Security news.
Today's security landscape highlights significant data breaches, critical vulnerabilities, and ongoing concerns around AI security. Multiple organizations reported breaches impacting millions of users, while new flaws in Linux and Microsoft Defender were patched. The potential for AI to be exploited in attacks, from gaining access to cloud environments to influencing coding agents, remains a prominent theme.
12 Million Impacted by Data Breach at Japanese Telco KDDI
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system, impacting 12 million users.
AssuranceAmerica Data Breach Exposes Records of 6.9 Million Drivers
American insurance company AssuranceAmerica disclosed a data breach impacting nearly 7 million drivers after attackers accessed its systems earlier this year.
15-Year-Old Linux Vulnerability ‘GhostLock’ Allows Root Access
A Linux kernel vulnerability, dubbed 'GhostLock,' affecting every major distribution since 2011, allows attackers to gain root access and earned researchers $92k from Google.
Microsoft Patches Defender ‘RoguePlanet’ Privilege Escalation Vulnerability
Microsoft released security updates for a Defender vulnerability, CVE-2026-50656, known as RoguePlanet, which is a privilege escalation issue in the Microsoft Malware Protection Engine.
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
A new ransomware family, GodDamn, employs the PoisonX kernel driver to neutralize security software and has been observed targeting US companies, potentially using a Microsoft-signed malicious driver.
AI Gateways Offer Attackers Keys to the Kingdom
A cryptomining incident highlighted how AI gateways can provide attackers access to AI models, cloud infrastructure, and identity and access management (IAM) data.
AI Coding Tools Tricked Into Hacking Developer Machine via 'GhostApproval'
Researchers disclosed 'GhostApproval,' a new attack method where AI coding assistants can be tricked into writing to sensitive files, taking control of a developer's computer.
Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours
An attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to breach an AWS cloud environment within 72 hours, extorting a large Amazon customer.