DataBreachToday.com

Also: EU Bans AI Tools, Notepad++ Secures Updater, Apple Patches iOS Zero-Day
This week, Cambodia shuttered 200 scam centers. EU Parliament banned AI tools. Canada Goose disputed a ShinyHunters leak. Notepad++ patched an updater flaw. Apple fixed a decades-old iOS zero-day. BeyondTrust and Dell patched critical flaws under active exploitation.

Analysts Urge Mandatory Guardrails on AI Agents, Identity and Privilege
Security leaders are pressing Treasury to embed enforceable guardrails - covering adversarial testing, AI inventory, identity privilege mapping and real-time monitoring - into its forthcoming financial-sector AI guidance as deepfake fraud, data poisoning and autonomous agent risks escalate.

Hospital, ER Open but All Clinics, Elective Care Cancelled Statewide; FBI Called In
The University of Mississippi Medical Center on Thursday said a ransomware attack has triggered its emergency operations plan and forced its hospitals to cancel all clinic and elective procedures at all locations statewide.

Ransomware, Lack of Visibility, Mischaracterizations and Nation-States, Oh My
There is a silent epidemic of ransomware attacks on commercial operational technology systems, which are mischaracterized as IT incidents even though they impact operational systems, claims a comprehensive annual review of cyberattacks targeting OT, published this week by security firm Dragos.

$300M Acquisition Strengthens Palo Alto Networks' XDR and AI Governance Platform
Palo Alto Networks plans to acquire Koi Security for $300 million to address growing AI-driven endpoint risks. The startup's technology adds deep visibility into AI agents plug-ins and nonbinary code, enhancing Cortex XDR and Prisma AIRS as enterprises confront a growing unmanaged AI attack surface.

Founder, CEO Martin Mao: AI-Driven Remediation, Data Optimization at Core of Deal
Palo Alto Networks' acquisition of Chronosphere will help unify observability and security operations. The integration with Cortex AgentiX and Cortex XSIAM aims to automate remediation, optimize telemetry pipelines and help enterprises manage soaring data volumes from cloud-native and AI workloads.

Router Maker Accuses Rivals, Competitors of Smear Campaign
The Texas attorney general invoked state consumer protection law to sue Wi-Fi router maker TP-Link Systems for misrepresenting its connections to mainland China and the security of its ubiquitous devices. The suit says TP-Link should be forced to declare that their products are made in China.

New Trojan May Soon Be Offered for Sale to Criminal Underground
Security researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.

Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of Attacks
The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as "promptware."

Incident Responders Detail Top Ransomware and Business Email Compromise Tactics
There's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.

Fraud Specialist David Barnhardt on Addressing Authentication Risks of Agentic AI
Financial institutions are racing to deploy AI agents that can initiate payments, approve transactions and freeze accounts. But traditional authentication frameworks assume there's a human on the other end. As agentic AI use grows, banks are facing an authentication crisis that demands new controls.

Cyber threats are continuous, unpredictable, and increasingly sophisticated. This session provides actionable insights to help organisations prepare, respond, and recover with confidence—while enabling innovation and growth.

Why Reducing Data Volume Matters More Than Ever for SOCs and CISOs
Data minimization is often perceived as a constraint on innovation. In reality, it is the ultimate enabler of resilience. It reduces the impact of breaches, weakens ransomware leverage, improves SOC efficiency and secures the AI frontier.

AI chatbots rank as the number-one health tech hazard in 2026, followed by "digital darkness" and legacy medical device cyber issues, said Rob Schluth and Scott Luney, technology and security experts at patient safety group ECRI Institute, which compiles an annual top 10 list. They explained why.

Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last June
Ohio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.