Infosec stories - Page 20

DigiCert warns UltraDNS DDoS attacks spiked to record levels in December 2025, driven by massive Aisuru and Kimwolf botnets.

Legacy VPNs are emerging as a prime security liability as hybrid work, identity‑based attacks and cloud apps expose their design flaws.

1Password revamps its global partner programme to tap soaring demand for AI-era identity security and non-human access governance.

Tenable warns 'LookOut' flaws in Google Looker could hand attackers server control, expose secrets and enable cross-tenant cloud access.

AvePoint extends its Confidence Platform to tighten agentic AI governance and broaden multi-cloud backup across major SaaS and IaaS tools.

AI, hybrid cloud and SASE are driving a shift from security sprawl to consolidation, with unified policy control now the top priority.

Developers granting AI agents broad, unsupervised access to code and systems are creating new software supply chain and data exposure risks.

Searchlight Cyber has promoted former product chief Michael Gianarakis to CEO as founder Ben Jones moves to a strategic board role.

Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.

Callback phishing jumps sixfold as BEC fraud stays dominant, with criminals weaponising CAPTCHAs, trusted brands and cloud platforms.

DryRun launches DeepScan Agent, an AI tool that scans whole codebases in hours to rank real-world security risks and speed remediation.

Tenable warns critical Google Looker flaws could enable server takeover and data theft, leaving unpatched self-hosted deployments exposed.

Moltbook's boom in user-built AI agents is fuelling mounting warnings over cyber threats and brand damage as governance lags adoption.

As most ransomware strikes after hours, small firms face a costly 3 AM security gap that only round-the-clock MDR can realistically close.

Tenable warns unpatched self-hosted Google Looker systems face remote takeover, data theft and cross-tenant cloud attack risks.

Attackers are hijacking live web sessions by stealthily tampering with NGINX configs, silently relaying traffic via rogue servers.

AI, quantum threats and tougher regulation will reshape cyber strategies by 2026, forcing new governance, identity models and SOC workflows.

YubiKey rollout boosts ROI by 265% and slashes breach exposure 99.99%, Forrester study finds, delivering multi-million USD $ gains.

Semperis has bought MightyID to extend its identity resilience platform with Okta and Ping backup and recovery across hybrid environments.

FireMon and Illumio link microsegmentation with firewall policies in one platform to cut conflicts and speed Zero Trust deployments.