Data exfiltration stories

AI agents are fuelling a new wave of cyber risk, as criminals weaponise automation to speed up ransomware and sharpen extortion tactics.

Kiteworks and Kasm link governed data exchange with isolated workspaces to tighten control of sensitive information across partners.

Attackers push fake Red Alert Android app via SMS, turning Israel rocket warning tool into spyware that steals messages, contacts and location.

OpenAI agrees to buy Promptfoo, aiming to embed automated security testing and red-teaming tools directly into its Frontier AI coworker platform.

SurePath AI launches real-time MCP policy controls to lock down AI tool access, aiming to secure fast-growing workplace agent workflows.

Fake Claude AI search ads are spreading info-stealing malware, hijacking developer credentials and cloud access via spoofed download sites.

A critical MediaTek boot flaw lets attackers steal PINs and crypto wallets from powered-off Android phones with a 45-second USB attack.

Misconfigured Salesforce Experience Cloud guest profiles are being exploited for mass data harvesting, with up to 400 firms possibly affected.

Wireless flaws have surged 230-fold since 2010, as Bastille warns AI data centres and critical infrastructure face escalating unseen risks.

GenAI use in healthcare is fuelling patient data policy breaches, with regulated records making up 89% of AI-linked violations, research shows.

A stealthy BlackSanta malware campaign is hijacking CVs and HR hiring flows to kill EDR tools at kernel level and exfiltrate data.

A stealthy BlackSanta malware spree is hijacking HR recruitment workflows, killing endpoint defence tools and exfiltrating sensitive data.

AI-native agents could quietly upend endpoint and SASE, eroding incumbents' telemetry moats as control shifts to the AI interaction layer.

Forcepoint adds ARIA AI assistant and a faster endpoint agent to Data Security Cloud to tighten policy control for generative AI workloads.

AI-driven cyberattacks are surging across Asia-Pacific, with IBM warning basic security gaps now let attackers move from scan to impact faster.

Teramind has unveiled an AI governance platform to monitor workplace AI tools and shadow agents, aiming to curb hidden data and security risks.

Attackers' AI use is surging faster than staff skills, Fortinet warns, leaving firms exposed despite rising security awareness spending.

Identity-based attacks drove nearly 70% of incidents in Expel's 2026 threat report, exposing gaps between basic controls and real-world defence.

SentinelOne launches identity tools to monitor and revoke access for human users and fast-moving AI agents beyond initial authentication.

Ransomware cases dipped 17% in January, but NCC warns the threat remains high as Qilin targets critical sectors and tactics evolve.