Data exfiltration stories

DTEX warns that AI agents controlled via Telegram and WhatsApp can quietly access files, expose credentials and exfiltrate data from endpoints.

Akto partners with LangChain, Portkey, TrueFoundry, Arcade and LiteLLM to embed runtime safeguards across the AI agent stack.

Acronis rolls out GenAI Protection for managed service providers to spot shadow AI, curb data leakage and block prompt injection.

Zscaler joins Anthropic's Project Glasswing to test Claude Mythos Preview in software scans, as the firm pushes zero trust against AI-driven attacks.

CIS, Astrix and Cequence publish AI security guides for large language models, autonomous agents and MCP environments.

Securin says healthcare faces ransomware attacks about every 10 hours, with hospitals repeatedly hit via known flaws, stolen credentials and remote access.

LangWatch releases open-source AI red-teaming framework to expose hidden vulnerabilities in production agents through multi-turn attack simulations.

Anthropic's Mythos spots corporate network attacks in hours, while security experts warn unmanaged AI agents are becoming a critical enterprise risk.

Netskope's Tony Burnside warns AI agents are creating hidden east-west traffic, calling for omni-directional controls and smarter DLP to stop data leaks.

Proofpoint says mailbox rule abuse is becoming a routine Microsoft 365 takeover tactic, helping attackers hide alerts, hijack threads and drive fraud.

Sonatype flags 21,764 malicious open-source packages in Q1 2026, with npm hit hardest as attackers used trusted workflows to steal secrets.

Salt warns AI agents are widening the API security gap, with 92% of organisations still short of advanced defences and 47% delaying releases.

AI-era data security needs more than DSPM visibility, as firms must track how sensitive information moves and enforce controls in real time.

UK SOC spots Monday-morning conditional access failure from Germany, helps reset compromised Microsoft 365 account before attackers can strike.

Nutanix and NetApp team up on migration tools to help enterprises modernise virtualised systems, cut complexity and bolster ransomware defences.

Anthropic’s Claude Code is under scrutiny after researchers found deny rules can weaken in long workflows, raising fresh concerns for AI-driven development.

Microsoft says Storm-1175 is exploiting newly disclosed flaws within hours, hitting organisations in the UK and elsewhere with fast-moving Medusa ransomware.

Permiso launches SandyClaw sandbox to detonate AI agent skills and expose hidden runtime risks before they reach enterprise systems.

ChatGPT flaw may have let attackers siphon sensitive user data via DNS queries, prompting OpenAI to issue a fix after researchers exposed the bug.

Zscaler says Xloader malware has added layered encryption, decoy servers and new obfuscation tricks to hinder analysts.