With unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise. The post The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US. The post In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged appeared first on SecurityWeek.

Data protection firm Cy4Data Labs has raised $10 million in a Series A funding round led by Pelion Venture Partners. The post Cy4Data Labs Raises $10 Million to Secure Data in Use appeared first on SecurityWeek.

Legends International says the personal information of employees and customers was compromised as a result of a cyberattack. The post Events Giant Legends International Hacked appeared first on SecurityWeek.

Ahold Delhaize has confirmed that data was stolen from its systems in November 2024 after a ransomware group claimed the attack. The post Ahold Delhaize Confirms Data Stolen in Ransomware Attack appeared first on SecurityWeek.

A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions. The post Fresh Windows NTLM Vulnerability Exploited in Attacks appeared first on SecurityWeek.

Minh Phuong Ngoc Vong pleaded guilty to defrauding US companies of roughly $1 million in a fake IT worker scheme. The post Man Helped Chinese Nationals Get Jobs Involving Sensitive US Government Projects appeared first on SecurityWeek.

While the Security Posture Management buzz is real, its long-term viability depends on whether it can deliver measurable outcomes without adding more complexity. The post Demystifying Security Posture Management appeared first on SecurityWeek.

Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek.

Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. The post Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking appeared first on SecurityWeek.