DataBreachToday.com

Gartner's Wam Voster on Potentially Harmful AI Decision Systems in OT Environments
Industrial environments already face potential cyberthreats that could lead to downtime. But now with AI agents poised to control operational decisions, factory managers need to watch for new safety risks for cyber-physical systems, said Wam Voster, vice president analyst at Gartner.

Also, More ClickFix Attacks and Teen Booters Arrested in Poland
This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire.

Company Says Supply-Chain Risk Label Threatens Billions in Contracts
Anthropic filed an emergency motion asking a federal appeals court to block a Defense Department decision labeling the AI developer a national security supply-chain risk. The company says the move could cost billions and followed its refusal to weaken AI safety restrictions.

'Cyber Android RAT' Can Capture WhatsApp History, Crypto Seed Phrases
Cybercriminals are advertising on criminal hacking online boards an Android remote access Trojan that can steal victims' WhatsApp conversation history, surveil them in real time and extract cryptocurrency seed phrases for the low price of about $500 a month.

Startup Platform Targets Autonomous Detection and Exposure Management
Cybersecurity startup Kai emerged from stealth with $125 million in funding led by Evolution Equity to develop an agentic AI platform that automates exposure management, threat intelligence, analysis and detection workflows while helping security teams remediate vulnerabilities faster.

Vendor Combines AI Attack Agents, Human Experts to Simulate Real-World Cyberattacks
Offensive security startup Armadin secured nearly $190 million in funding to expand a platform that uses AI agents to automate red-team operations. The technology enables companies to continuously test defenses and uncover attack paths that traditional consulting engagements often miss.

Bug Allows Attackers to Hijack AI Agents Via Poisoned Documentation
Security researchers at Noma Labs found a critical flaw in Context7, a widely used tool that feeds AI coding assistants documentation, allowing attackers to plant hidden instructions to steal credentials and delete files without touching a developer's machine.

CIOs Face Integration, Talent and ROI Hurdles Despite Rising AI Budgets
CIOs looking for quick wins from AI may be out of luck. The real value from AI won't come from plug-and-play tools that can be bought, but rather from the hard work of integrating AI into enterprise systems, workflows and operating models, according to new research from Cognizant.

Iran Expands Targeting, Including AWS, Google and Microsoft Infrastructure
Michigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a "faketivist" group run by Tehran.

Rural hospitals and clinics continue to struggle with a lack of cyber resources but a federal grant program set to provide $50 billion worth of funding across all 50 states could hopefully help lessen some of the pain, said Jim Roeder, VP of IT at Lakewood Health System in Minnesota.

Long-life medical devices - products typically used for a decade or longer - are among the most post-quantum, cryptographically vulnerable technologies in healthcare, said Joern Lubadel, global head of product security at German-based medical device and healthcare products maker B. Braun.

Ex-FBI Leader Cynthia Kaiser on Sanctions, Ecosystem Disruption, Stronger Policies
U.S. cyber policy now treats ransomware gangs and fraud networks as transnational criminal organizations. Former FBI cyber leader Cynthia Kaiser explains how sanctions, infrastructure takedowns, and international cooperation could weaken cybercrime ecosystems and reduce attacks.

Segmentation Mandates Make One-Way Data-Flow Architectures Essential
Data diodes are re-emerging as a preferred control as IT-OT convergence expands the industrial attack surface and regulators tighten segmentation mandates. Hardware-enforced, one-way data flow offers provable isolation for critical infrastructure and growing executive accountability.

Many healthcare sector organizations are delaying to even begin contemplating - let alone strategizing - how to mitigate post-quantum risk - but procrastination is a major mistake, said Ali Youssef, director of emerging tech security, at Henry Ford Health.

To help strengthen the health ecosystem's overall incident response preparedness, the Health Sector Coordinating Council in coordination with the Health Information Sharing and Analysis Center will in July host a first-ever nationwide virtual cyber exercise, said Greg Garcia, of the HSCC.