ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
VentureBeat

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

Enterprise security teams are losing ground to AI-enabled attacks — not because defenses are weak, but because the threat model has shifted. As AI agents move into production, attackers are exploiting ...

Conduent data breach hits millions across multiple states

Massive ransomware attack on government contractor Conduent may have exposed data of tens of millions across multiple states ...
Accounting TodayOpinion

Battling data exfiltration: Why accounting firms must act now

For accounting firms, the evolution in cyber threats is more than a wake-up call, it's a risk to client trust, compliance ...

PayPal Data Breach Confirmed—Money Was Stolen, Passwords Now Reset

PayPal has confirmed a long-running breach that exposed personal information and led to fraudulent transactions. Are you affected? What data was exposed?
Campus Technology

Defending Against Data Breaches in the Age of Deepfakes

As social-engineering attacks surpass ransomware as the top cyber risk, institutions must reevaluate their cybersecurity practices.
Forbes

Logitech Data Breach — What We Know As 0-Day Hack Attack Confirmed

I have always been a fan of Logitech mice, I mean, who isn’t? But I’m not a fan of reading the words “Logitech International S.A. ("Logitech") recently experienced a cybersecurity incident relating to ...
CSOonline

ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Security researchers from Radware have demonstrated techniques to exploit ChatGPT connections to third-party apps to turn indirect prompt injections into zero-click attacks with worm-like potential ...
CRN

Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch

The disclosure follows reports that the cybercriminal group Clop has been extorting a significant number of E-Business Suite customers. Oracle is now linking a widespread data extortion campaign ...
Ars Technica

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can’t be viewed or manipulated by ...
Dark Reading

Advanced Security Isn't Stopping Ancient Phishing Tactics

Phishing is nothing new when it comes to cybersecurity threats, constantly putting users and organizations at risk of compromising sensitive information. But a new study has uncovered alarming ...
Bleeping Computer

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach ...