New data from Proofpoint shows that Gen AI tools and autonomous agents are creating a fresh category of insider risk. Companies now face growing exposure from unsupervised AI access, careless employees, and sensitive data flowing into public models. A shift toward behavioural analytics and unified security controls is becoming essential.
Hyundai AutoEver America has confirmed a cyberattack that exposed Social Security Numbers, names, and driver’s license details. With up to 2.7 million Hyundai and Kia owners potentially affected, the incident raises the risk of targeted phishing and identity theft, and forces the company to reinforce its systems while offering credit monitoring to victims.
Researchers have discovered that the Curly COMrades threat group used Alpine Linux virtual machines on Windows hosts to hide custom malware and evade detection. The VM design routed all malicious traffic through the host IP, making conventional EDR tools ineffective and allowing targeted intrusions in Georgia and Moldova to continue unnoticed.
In an exclusive interaction, Synology’s Regional Sales Manager, Antoine Yang, discusses the company’s latest innovations unveiled at Solution Day 2025. From AI-driven collaboration tools to ransomware-proof backup solutions, Synology is pushing the boundaries of performance, resilience, and hybrid cloud efficiency for UAE enterprises.
NHS trusts are struggling to finish their Windows 11 upgrades because several medical device suppliers have not made their hardware compatible. This leaves essential systems running unsupported software and exposes hospitals to significant cyber risk.
A critical pair of flaws in the King Addons plugin for Elementor allowed attackers to take over WordPress sites without authentication. Version 51.1.37 resolves the issues, and administrators are advised to update immediately.
New research suggests that AI-powered browser sidebars, now being integrated into next-generation “agentic” browsers, could expose users to serious security risks. Researchers have shown that malicious extensions can easily mimic trusted AI sidebars, harvest credentials, and trigger remote attacks.
Microsoft's emergency patch for a critical WSUS vulnerability exposes deeper problems with how we manage enterprise security. The flaw, rated 9.8 in severity, allows unauthenticated attackers to gain system-level access and potentially compromise entire networks through the very tool meant to distribute security updates. While the immediate fix is straightforward, the incident highlights how critical infrastructure components continue to have severe, well-understood vulnerability types that should have been caught years ago.












