DataBreachToday.com

ServiceNow's Neeraj Jain on Risk Mitigation and Real-Time Data Access for AI Agents
Enterprises that embed governance from intake to deployment scale AI faster than those that bolt it on afterward. Clear frameworks mitigate risk, ensure compliance and increase operational efficiency, says Neeraj Jain, director of product management, hyperscalers and multi-cloud at ServiceNow.

National Accident Health Says Breach Exposed Medical Info of 181,000 People
A Maine-based third-party administrator that handles healthcare claims involving day care centers, youth sports and NCAA athlete accidents is notifying more than 181,000 individuals that their medical information and personal identifiers may have been accessed or stolen in a hacking incident.

Cyderes Aims to Fuse Identity, AI and Risk Signals in One Platform With Lucidum Buy
Cyderes has acquired Lucidum to expand its identity threat detection capabilities. Lucidum’s unique tagging and data integration will strengthen Cyderes' AI engine, enabling earlier detection of threats and human risk-based response by unifying off-SIEM telemetry with identity data.

Misconfigured Customer Network Edge Devices' Under Fire, Warn Researchers
Misconfigured edge devices hosted in the cloud are giving nation-state hackers carte blanche to access Western critical infrastructure, warn threat intelligence experts at Amazon, who tied exploits of AWS customers' device administrator portals to Russia's GRU military intelligence agency.

2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Black Hat's Jeff Moss: 'We're in a Political Situation, Whether You Like It or Not'
Technology doesn't exist in a vacuum, and by extension neither does cybersecurity. But in recent years, Black Hat founder Jeff Moss said he's been "struggling" with the "uncomfortable truth" that unlike the largely risk-free early days of hacking, today "all tech is political."

Defense Bill Expands Cyber Authorities, Tech Adoption and Talent Pipeline
Congress advanced a $15.1 billion military cyber budget in the fiscal year 2026 National Defense Authorization Act, boosting core operations, workforce recruitment and tech modernization as civilian cyber teams face sharp staffing losses and budget constraints.

Companies Are Among the Latest HIPAA Business Associates Revealing Recent Hacks
New York-based medical supply fulfillment company Fieldtex is notifying its clients and more than 274,000 people about an August hack. Meanwhile, revenue cycle software firm TriZetto is also contacting its customer and patients about its own hacking incident.

Also: Australia's AI Policy Backtrack, Legal Protections for White Hat Hackers
In this week's ISMG Editors' Panel, four editors explored Australia's shift in artificial intelligence regulatory policy, a resurgence of white hat hackers in the news and the shadow Telegram market of Russian fraudsters who are selling identities of former U.S. immigrants for $1,000 a person.

Hackers Target French Interior Ministry, Germany Summons Russian Ambassador
The French Ministry of Interior is investigating a suspected nation-state cyberattack that targeted its email server. Additionally, the German government on Friday attributed a 2024 hacking incident on air traffic control systems to Russian nation-state hackers.

Elastic Is Scaling Security Training With Modular Learning, Hands-On Skills-Building
Elastic is evolving its security training to modular, on-demand formats - at no cost - to reach more learners. It is focusing on short, feature-focused modules that provide flexible, practical skill-building without replacing premium instructor-led courses.

Trump Tees Up Federal Lawsuits Against State Rules in Executive Order
The Trump administration says it'll sue states that establish rules for artificial intelligence that go beyond a standard of "minimally burdensome" regulation - a step the U.S. president said is necessary to ensure China doesn't pull ahead in a global race for AI supremacy.

New Rules Tell Power Grid Operators to Log All OT Network Traffic
A new reliability standard for U.S. and Canadian electric grid tells major power companies to monitor and log traffic on their operational technology and industrial control systems networks. The rules will be a heavy lift for the electricity sector.

Europe Tries, Tries Again Amid Transatlantic Uncertainty
European cloud users love hyperscalers - but they’re all American. Microsoft, Google and Amazon Web Services together hold 70% of the European market, with local providers mustering a mere 15% collectively. That landscape could soon change in the face of geopolitical reality.

Boards are becoming increasingly focused on understanding the mechanics and implications of agentic artificial intelligence, but traditional governance processes aren't built for the speed and complexity of today's AI-driven innovation cycles, said JoAnn Stonier, former chief data and AI officer at Mastercard.

Ukrainian National Twice Indicted in Los Angeles for Pro-Russian Hacking
U.S. and allied agencies warned of low-skill Russian-linked hacktivists breaching critical infrastructure by exploiting weak remote access tools, as federal prosecutors charged a Ukrainian national with helping orchestrate operations targeting water and energy systems.

AI Firm Says New Models May Be 'High Risk' as Dual-Use Capabilities Grow
OpenAI said Wednesday it is preparing for artificial intelligence models to reach "high" cybersecurity risk levels, marking an escalation in the dual-use capabilities that could strengthen defenses or enable sophisticated attacks.

KKR-Led Series B Investment Propels AI Agent, Nonhuman Identity Management Push
Backed by $700 million in funding from KKR at a $3 billion valuation, Saviynt plans to accelerate innovation in identity security for humans, machines and AI agents. The Series B investment supports global expansion and continued platform development to meet evolving enterprise needs.