Ahold Delhaize
-
ServiceNow to buy Armis for $7.75 billion to expand device-focused security
ServiceNow agreed to buy Armis for $7.75 billion to expand its security offerings into device and cyber-physical exposure management, combining Armis’ asset discovery with ServiceNow’s workflow and risk products and citing AI-driven automation as a core rationale.
-
ABA says deepfakes and generative AI are eroding court evidence and procedures
The American Bar Association’s report warns that generative AI and deepfakes are undermining legal procedures and evidence while also offering efficiency gains; the ABA has convened a task force to develop guidance on authenticity, liability and courtroom use.
-
Global privacy laws strengthen rights but enforcement and outcomes remain uneven
A 35-year review by researchers at Dakota State University finds that global privacy laws have expanded rights and obligations but enforcement and measurable reductions in harm are uneven; the study highlights uneven fines and compliance rates, growing technology-driven pressures, cross-border uncertainty and the need for metrics to track outcomes.
-
Researchers expose North Korean scheme to rent engineer identities for remote jobs
Security researchers say North Korean recruiters tied to Famous Chollima have been soliciting software engineers to rent their identities, using stolen identities, deepfakes and remote access to secure jobs at Western firms and route activity through compromised machines.
-
Researchers find widespread remote code execution risk in AI inference engines from unsafe ZMQ and pickle use
Researchers found a recurring insecure pattern — pickle deserialization over unauthenticated ZeroMQ sockets — in multiple AI inference frameworks, creating remote code execution risks across projects including vLLM, NVIDIA TensorRT-LLM, Modular Max Server and SGLang; related research also showed browser and IDE injection risks in Cursor.
-
Anthropic says Chinese state-sponsored group used Claude Code AI in espionage campaign
Anthropic reported that a Chinese state-sponsored group used its Claude Code AI and a Model Context Protocol to orchestrate attempted intrusions against about 30 high-profile organizations in mid-September, succeeding in a small number of cases; Anthropic banned accounts, notified victims and said AI hallucinations limited full autonomy.
-
Meta launches new anti-scam tools for WhatsApp and Messenger
Meta introduced new scam-detection features for Messenger and warnings for WhatsApp to help users spot and avoid scams, said the company, and reported disabling nearly 8 million accounts linked to scam centers while removing more than 21,000 impersonating Pages and accounts.
-
Ukraine agency says Russian-linked hackers used AI to aid cyber attacks in H1 2025
Ukraine’s SSSCIP said Russian-linked hackers increased use of AI in cyber attacks in H1 2025, recording 3,018 incidents and using AI-generated phishing and malware while exploiting webmail flaws and abusing legitimate cloud services.
-
Google launches AI Vulnerability Reward Program with bounties up to $30,000
Google this week launched an AI Vulnerability Reward Program offering up to $30,000 for high-quality reports on flaws in its AI products, covering Search, Gemini, Workspace and other AI systems and laying out tiered payouts for issues such as rogue actions and data exfiltration.
-
Security Flaw in McDonald’s AI Hiring Tool Exposes Personal Data of 64 Million Job Seekers
A security flaw in McDonald’s AI hiring tool, McHire, has led to the exposure of personal data for over 64 million job seekers. Researchers discovered that default credentials and an Insecure Direct Object Reference vulnerability allowed unauthorized access to sensitive information.
