Infosec stories - Page 29

NCC Group links Silver Fox's false-flag malware campaigns to ValleyRAT and uncovers critical PowerG flaws that can fully compromise alarms.

CrowdStrike teams with Nord Security to bundle Falcon tools with secure access for SMBs via NordLayer and MSP marketplace Pax8.

Rapid AI rollout, geopolitical rifts and fragile supply chains are upending cyber risk, straining outdated security and compliance regimes.

Burnout and alert fatigue among UK cyber teams are quietly eroding defences, leaving organisations exposed as attacks intensify.

Zama predicts privacy-first compliance tools and quantum-safe cryptography will become standard for regulated onchain finance by 2026.

Astra launches a continuous cloud scanner for AWS, Azure and GCP, promising fewer false alerts by validating which risks are truly exploitable.

AI-powered 'Truman Show' scam uses OPCOPRO app and fake trading rooms in official stores to steal cash and victims' digital identities.

Concentric AI launches Private Scan Manager on Azure, letting regulated sectors keep sensitive data in private cloud while using SaaS tools.

Intruder finds over 42,000 sensitive tokens hidden in JavaScript bundles, exposing a major blind spot in modern web app security tools.

UK launches GBP £210m Cyber Action Plan and central unit to shore up digital public services amid rising attacks and legacy risks.

Nine in ten US and European security professionals lack a roadmap for post-quantum cryptography, leaving critical data exposed long term.

HP reports a surge in convincing fake software updates and staged prompts that trick users into installing stealthy, rapidly evolving malware.

Kiteworks and Concentric AI join forces to tie AI-driven data discovery to automated controls on sensitive information shared externally.

UK firms pour cash into cyber security yet neglect AI-specific threats, leaving new attack surfaces exposed despite rising confidence.

Thales launches AI Security Fabric to shield enterprise LLM and agentic AI apps from runtime threats like prompt injection and data leakage.

AI is set to redefine cyber defence in 2026, forcing UK boards and public bodies to swap reactive security for automated, collective resilience.

AI-native malware, deepfake fraud and attacks on connected devices will dominate enterprise cyber risk in 2026, VIPRE has warned.

Myths over the value of business data are leaving smaller firms dangerously exposed, IDS-INDATA warns ahead of Data Privacy Day.

OWASP has launched its first Top 10 list for agentic AI, warning autonomous systems act as a powerful but risky new digital workforce.

iProov and HYPR integrate liveness checks with passwordless login to stop deepfake workers infiltrating enterprises at onboarding.