Security news aggregator

Latest coverage for Zscaler

Zscaler is a cloud security platform that brokers access to applications and internet services, making its controls and flaws relevant to enterprise risk.

117 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Zscaler is a cloud-delivered security platform that routes users’ web, SaaS, and private-application traffic through policy enforcement points rather than relying solely on an enterprise network perimeter. Its functions can include a secure web gateway, cloud firewall, malware and phishing inspection, data-loss controls, and zero-trust access, which grants access to specific applications based on identity and device context instead of broad network connectivity.

Security coverage depends on correct identity policies, traffic steering, endpoint agents, application connectors, and integrations with directories and security tools. Vulnerabilities or misconfigurations in those components can expose internal applications, bypass inspection, or disrupt access; compromise of an administrative account or control plane could also change policies broadly. HTTPS inspection requires installed trust certificates and creates material privacy and compliance considerations, so organizations should limit decryption, protect logs, and define retention. Advisories under this tag may therefore concern the cloud service, client software, connectors, APIs, or dependent identity systems, and should be assessed alongside configuration review and access-control monitoring.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 117

Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites, exposing new risks for autonomous AI workflows. Zscaler ThreatLabz documented two active campaigns that embed hidden instructions in web pages to manipulate AI agents, not human users, though those get caught too. The technique is called indirect prompt injection: malicious […]

Bank Info Security 1 month, 3 weeks ago

Zscaler Struggles to Win New Customers Despite AI Fears

Zscaler CEO Jay Chaudhry Says New AI Frontier Models Have Yet to Boost RevenueZscaler reported strong renewal growth and rising demand for zero trust security amid AI-driven threats, but slowing new customer acquisition, sales leadership turnover and cautious expectations for Red Canary integration weighed on investor confidence.

Bank Info Security 1 month, 3 weeks ago

Zscaler Targets AI Identity Risk With Symmetry Acquisition

Startup Symmetry Systems Maps Relationships Across AI, SaaS and Cloud AssetsZscaler plans to acquire San Francisco-based Symmetry Systems to unify visibility across AI models, identities, applications and datasets, helping enterprises track AI lineage, govern agentic identities and enforce granular zero trust controls across cloud and SaaS environments.

Smaller Cybersecurity Partners Get Opus 4.7 But Not Anthropic's Highest-Risk ModelAnthropic’s Project Glasswing gives CrowdStrike, Palo Alto Networks and Zscaler privileged access to Claude Mythos Preview, while smaller cybersecurity partners such as SentinelOne and TrendAI can only integrate with Anthropic's generally available Opus 4.7 model.

Bank Info Security 3 months, 3 weeks ago

Why Healthcare Faces Rising Risks From Shadow AI

Zscaler's Ravi Monga on Managing AI Risks in Clinical EnvironmentsHealthcare organizations are increasingly adopting AI for efficiency and patient care, but governance is lagging behind. Zscaler's Healthcare CISO Ravi Monga explains why visibility into AI usage, including shadow AI, has become the sector's most urgent cybersecurity challenge.

Bank Info Security 3 months, 3 weeks ago

Zero Trust Anchors AI Security Strategy

Zscaler's Jay Chaudhry on Infrastructure, Agents and OversightZscaler CEO Jay Chaudhry explains why distributed infrastructure and zero trust models will shape AI security, the agent risks mirroring human threats and why strong oversight and identity validation remain essential for mission-critical applications.

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit

Bank Info Security 8 months, 2 weeks ago

Zscaler Purchases SPLX to Strengthen GenAI Model Protection

Acquisition Boosts AI Defense from Red-Teaming, Risk Scoring to Compliance TrackingThe SPLX acquisition gives Zscaler new tools for red-teaming, AI governance and pre-deployment risk analysis. The deal will strengthen Zscaler's push to provide comprehensive GenAI protection, from cloud model discovery to runtime guardrails and ongoing compliance reporting.

Loading more headlines...