Security news aggregator

Latest coverage for Exposure

Stay informed on the latest exposure risks in information security. Expert analysis, breach updates, and data leak prevention tips. Stay secure!

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Exposure is the condition in which a system, service, credential, vulnerability, or sensitive information is accessible or discoverable by people or systems that should not reach it. In threat modeling, it describes an attack surface or loss of control—not proof that an attacker has succeeded. Examples include an internet-facing administration interface, cloud storage with unintended permissions, a secret committed to source code, or personal data sent to an unintended recipient. Its significance depends on what is exposed, who can reach it, and which protections remain.

The primary defense is exposure reduction: maintain an accurate asset inventory, remove unnecessary public access, enforce least-privilege permissions and strong authentication, patch externally reachable software, and revoke leaked credentials or secrets. Encryption can limit the value of exposed data, but does not correct an exposed access path. Continuous scanning and log review help identify changes and support rapid containment when exposure is discovered.

Showing 10 most recent headlines Filtered view

Cybersecurity Startup Exposed Lilli Using a Flaw as Old as the WebSecurity startup CodeWall disclosed this week that its autonomous AI agent breached McKinsey's internal AI platform Lilli in two hours on Feb. 28, accessing tens of millions of messages and hundreds of thousands of files through a basic, years-old database flaw.

Startup Platform Targets Autonomous Detection and Exposure ManagementCybersecurity startup Kai emerged from stealth with $125 million in funding led by Evolution Equity to develop an agentic AI platform that automates exposure management, threat intelligence, analysis and detection workflows while helping security teams remediate vulnerabilities faster.

Startup Exits Stealth Targeting Insider Risk, Shadow AI and GenAI Data ExposureCybersecurity startup Jazz has raised $61 million with an AI-driven approach to data loss prevention. Its platform deploys agent investigators that analyze data context, users, systems and processes to detect insider threats and risky AI usage more accurately than legacy rule-based tools.

Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage it deliberately

An attack on the company’s AWS platform may have exposed customers' names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.…