Infosec stories - Page 20

Record digital squatting surge sees 6,200 disputes in 2025, as lookalike domains drive costly phishing, malware and payment fraud.

Boomi tops 30,000 customers and runs 75,000 AI agents in production, as enterprises shift from AI experiments to large-scale automation.

Cayosoft and XMS Solutions will overhaul identity systems for a US war agency, bolstering Zero Trust security across hybrid Microsoft environments.

Guardsquare snaps up Verimatrix's XTD tech, adding real-time mobile threat detection and response to its end-to-end app security platform.

DigiCert warns UltraDNS DDoS attacks spiked to record levels in December 2025, driven by massive Aisuru and Kimwolf botnets.

Legacy VPNs are emerging as a prime security liability as hybrid work, identity‑based attacks and cloud apps expose their design flaws.

1Password revamps its global partner programme to tap soaring demand for AI-era identity security and non-human access governance.

AvePoint extends its Confidence Platform to tighten agentic AI governance and broaden multi-cloud backup across major SaaS and IaaS tools.

Tenable warns 'LookOut' flaws in Google Looker could hand attackers server control, expose secrets and enable cross-tenant cloud access.

AI, hybrid cloud and SASE are driving a shift from security sprawl to consolidation, with unified policy control now the top priority.

Developers granting AI agents broad, unsupervised access to code and systems are creating new software supply chain and data exposure risks.

Searchlight Cyber has promoted former product chief Michael Gianarakis to CEO as founder Ben Jones moves to a strategic board role.

Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.

Callback phishing jumps sixfold as BEC fraud stays dominant, with criminals weaponising CAPTCHAs, trusted brands and cloud platforms.

DryRun launches DeepScan Agent, an AI tool that scans whole codebases in hours to rank real-world security risks and speed remediation.

Moltbook's boom in user-built AI agents is fuelling mounting warnings over cyber threats and brand damage as governance lags adoption.

Tenable warns critical Google Looker flaws could enable server takeover and data theft, leaving unpatched self-hosted deployments exposed.

As most ransomware strikes after hours, small firms face a costly 3 AM security gap that only round-the-clock MDR can realistically close.

Tenable warns unpatched self-hosted Google Looker systems face remote takeover, data theft and cross-tenant cloud attack risks.

Attackers are hijacking live web sessions by stealthily tampering with NGINX configs, silently relaying traffic via rogue servers.