Data exfiltration stories - Page 6

Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.

Tenable warns unpatched self-hosted Google Looker systems face remote takeover, data theft and cross-tenant cloud attack risks.

Radware launches Agentic AI Protection to secure autonomous agents at runtime, tackling prompt injection, tool abuse and data exposure risks.

Cyberhaven launches unified AI-powered platform to track data lineage, cut insider risk and secure sensitive information across IT estates.

Okta users face rising vishing attacks as ShinyHunters expand real-time MFA phishing, prompting fresh SaaS and identity security warnings.

Panera data breach exposes details of 14 million customers, spotlighting a surge in SaaS-focused extortion and identity-driven cyber attacks.

Black Kite debuts ThreatTrace, harnessing NetFlow and DNS telemetry to reveal hidden third‑party compromises and sharpen cyber risk ratings.

Bedrock Data adds native Confluence support to map how sensitive collaboration content flows into AI systems and expose hidden access risks.

Staff are quietly turning to unsanctioned AI tools, trading security and data privacy for speed, as new research warns of rising leakage risks.

Ransomware gangs shrank in number but hit more victims in late 2025, with leak-site postings soaring despite fewer active groups.

Shadow AI tool Clawdbot quietly spreads across workplaces, alarming security teams as staff grant it broad access on unmanaged devices.

AI-driven cloud adoption is forcing firms to swap static privacy checklists for continuous, real-time defence of sensitive data flows.

SonicWall warns over 95% of cyber breaches stem from misconfigured tools, as firms lean on MSPs and cyber warranties to plug skills gaps.

Experts say AI-driven attacks and rampant data leaks mean organisations must verify outputs, curb collection and harden identity controls.

Politically themed LOTUSLITE phishing campaign hits US policy bodies, using DLL sideloading and espionage-focused backdoor tactics.

Attackers are already exploiting AI agents, extracting hidden prompts, bypassing safety checks and abusing tools tied to data and systems.

A new Astaroth banking trojan variant hijacks WhatsApp Web to self-spread via chats while silently stealing Brazilian banking credentials.

Rapid7 partners with ARMO to embed cloud runtime detection into its Command Platform, unifying exposure management and live threat response.

F5 rolls out AI Guardrails and AI Red Team to harden runtime security, blending adversarial testing with real-time policy enforcement.

HP reports a surge in convincing fake software updates and staged prompts that trick users into installing stealthy, rapidly evolving malware.