AiLock
You must login to view this content
You must login to view this content
A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia. The group’s defining characteristic is the ability to maintain stealthy years-long persistence in target environments. In this particular case, booting them out also took considerable effort, as they managed to gain control of the full authentication stack by … More →
The post China-linked spies backdoored authentication stack to stay hidden for years appeared first on Help Net Security.
Anthropic has updated its privacy policy for Claude, adding explicit terminology that allows the company to perform age and identity verification on consumer users. The change signals a tighter security and compliance stance across Claude Free, Pro, and Max plans. It is scheduled to take effect on July 8, 2026. In the revised policy, Anthropic […]
The post Anthropic Updated Privacy Policy to Include Identity Verification for Claude Users appeared first on Cyber Security News.
Delinea and Cyera announced a product integration that connects privileged access to sensitive data exposure, automatically correlating identities with the data they can access. Together, Delinea and Cyera help security teams identify, prioritize, and remediate the highest-risk access paths across every human, machine, and AI agent. As identities multiply and AI agents interact with data at machine speed, security teams struggle to govern which privileged identities can reach critical data, and act on that risk … More →
The post Delinea and Cyera integrate for data-aware identity security appeared first on Help Net Security.
A critical vulnerability chain in Microsoft 365 Copilot Enterprise that let attackers steal sensitive corporate data, MFA codes, email contents, calendar details, and confidential files with nothing more than a single click on a link pointing to a legitimate Microsoft domain. Dubbed SearchLeak, uncovered by Varonis Threat Labs and tracked as CVE-2026-42824, the flaw earned […]
The post Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click appeared first on Cyber Security News.