DataBreachToday.com

Airports in Brussels, Berlin, and the UK and Ireland Impacted
Flight cancellations and delays lasting hours at several major European airports including London's Heathrow on Saturday occurred after a cyberattack against a provider of check-in and boarding systems. Hackers late Friday targeted software developed by Collins Aerospace.

New Texas health information legislation that began to go into effect on Sept. 1 includes several noteworthy provisions including requirements related to health record data storage and artificial intelligence, said regulatory attorney Rachel Rose. Rose explains the significance of the new state law.

Hackers Accessed Backup Firewall Preference Files
Firewall maker SonicWall is telling customers to reset credentials after hackers stole firewall configuration backup files stored in its cloud service. Hackers launched brute force attacks against servers storing backup files. They stole configuration data of roughly 5% of the install base.

Funding Supports Threat Hunting, Natural Language to Replace Legacy Detection
Vega aims to replace patchwork AI integrations with an analytics layer that enables real-time, natural language detection across distributed data. Backed by Accel, the company will double headcount, improve detection tuning and reduce false positives without a SIEM rip-and-replace required.

FBI Director Claims 'Supremely Qualified' Unnamed Leaders Replaced Cyber Officials
The FBI is facing growing scrutiny over reported unfilled cyber leadership roles and morale issues following politically charged dismissals, even as cybercrime hits $16.6B and hackers spoof FBI platforms - raising concerns about the bureau’s readiness to counter digital threats.

Startup Simulates Offensive and Defensive AI to Test and Thwart AI-Based Threats
Irregular secured $80 million in funding to turn its research into scalable security tools for businesses adopting AI. With growing offensive AI capabilities, the company is racing to productize simulations that detect vulnerabilities before attackers do.

Default credentials, weak passwords, misconfigurations and a variety of other security shortcomings are exposing millions of medical devices and their data on the internet, said Soufian El Yadmani, CEO and co-founder of Modat, who shared recent research findings.

Users Download Malware in Bid to Placate Meta
A newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Also, Colt Services Outage Persists, Finland Charges Americans in Vastaamo Hack
This week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack. RevengeHotels hackers used AI, Meta can't overturn a privacy case verdict. Chinese hackers unleashed spear phishing emails. Prosper confirmed a data breach, as did Kering fashion houses.

Silicon Valley Startup Brings AI Agent and Prompt Injection Protections to Falcon
CrowdStrike plans to purchase Pangea to add native AI detection and response capabilities to its Falcon platform. The company says the acquisition will help secure AI models and users alike from preventing prompt injection to tracking agent activity across enterprise environments.

Senate Homeland Security Cancels Markup Session
Lawmakers are racing to extend a key cyber sharing law before it expires Sept. 30, but partisan gridlock and proposed restrictions on the U.S. cyber defense agency's disinformation work threaten reauthorization - risking federal insight into active threats and chilling private cooperation.

A new AI-powered clinical decision support system developed by Google and NASA aims to help astronauts diagnose and treat medical issues during space missions - even when real-time communication with Earth is unavailable, said Chris Hein, field CTO of Google Public Sector.

JavaScript Repository Contends With Wormable Malicious Code
An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has called one of the most severe JavaScript supply-chain attacks so far. A malicious script exfiltrated data to GitHub repositories named "Shai-Hulud."

New Safeguards Follow Teen Suicides Linked to ChatGPT and Other AI Chatbots
OpenAI is rolling out new safeguards in ChatGPT to protect younger users by adding age estimation tools and, in some cases, requiring ID verification for those claiming to be over 18. The move follows growing scrutiny over the impact of chatbots on teenagers.

AP2 Protocol Introduces 'Mandates' to Keep Agent-Led Spending Accountable
Artificial intelligence agents can now shop so consumers don't have to - but the non-human shoppers will need a signed permission slip first. Google on Wednesday announced the launch of an "agent payments protocol," which creates a framework for AI-driven purchases.

Startup Plans Unified Remediation for Misconfigurations and Patching, Compliance
Remedio has landed $65 million in funding to develop tools that go beyond detection and automate secure remediation. CEO Tal Kollender says the goal is faster growth, a bigger U.S. sales footprint, and delivering a platform that closes the gap between risk visibility and action.

South Dakota, Florida Ophthalmology Breaches Among Recent Medical Specialty Attacks
Two separate hacks on ophthalmology practices in South Dakota and Florida have affected more than a quarter-million patients. The cyberattacks were among the latest of several major data breaches reported in recent months by eye care providers.

Prosecutors Asked Court to Sentence Conor 'Pompompurin' Fitzpatrick to 188 Months
Conor Brian Fitzpatrick, founder and administrator of the first iteration of the BreachForums cybercrime forum, received a three year prison sentence during a Tuesday resentencing in a Virginia federal court. Better known online as "Pompompurin," 22-year-old Fitzpatrick pleaded guilty in July 2023.