Remedio Secures $65M to Tackle Patch and Vulnerability Gaps

Michael Novinson • September 17, 2025

Remedio has landed $65 million in funding to develop tools that go beyond detection and automate secure remediation. CEO Tal Kollender says the goal is faster growth, a bigger U.S. sales footprint, and delivering a platform that closes the gap between risk visibility and action.

Agentic AI

AI and Enterprise Drive New Era at MDR Vendor Binary Defense

Latest

Artificial Intelligence & Machine Learning

Ted Cruz Wants to Give AI Companies a Regulatory Time Out

Chris Riotta • September 17, 2025

Privacy advocates and cybersecurity experts tell Information Security Media Group a new legislative proposal introduced by Sen. Ted Cruz, R-Tx., called the SANDBOX AI Act may pose major risks for U.S. consumers while undercutting state and federal regulators overseeing the rapidly growing AI sector.

Artificial Intelligence & Machine Learning

OpenAI Adds Age Checks, Parental Controls for Minors

Anviksha More • September 17, 2025

OpenAI is rolling out new safeguards in ChatGPT to protect younger users by adding age estimation tools and, in some cases, requiring ID verification for those claiming to be over 18. The move follows growing scrutiny over the impact of chatbots on teenagers.

Artificial Intelligence & Machine Learning

Let AI Do the Shopping, Says Google

Rashmi Ramesh • September 17, 2025

Artificial intelligence agents can now shop so consumers don't have to - but the non-human shoppers will need a signed permission slip first. Google on Wednesday announced the launch of an "agent payments protocol," which creates a framework for AI-driven purchases.

3rd Party Risk Management

Shai Hulud Burrows Into NPM Repository

Akshaya Asokan • September 17, 2025

An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has called one of the most severe JavaScript supply-chain attacks so far. A malicious script exfiltrated data to GitHub repositories named "Shai-Hulud."

3rd Party Risk Management

Human Factor Keeps Supply Chains Exposed to Cyberattacks

Anna Delaney • September 17, 2025

Supply chain attacks have evolved into a major entry point for adversaries, but their success still hinges on human error. Kinly CISO Don Gibson says organizations must strengthen processes to reduce risks from overlooked social engineering and human factors in supplier relationships.

Cyberwarfare / Nation-State Attacks

What's Old Is New Again as Iranian Hackers Exploit Macros

Mathew J. Schwartz • September 17, 2025

The Iranian nation-state cyberespionage group MuddyWater is going back to the future with attacks featuring Microsoft Office documents with malicious macros. It is also shifting to homegrown malware in place of commercial remote monitoring and management tools, said researchers.

Artificial Intelligence & Machine Learning

AI Governance Shapes Data Protection in Tacoma

Tom Field • September 17, 2025

Tacoma is redefining how it protects sensitive data as employees adopt generative AI, said Enzhou Wang, chief data officer for the City of Tacoma, Washington. He outlined how the city is strengthening governance while balancing security, privacy and operational needs.

Artificial Intelligence & Machine Learning

NASA, Google Testing AI ‘Doctor in a Box’ for Space Missions

Marianne Kolbasuk McGee • September 17, 2025

A new AI-powered clinical decision support system developed by Google and NASA aims to help astronauts diagnose and treat medical issues during space missions - even when real-time communication with Earth is unavailable, said Chris Hein, field CTO of Google Public Sector.

Critical Infrastructure Security

CISA Delays Cyber Reporting Rule to Reduce Scope and Burden

Chris Riotta • September 16, 2025

The U.S. Cybersecurity and Infrastructure Security Agency will delay its final cyber incident reporting rule until May 2026 after receiving extensive industry feedback about compliance burdens, a top official for the agency told Information Security Media Group on Monday.

Cybercrime

Original BreachForums Admin Gets 3-Year Prison Sentence

David Perera • September 16, 2025

Conor Brian Fitzpatrick, founder and administrator of the first iteration of the BreachForums cybercrime forum, received a three year prison sentence during a Tuesday resentencing in a Virginia federal court. Better known online as "Pompompurin," 22-year-old Fitzpatrick pleaded guilty in July 2023.

Data Breach Notification

2 Eye Care Practice Hacks Affect 260,000 Patients, Staff

Marianne Kolbasuk McGee • September 16, 2025

Two separate hacks on ophthalmology practices in South Dakota and Florida have affected more than a quarter-million patients. The cyberattacks were among the latest of several major data breaches reported in recent months by eye care providers.

Finance & Banking

Security, Privacy and Compliance: Always Stronger Together

Mathew J. Schwartz • September 16, 2025

Modern cybersecurity and privacy regulations from GDPR onwards are driving organizations to embrace more proactive approaches to compliance, said business resilience expert Heather Lowrie. "Security, privacy, compliance - they're not at odds," she said, but rather best delivered collaboratively.