Infosec stories

Google warns attackers are shifting from browsers to corporate systems, as tracked zero-day exploits climb and enterprise edge devices surge.

Leaked Sama staff logins tied to stealer malware spark fresh alarm over security of Meta Ray-Ban smart glasses video review pipeline.

Boards hear from CISOs more than ever, yet most security chiefs still lack clout over strategy, spending and fast-rising AI-driven risks.

Deskpro launches cloud and VPC help desk on AWS Marketplace, giving organisations flexible hosting, AI options and streamlined procurement.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

Misconfigured Microsoft 365 is leaving big organisations exposed, with 45% hit by incidents and many turning warily to AI for relief.

Private equity faces rising AI risk as SIG warns fragile software, security and governance are undermining ambitious investment narratives.

Rising UK cyber attacks show training alone is failing; firms must embed behavioural security cues into daily work to cut human risk.

Forcepoint adds ARIA AI assistant and a faster endpoint agent to Data Security Cloud to tighten policy control for generative AI workloads.

Cato launches Dynamic Prevention, a SASE-native engine that auto-detects multi-stage attacks by correlating months of security telemetry.

New research from Cobalt finds 98% of surveyed pentesters prefer PTaaS to bug bounties and show almost no faith in AI-only security scanning.

Senior women across fintech, private equity and cyber call for faster gender parity, urging sponsorship, structural change and bold hiring.

ExpressVPN launches a beta MCP server that lets AI tools monitor VPN status and switch regions directly from its desktop apps.

New Coruna exploit kit shows outdated iOS devices face automated, scalable attacks that can turn compromised phones into corporate gateways.

Women in cybersecurity, long trained to question and validate, are uniquely placed to lead the era of risky, fast‑moving AI tools.

Global ransomware attacks jump 50% to 7,874 in 2025, with industrial firms bearing the brunt as criminal groups reshuffle their tactics.

JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.

Microsoft and Europol have seized over 300 domains to disrupt Tycoon 2FA, a vast phishing-for-hire service bypassing MFA worldwide.

Delinea acquires StrongDM to create a unified, just-in-time identity security control plane for AI-driven and hybrid cloud environments.

IRONSCALES' Winter 2026 Release debuts three AI agents, outbound encryption and Teams deepfake defences to counter next‑gen phishing.