Infosec stories - Page 4

China-linked TA416 returns to spying on European diplomats and later expands attacks to Middle Eastern government targets after Iran conflict.

Commvault adds structured database controls to Commvault Cloud after Satori deal, aiming to curb AI-era exposure across live and backup data.

Vulnetix expands AI coding defences as Australia's first Global CVE Numbering Authority, opening vulnerability tools to developers nationwide.

Avocado urges Australian firms to tighten repository security as the ACSC reissues a high alert on active supply chain attacks and secrets sprawl.

Cloudflare and WatchGuard urge organisations to rethink cloud defences as rising identity attacks, AI risks and quantum threats expose weak spots.

GigaOm names Check Point a third-year application security leader as its WAF posts strong detection rates and low false positives.

Attackers abuse trusted tools, remote support software and stolen SSO sessions to breach systems, ReliaQuest says.

ChatGPT flaw may have let attackers siphon sensitive user data via DNS queries, prompting OpenAI to issue a fix after researchers exposed the bug.

Upwind taps former Facebook security chief Joe Sullivan to bolster cloud and AI strategy as it eyes enterprise buyers and rapid growth.

Zscaler says Xloader malware has added layered encryption, decoy servers and new obfuscation tricks to hinder analysts.

Australian firms urged to tighten cloud defences as Zscaler and Reolink warn AI agents and connected cameras are widening cyber risk.

Secure.com urges Chief Information Security Officers to use AI for alert triage and threat detection, but keep human judgement in the loop.

QuSecure has joined a NIST-backed consortium to test tools and methods that help organisations find and replace quantum-vulnerable public-key systems.

ReliaQuest flags DeepLoad malware stealing live credentials in enterprise networks, with AI-style obfuscation, USB spread and hidden WMI persistence.

Thales report finds weak login and sign-up flows are pushing users away, as trust in AI, data handling and digital services remains low.

Experts warn firms must improve visibility and backup resilience as automated ransomware campaigns and hidden SaaS and AI assets widen exposure.

Bitdefender offers free 45-day internal security check to spot over-entitled staff access as attackers increasingly abuse trusted tools.

ExpressVPN expands beyond VPNs with encrypted AI chats, launching ExpressAI on confidential computing enclaves after an audit by cybersecurity firm Cure53.

CrowdStrike and HCLTech deepen cybersecurity tie-up with a service to spot, prioritise and fix threats across cloud, identity and endpoints.

SonicWall says small firms are being hit hardest by basic security lapses as ransomware, bot traffic and identity theft keep climbing.