DataBreachToday.com

Also, Taiwan Rail Hack, Massive DDoS Attack and Karakurt Jail Sentence
This week, Microsoft Edge exposed passwords, Taiwan police make arrests in high-speed rail hack and a 2.45 billion-request DDoS attack. A Karakurt negotiator jailed, North Korean IT worker scams led to prison terms and France detained a teen over a government data breach. Another Ivanti zero-day.

WatchGuard Aims to Reduce Alert Fatigue Through Telemetry Correlation
WatchGuard acquired SaaS security startup Perimeters to strengthen cloud detection and response capabilities spanning identity threat detection, cloud posture management and shadow IT discovery as enterprises face escalating attacks targeting cloud applications and distributed environments.

ServiceNow Takes Aim at Enterprise AI Sprawl at Knowledge 2026
At its Knowledge 2026 conference, ServiceNow announced artificial intelligence control tower expansions, an autonomous workforce across every business function and a platform play to become the operating layer for all enterprise AI solutions.

Pentagon Expands Frontier AI Providers Amid Anthropic Legal Fight
The Pentagon said it will no longer depend on a single artificial intelligence provider as the White House pushes agencies to diversify frontier AI systems amid an escalating legal and policy fight with Anthropic over military use of advanced models.

AI-Driven Attacks Compress Breakout Times, Forcing Defenders to Rely on Context Now
AI has lowered the cost and speed of cyberattacks, enabling adversaries to exploit vulnerabilities within minutes. As breakout times collapse, security teams must respond faster by using context-driven intelligence and automation to detect, prioritize and stop threats in real time.

Mythos Moves the Needle on AI Innovation, Defense
Anthropic’s “Mythos moment” is accelerating vulnerability discovery, but speed without validation is a growing risk. As exploit windows shrink and remediation lags, more findings only mean more noise. The real advantage lies in validating what actually matters—and fixing it first.

Portable KYC Remains Elusive Despite Digital Identity Growth in UAE, Europe, Asia
The United Arab Emirates recently launched a national digital Know Your Customer platform under the oversight of the UAE Central Bank, aiming to standardize customer onboarding, streamline compliance checks and strengthen anti-money laundering enforcement.

ARPA-H Program Aims to Speed Up Disease Breakthroughs Using AI-Enabled Ecosystem
Biomedical research breakthroughs for complex diseases and chronic illnesses can take years to achieve. The U.S. Department of Health and Human Services is hoping to speed that up ten-fold by creating an artificial intelligence-enabled interoperable research ecosystem.

Mythos Found ‘Tens of Thousands’ of Unpatched Flaws With Months to Fix Them
Anthropic CEO Dario Amodei warned that Claude Mythos has found tens of thousands of unpatched software vulnerabilities, with a six-to-12 month window before Chinese AI models catch up. The disclosure came alongside a major financial services push including an investor-backed firm and 10 new AI agents.

Allianz Retains Risk Exposure While Outsourcing Cyber Insurance Operations
Allianz will transition operational control of its standalone commercial cyber insurance business to Coalition, combining the insurer's global distribution and balance sheet with Coalition's cyber underwriting, monitoring and incident response capabilities in a long-term strategic partnership.

Litigation Initiated by the US FTC Leads to Settlement Restricting Data Broker
The Federal Trade Commission has banned an Idaho-based data broker from selling sensitive location data gathered from "hundreds of millions" of individuals' mobile devices without their knowledge or consent. The proposed order ends several years of legal sparring between Kochava and the FTC.

BlueVoyant Seeks to Expand Beyond MDR Clients Into Firms With Mature In-House SOCs
BlueVoyant named John Hernandez - the former leader of Quest's Microsoft security business - as its next CEO to drive an agentic AI SaaS platform that expands the vendor beyond managed services and helps customers accelerate detection, response and supply-chain risk management.

Security Leaders From Equifax, Rapid7 on Identity Security and Visibility Failures
In part one of the Anatomy of a Breach series, Equifax's Jeremy Koppen and Rapid7's Christiaan Beek examine why familiar security gaps still lead to breaches. Experts discuss ways to improve readiness in the face of identity-driven attacks, visibility failures and governance weaknesses.

Mythos a Turning Point, Say Lawmakers in Missive to European Commission
Dozens of European lawmakers are pressing the European Commission to act quickly to protect the continent's cybersecurity, due to the advent of new AI models that have considerable hacking prowess.

Critical Infrastructure Operators Urged to Fortify Against Nation-State Attacks
The Cybersecurity and Infrastructure Security Agency launched CI Fortify, urging critical infrastructure operators to adopt isolation and rapid recovery capabilities to maintain essential services under cyberattacks, amid warnings that nation-state actors are already embedded in operational systems.

Security Leaders Face Gaps, Not in Their Org Charts, But in Their Team's Skills
Concerns about the skills and capabilities of cybersecurity teams have for the first time overtaken worries about headcount and unfilled vacancies among CISOs, according to a new SANS survey.

Why Technical Leaders Are Walking Away and What We Can Do to Fix It
Leaders are expected to deliver results, yet often lack the authority to make key decisions. The article examines how this imbalance creates friction, undermines performance and turns accountability without authority into a persistent leadership challenge.