Infosec stories - Page 5

Security chiefs warn organisations that AI agents, machine accounts and stolen credentials are shifting cyber risk from the perimeter to identity.

Booking.com tells some customers to watch for phishing after suspicious activity exposed reservation details, contact data and messages linked to bookings.

AI-driven bots and machine accounts are exposing long-running identity security gaps across Australian and New Zealand organisations, experts warn.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Salt warns AI agents are widening the API security gap, with 92% of organisations still short of advanced defences and 47% delaying releases.

Certes says v7 extends quantum-safe data protection to edge systems, letting organisations secure hybrid workloads without application rewrites.

AI-era data security needs more than DSPM visibility, as firms must track how sensitive information moves and enforce controls in real time.

Minor Hotels teams up with Google, Salesforce, OneTrust and Deloitte on an AI-led data platform to sharpen guest service across 640 properties.

UK SOC spots Monday-morning conditional access failure from Germany, helps reset compromised Microsoft 365 account before attackers can strike.

Lumen says attackers are increasingly exploiting routers, VPN gateways and other edge devices in Australia, with nation-state activity and proxy networks making detection harder.

Anthropic enlists Amazon, Apple and Microsoft in Project Glasswing to use Claude Mythos Preview for hunting vulnerabilities in critical software.

Secureframe adds user access reviews to Comply platform to help compliance teams replace spreadsheets and email with a single audit-ready workflow.

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

iProov warns iOS injection attacks surged 1,151% in late 2025 as generative AI fuels deepfake impersonation and identity fraud.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Arctic Wolf earns a strong 2026 Gartner Peer Insights showing for managed detection and response, backed by 241 reviews and a 99% recommendation rate.

CyberCX deepens Collingwood ties with major partner status, adding official cyber and app roles as clubs face rising digital threats.

CommBank research finds staff are more likely than managers to spot workplace scams, as email-based payment redirection fraud keeps hitting Australian firms.

Dynatrace agrees to buy Bindplane to expand telemetry pipelines, aiming to cut ingest costs and give customers greater control over observability data.

Microsoft warns that 10 to 15 EvilToken phishing runs are launched daily, compromising hundreds of organisations through OAuth token abuse.