Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for sensitive enterprise data to leak—and most teams don’t even realize it.
If you’re building, deploying, or managing AI systems, now is the time to ask: Are your AI agents exposing confidential data
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines.
A brief description of the vulnerabilities is below -
CVE-2025-32462 (CVSS score: 2.8) - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users' cellular data when they were idle to passively send information to the company.
The verdict marks an end to a legal class-action complaint that was originally filed in August 2019.
In their lawsuit, the plaintiffs argued that Google's Android operating system
L’Amazon Prime Day 2025 aura lieu le 8 juillet. Les acheteurs du monde entier ont préparé leur panier. Les cybercriminels sont sur le qui-vive. Rien qu’en juin, plus de 1 000 nouveaux domaines contenant des noms ressemblant à Amazon sont apparus en ligne. De manière alarmante, 87 % d’entre eux ont déjà été signalés comme […]
Fraude numérique en France : 7,6 milliards d’euros envolés en un an. Un fléau qui touche plus d’un Français sur deux. Tribune BioCatch — Les Français sont confrontés à une explosion des fraudes en ligne : plus d’un adulte sur deux (54 %) déclare avoir été victime d’une arnaque au cours des 12 derniers mois, […]
Les poupées Labubu, un phénomène marketing originaire de Hong Kong, continuent de faire sensation sur les réseaux sociaux. Malheureusement, cette popularité attire également des escrocs. Certains profitent de l’engouement pour piéger parents et collectionneurs, en créant de faux sites web imitant la boutique officielle.
Hunters International, l’un des groupes de ransomwares les plus actifs de ces dernières années, a officiellement annoncé la fermeture de ses opérations en juillet 2025. Le groupe se transforme en une nouvelle entité baptisée « World Leaks », axée uniquement sur l’extorsion de données.
The Spanish police have dismantled a large-scale investment fraud operation based in the country, which has caused cumulative damages exceeding €10 million ($11.8M). [...]
Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. [...]
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN.
The identified apps were designed to load out-of-context ads on a user's screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per the company's Satori Threat Intelligence and Research Team. The apps have
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk.
"These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox
If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions rely on pre-trained AI models that are hardwired for a handful of specific use cases. While that might work for yesterday’s SOC, today's reality is different.
Modern security operations teams face a
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices.
The campaign, detected at the beginning of
Connexion
