DataBreachToday.com

$300M Acquisition Strengthens Palo Alto Networks' XDR and AI Governance Platform
Palo Alto Networks plans to acquire Koi Security for $300 million to address growing AI-driven endpoint risks. The startup's technology adds deep visibility into AI agents plug-ins and nonbinary code, enhancing Cortex XDR and Prisma AIRS as enterprises confront a growing unmanaged AI attack surface.

Founder, CEO Martin Mao: AI-Driven Remediation, Data Optimization at Core of Deal
Palo Alto Networks' acquisition of Chronosphere will help unify observability and security operations. The integration with Cortex AgentiX and Cortex XSIAM aims to automate remediation, optimize telemetry pipelines and help enterprises manage soaring data volumes from cloud-native and AI workloads.

Router Maker Accuses Rivals, Competitors of Smear Campaign
The Texas attorney general invoked state consumer protection law to sue Wi-Fi router maker TP-Link Systems for misrepresenting its connections to mainland China and the security of its ubiquitous devices. The suit says TP-Link should be forced to declare that their products are made in China.

New Trojan May Soon Be Offered for Sale to Criminal Underground
Security researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.

Researchers Say AI Prompt Injection Has Emerged As a Dangerous New Class of Attacks
The large language model industry has mostly treated prompt injection attacks as a risk analogous to traditional web server prompt injection attacks. Researchers now say feeding rogue instructions to an artificial intelligence system merits its own classification as "promptware."

Incident Responders Detail Top Ransomware and Business Email Compromise Tactics
There's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.

Fraud Specialist David Barnhardt on Addressing Authentication Risks of Agentic AI
Financial institutions are racing to deploy AI agents that can initiate payments, approve transactions and freeze accounts. But traditional authentication frameworks assume there's a human on the other end. As agentic AI use grows, banks are facing an authentication crisis that demands new controls.

Cyber threats are continuous, unpredictable, and increasingly sophisticated. This session provides actionable insights to help organisations prepare, respond, and recover with confidence—while enabling innovation and growth.

Why Reducing Data Volume Matters More Than Ever for SOCs and CISOs
Data minimization is often perceived as a constraint on innovation. In reality, it is the ultimate enabler of resilience. It reduces the impact of breaches, weakens ransomware leverage, improves SOC efficiency and secures the AI frontier.

AI chatbots rank as the number-one health tech hazard in 2026, followed by "digital darkness" and legacy medical device cyber issues, said Rob Schluth and Scott Luney, technology and security experts at patient safety group ECRI Institute, which compiles an annual top 10 list. They explained why.

Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last June
Ohio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.

CISO Sean Atkinson on Moving From 'GRC Theater' to Continuous GRC Engineering
As NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said.

As Innovation Sandbox Turns 21, AI-Based Solutions Dominate Annual Contest
Next month in San Francisco, the Innovation Sandbox at RSAC Conference will celebrate its 21st year of choosing key emerging solutions in cybersecurity. Past winners and finalists range from EDR and XDR giant SentinelOne in 2014 to cloud security phenom Wiz in 2021.

Series C Funding Round Focuses on Secrets Remediation, Agent Governance Expansion
Backed by a $50 million Series C, GitGuardian plans to accelerate U.S. expansion and enhance secrets detection remediation and non-human identity controls as AI agents multiply across enterprises, increasing exposure to credential abuse and lateral movement.