DataBreachToday.com

New Filing Frames Anthropic Dispute as Operational Control Issue - Not Free Speech
The Justice Department is arguing in a new court filing that Anthropic’s ability to update guardrails and behavior post-deployment creates unacceptable supply-chain risks, warning that vendor access to AI systems could enable manipulation or failure in mission-critical defense operations.

Newly Minted Unicorn Says AI-Driven Attacks Force Shift to Continuous Pen Testing
Xbow has raised $120 million in Series C funding after proving its autonomous AI hacking platform can outperform human pen testers. CEO Oege de Moor says the rise of AI-driven cyberattacks is forcing enterprises to test systems continuously rather than periodically.

Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP Takedown
This week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage.

Vulnerability Affects Certain Centricity Medical Imaging Products
The U.S. Food and Drug Administration has issued a recall notice for certain GE Healthcare Centricity medical imaging products due to a "potential" cybersecurity vulnerability that could allow a hacker to manipulate data or impact availability of the affected products.

Practical Guide to Collector-First Architecture and Phased OTel Migration
OpenTelemetry has become the observability standard, but adoption remains difficult. This blog provides a blueprint for teams to implement OTel with collector-first architecture, edge and gateway design, gradual migration and combined instrumentation strategies.

Medtech Maker Is Still Recovering While Iranian Hackers Threaten More Attack Victims
As medtech maker Stryker continues working to restore global IT systems brought offline by a cyberattack last week, class action lawsuits against the company are piling up in federal court and the Iranian hackers claiming credit for the attack are warning of more assaults to come on other victims.

White House Cyber Strategy Urges Deeper Industry Partnership Without Defining Roles
The administration's cyber strategy pushes deeper public-private coordination and expanded threat visibility across critical infrastructure, but lacks specifics on operational roles, incentives and legal protections needed for industry to actively disrupt malicious activity.

CEO Says Added OEM Context Can Sharpen Industrial Cybersecurity and New Use Cases
Nozomi Networks CEO Edgard Capdevielle said Mitsubishi Electric's purchase gives the industrial cybersecurity firm richer OEM context to improve OT and IoT security and pursue adjacent use cases such as asset visibility, maintenance support and operational efficiency across critical infrastructure.

Datos Insights' Serpil Hall on Using Predictive AML Tools to Support Compliance
Instant payments are reshaping financial crime controls as speed and the irreversibility of transactions strain anti-money laundering compliance programs. While many assume real-time AML means faster processing, this approach can increase risk, said Serpil Hall, strategic advisor at Datos Insights.

Cancer research and treatment innovation - and the tech that powers that - requires a great deal of collaboration and data sharing among multiple parties. But keeping that sensitive information secure and private is crucial - and requires adherence to standards, said Baxter Lee of Clearwater.

Dell's AI Blueprint for Identity, Agents and Agentic Infrastructure
Going all-in on AI with a top down strategy and a ravenous appetite for innovation has helped Dell transform its operations and grow revenue by $30 billion, and the company's evolution lays out a blueprint for how CIOs should think about building infrastructure for AI and managing an army of agents.

Startup Native Targets Enterprise Policy-to-Architecture Gap Across Clouds
Startup Native emerged from stealth with $42 million to advance a proactive cloud security model that enforces policy-driven controls, helping enterprises manage AI-driven threats and maintain consistent protections across complex multi-cloud environments.

AI, Robotics Leaders Warn Chinese Robots Could Disrupt Sensitive Operations
Witnesses told a U.S. House Homeland Security panel that Chinese-developed AI robotics platforms could give Beijing new avenues for surveillance, disruption and physical harm across critical sectors, and urged restrictions on federal use as China expands its industrial dominance.

Chinese Hacking Firm iSoon and Iran's Emennet Pasargad Among Targets
The European Union sanctioned three Chinese and Iranian hacking operations that have been under U.S. indictments or sanctions for over a year - or, in one case, since 2019. The sanctions freeze assets and forbid EU citizens and companies from funding or otherwise doing business with the targets.