity themselves. Service providers must balance these growing demands with the need to work efficiently, deliver consistent results, and scale their offerings. Yet, many service providers still rely on manual processes that slow down delivery, make it harder to maintain consistency across clients, and limit the time teams have to focus on more strategic initiatives. Even experienced service providers can find themselves stretched thin as they try to meet rising client expectations while managing operational complexity. In this environment, automation offers an opportunity to work more effectively and deliver greater value. By streamlining repetitive tasks, improving con...

Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come down to the settings you choose on day one. In this piece, Yuriy Tsibere explores how default policies like deny-by-default, MFA enforcement, and application Ringfencing ™ can eliminate entire categories of risk. From disabling Office macros to blocking outbound server traffic, these simple but strategic moves create a hardened environment that attackers can't easily penetrate. Whether you're securing endpoints or overseeing policy rollouts, adopting a security-by-default mindset can reduce complexity, shrink your attack surface, and help you stay ahead of evolving threats. Cybersecurity has changed dramatically since the days of the "Love Bug" virus in 2001. What was once an annoyance is now a profit-driven criminal enterprise worth billions. This shift demands proactive defense strategies that don't just respond to threats—they prevent t...

The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million (€325 million) and $175 million (€150 million), respectively, for violating cookie rules. Both companies set advertising cookies on users' browsers without securing their consent, the National Commission on Informatics and Liberty (CNIL) said. Shein has since updated its systems to comply with the regulation. Reuters reported that the retailer plans to appeal the decision. "When creating a Google account, users were encouraged to choose cookies linked to the display of personalized advertisements, to the detriment of those linked to the display of generic advertisements and that users were not clearly informed that the deposit of cookies for advertising purposes was a condition to be able to access Google's services," the CNIL noted . The consent obtained in this manner is not valid and constitutes a violation of the French Data Protection Act (Article 82), it...

In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek. This allowed "full control over database operations, including the ability to access internal data", Wiz Research stated, with more than a million lines of log streams involved, containing chat history, secret keys and more. Wiz immediately reported the issue to DeepSeek, which quickly secured the exposure. Still, the incident underscored the danger of data leakage. Intentional or unintentional? Data leakage is a broad concept, covering a range of scenarios. As IBM notes, the term in general refers to a scenario where "sensitive information is unintentionally exposed to unauthorized parties" .  It could be intentional or unintentional. On the intentional side...

Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls. Standard DLP products often fail to register these events. Solutions such as Fidelis Network ® Detection and Response (NDR) introduce network-based data loss prevention that brings AI activity under control. This allows teams to monitor, enforce policies, and audit GenAI use as part of a broader data loss prevention strategy. Why Data Loss Prevention Must Evolve for GenAI Data loss prevention for generative AI requires shifting focus from endpoints and siloed channels to visibility across the entire traffic path. Unlike earlier tools that rely on scanning emails or storage shares, NDR technol...

Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place. For CISOs and security leaders like you, the challenge is clear: you don't want to slow AI adoption down, but you must make it safe. A policy sent company-wide will not cut it. What's needed are practical principles and technological capabilities that create an innovative environment without an open door for a breach. Here are the five rules you cannot afford to ignore. Rule #1: AI Visibility and Discovery The oldest security truth still applies: you cannot protect what you cannot see. Shadow IT was a headache on its own, but shadow AI is even slipperier. It is not just ChatGPT, it's also the embedded AI features that exist in many SaaS apps and any new AI agents that your employees might be creating. The golden rule: turn on the lights. You need real-time visibi...

Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact. The real question is, "How do you tackle these rising threats?" The answer lies in having a robust BCDR strategy. However, to build a rock-solid BCDR plan, you must first conduct a business impact analysis (BIA). Read on to learn what BIA is and how it forms the foundation of an effective BCDR strategy. What Is a BIA? A BIA is a structured approach to identifying and evaluating the operational impact of disruptions across departments. Disruptive incidents or emergencies can occur due to several factors, such as cyberattacks, natural disasters or supply chain issues. Conducting a BIA helps identify critical functions for a business's operations and survival. Businesses can use insights from BIA to develop strategies to resume th...

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It's about trust. And trust, by definition, is about what happens when you're not looking. Agentic AI — AI that perceives, decides, and acts on behalf of others — isn't theoretical anymore. It's routing our traffic, recommending our treatments, managing our portfolios, and negotiating our digital identity across platforms. These agents don't just handle sensitive data — they interpret it. They make assumptions, act on partial signals, and evolve based on feedback loops. In essence, they build internal models not just of the world, but of us. And that should give us pause. Because once an agent becomes adaptive and semi-autonomous, privacy isn't just about who has access to the data; it's about what the ag...