#account-enforcement
#account-enforcement

US news

How AI is getting better at finding security holes

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Information security

Anthropic says its latest AI model can expose weaknesses in software security

45 minutes ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

US news

How AI is getting better at finding security holes

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

more#ai

#ai-governance

fromeLearning Industry

Custom AI Governance Services: The Missing Piece In Your L&D Strategy

Many L&D teams adopt AI tools without ensuring fairness, transparency, and accountability in their training programs.

Philosophy

fromBusiness Matters

The Naughty AI President: A New Age of Governance

AI governance may create a ruler that learns to manipulate systems rather than simply follow them.

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

fromeLearning Industry

Custom AI Governance Services: The Missing Piece In Your L&D Strategy

Many L&D teams adopt AI tools without ensuring fairness, transparency, and accountability in their training programs.

Philosophy

fromBusiness Matters

The Naughty AI President: A New Age of Governance

AI governance may create a ruler that learns to manipulate systems rather than simply follow them.

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

more#ai-governance

fromRoute Fifty

Getting privacy policy right in a competitive digital economy

State and local leaders aim to balance privacy protection with economic competitiveness, as inconsistent privacy laws can hinder business operations and consumer trust.

Digital sovereignty isn't just a buzzword - it's the future

European governments and companies are prioritizing digital sovereignty due to concerns over US control and dependency.

DevOps

fromFortune

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

Europe politics

fromTheregister

10 hours ago

Digital sovereignty isn't just a buzzword - it's the future

European governments and companies are prioritizing digital sovereignty due to concerns over US control and dependency.

DevOps

fromFortune

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

more#digital-sovereignty

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Marketing tech

fromAdExchanger

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

Social media marketing

fromHer Campus

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

Digital life

fromwww.dw.com

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

Social media marketing

fromHer Campus

fromIPWatchdog.com | Patents & Intellectual Property Law

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

more#social-media

#artificial-intelligence

Intellectual property law

AI is Raising the Stakes on Intellectual Capital and IP Rights

Intellectual property law

AI is rewriting the rules of biological experiments, but safety regulations aren't keeping up

AI is autonomously designing and running biological experiments, outpacing current governance systems meant to regulate these capabilities.

fromIPWatchdog.com | Patents & Intellectual Property Law

AI is Raising the Stakes on Intellectual Capital and IP Rights

Firms implementing AI for knowledge capture will secure competitive advantages through codified expertise.

more#artificial-intelligence

AI is rewriting the rules of biological experiments, but safety regulations aren't keeping up

AI is autonomously designing and running biological experiments, outpacing current governance systems meant to regulate these capabilities.

Roblox introduces mandatory age-gated account tiers amid child safety lawsuits

Roblox is implementing mandatory age-gated account tiers to enhance child safety and content access based on age.

fromwww.bbc.com

Roblox defends expanded agechecks after parents raise concerns over errors

Roblox is expanding its child safety system with age-specific accounts, despite concerns about misclassification of users and reduced parental controls.

fromEngadget

Roblox introduces mandatory age-gated account tiers

Roblox is implementing age-segregated accounts to enhance user safety and content appropriateness.

Roblox plans new age-based accounts for child safety

Roblox is enhancing child protection features with age verification and restricted accounts for users aged 5 to 15.

fromThe Verge

Roblox will need age verification to make sure you're at least 9 years old

Roblox will require age verification for users nine and older to access certain games, enhancing child safety measures on the platform.

fromTNW | Gaming

1 hour ago

Roblox introduces mandatory age-gated account tiers amid child safety lawsuits

Roblox is implementing mandatory age-gated account tiers to enhance child safety and content access based on age.

fromwww.bbc.com

Roblox defends expanded agechecks after parents raise concerns over errors

Roblox is expanding its child safety system with age-specific accounts, despite concerns about misclassification of users and reduced parental controls.

fromEngadget

Roblox introduces mandatory age-gated account tiers

Roblox is implementing age-segregated accounts to enhance user safety and content appropriateness.

Roblox plans new age-based accounts for child safety

Roblox is enhancing child protection features with age verification and restricted accounts for users aged 5 to 15.

fromThe Verge

fromwww.independent.co.uk

Roblox will need age verification to make sure you're at least 9 years old

Roblox will require age verification for users nine and older to access certain games, enhancing child safety measures on the platform.

more#roblox

UK news

11 hours ago

Phone firms should use technology to stop children taking nudes, police chief says

Tech firms must enhance children's online safety by preventing the creation of nude images on their devices, according to law enforcement officials.

Silicon Valley

fromThe Nation

11 hours ago

The Death of an AI Whistleblower

Suchir Balaji, a whistleblower against OpenAI, claimed the company violated copyright laws by using vast amounts of internet data for its AI models.

Law

fromArs Technica

IBM folds to Trump anti-DEI push, admits no misconduct but pays $17M penalty

IBM settled for over $17 million while denying any wrongdoing related to its DEI programs.

fromnews.bitcoin.com

5 hours ago

New SEC Guidance Targets DeFi Interfaces, Self-Custodial Wallets, and Execution Routing Disclosures

Crypto trading interface operators can avoid broker-dealer registration if they meet 12 specific conditions outlined by the SEC.

#ice

fromTNW | Government-Policy

A grand jury is trying to force Reddit to unmask a user who criticised ICE

Federal prosecutors are seeking to unmask a Reddit user who criticized an ICE officer involved in a fatal shooting.

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

fromTNW | Government-Policy

A grand jury is trying to force Reddit to unmask a user who criticised ICE

Federal prosecutors are seeking to unmask a Reddit user who criticized an ICE officer involved in a fatal shooting.

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

more#ice

#data-breach

fromTNW | Data-Security

12 hours ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Booking.com confirms hackers accessed customers' data | TechCrunch

Hackers accessed Booking.com customers' personal data, including names, emails, and booking details, prompting notifications to affected users.

fromTechRepublic

Booking.com Hack Exposes Customer Data, Sparks Travel Scam Fears

Hackers breached Booking.com, exposing personal data of customers, including names, addresses, and booking details, raising concerns about privacy and security.

20 hours ago

Booking.com Customer Data Hacked, Exposed

Booking.com experienced a data breach, exposing customer booking information but not financial data.

14 hours ago

Booking.com confirms data breach, but is tight-lipped about details

A data breach at Booking.com exposed customer bookings, with unauthorized access to personal information, though the extent and timing remain unclear.

fromTNW | Data-Security

12 hours ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Booking.com confirms hackers accessed customers' data | TechCrunch

Hackers accessed Booking.com customers' personal data, including names, emails, and booking details, prompting notifications to affected users.

fromTechRepublic

Booking.com Hack Exposes Customer Data, Sparks Travel Scam Fears

Hackers breached Booking.com, exposing personal data of customers, including names, addresses, and booking details, raising concerns about privacy and security.

20 hours ago

Booking.com Customer Data Hacked, Exposed

Booking.com experienced a data breach, exposing customer booking information but not financial data.

fromPrivacy International

14 hours ago

Booking.com confirms data breach, but is tight-lipped about details

A data breach at Booking.com exposed customer bookings, with unauthorized access to personal information, though the extent and timing remain unclear.

more#data-breach

US news

fromwww.independent.co.uk

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

UK politics

Tech bosses could face jail for failing to remove revenge porn from websites

New government proposals aim to hold tech executives accountable for failing to remove revenge porn from their platforms.

World news

China Is Cracking Down on Scams. Just Not the Ones Hitting Americans

Governments struggle to combat industrial-scale scamming operations linked to organized crime, causing billions in losses, particularly affecting foreign victims.

#child-safety

Parenting

Tech can't wait for regulation to protect children online | Computer Weekly

Harmful online content for children results from profit-driven algorithms, not parenting or education failures.

Irresponsible failure': Google, Meta, Snap and Microsoft slam EU over child sexual abuse law lapse

The European parliament has blocked the extension of a law allowing tech firms to scan for child sexual exploitation, creating a legal gap for child safety.

Parenting

Tech can't wait for regulation to protect children online | Computer Weekly

Harmful online content for children results from profit-driven algorithms, not parenting or education failures.

Irresponsible failure': Google, Meta, Snap and Microsoft slam EU over child sexual abuse law lapse

The European parliament has blocked the extension of a law allowing tech firms to scan for child sexual exploitation, creating a legal gap for child safety.

The Hidden Risk Behind Every 'Frictionless' Digital Experience

Digital experiences should prioritize human agency over pressure tactics to foster trust and informed decision-making.

#fraud-prevention

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

Non-profit organizations

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

MITRE Releases Fight Fraud Framework

MITRE released the Fight Fraud Framework to help organizations combat fraud through a behavior-based model of fraud tactics and techniques.

more#fraud-prevention

#cybersecurity

Healthcare

Healthcare Executives Face a New Era of Personal Risk

Information security

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Information security

FCC selects ioXt Alliance to lead cyber labeling program

Artificial intelligence

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

Booking.com Says Hackers Accessed User Information

Hackers may have accessed customer information on Booking.com, but accounts have not been breached.

Healthcare

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Information security

FCC selects ioXt Alliance to lead cyber labeling program

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

Booking.com Says Hackers Accessed User Information

Hackers may have accessed customer information on Booking.com, but accounts have not been breached.

more#cybersecurity

#meta

34 minutes ago

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators

Over 70 advocacy organizations demand Meta halt face recognition plans for smart glasses due to privacy and safety concerns.

34 minutes ago

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators

Over 70 advocacy organizations demand Meta halt face recognition plans for smart glasses due to privacy and safety concerns.

AI Governance Isn't a Barrier: It's Marketing's Growth Engine | Adspeak

AI is transforming marketing by enabling innovation through governance, clean data, and balancing automation with human creativity.

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

fromnews.bitcoin.com

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

Is your phone listening to you?

Phones are not listening to conversations; targeted ads are based on user behavior and interests.

The Guardian view on AI politics: US datacentre protests are a warning to big tech | Editorial

Voters across the political spectrum are uniting against big tech's influence, particularly regarding AI datacentres and their environmental impact.

#openai

Law

OpenAI Backing Law That Protects It When AI Causes Mass Deaths and Other Mayhem

Florida's attorney general investigates OpenAI for its potential role in a deadly school shooting influenced by ChatGPT conversations.

AI companies know they have an image problem. Will funding policy papers and thinktanks dig them out?

OpenAI calls for a reimagined social contract focused on people-first ideas amid rising public disapproval of AI.

Law

OpenAI Backing Law That Protects It When AI Causes Mass Deaths and Other Mayhem

Florida's attorney general investigates OpenAI for its potential role in a deadly school shooting influenced by ChatGPT conversations.

Intellectual property law

AI companies know they have an image problem. Will funding policy papers and thinktanks dig them out?

OpenAI calls for a reimagined social contract focused on people-first ideas amid rising public disapproval of AI.

more#openai

fromElectronic Frontier Foundation

Comparison Shopping Is Not a (Computer) Crime

AI tools can help consumers find better prices, but Amazon is attempting to block them using legal claims.

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

Marketing tech

fromMarTech

A framework for auditing generative AI outputs pre-launch | MarTech

Marketing teams should use a four-stage audit framework for Generative AI outputs to ensure brand voice consistency and copyright compliance.

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

Law

fromIndependent

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

fromEngadget

Meta warned by dozens of organizations that facial recognition on its smart glasses would empower predators

Civil rights organizations urge Meta to abandon facial recognition in smart glasses due to risks of empowering stalkers and predators.

Marketing tech

fromForbes

How AI Interfaces Are Reshaping Discovery, Trust And Decision Making

The traditional home page is losing its significance as AI assistants reshape how users interact with brands online.

fromnews.bitcoin.com

19 hours ago

SEC and CFTC Fast-Track US Crypto Oversight Using Interpretive Rules to Bypass Lengthy Rulemaking

U.S. regulators are using interpretive rules for faster crypto oversight, prioritizing clarity and reducing barriers for digital asset expansion.

fromMail Online

5 hours ago

Warning to iPhone users over iCloud storage scam exposing bank details

A new email scam targets iPhone users, posing as iCloud notifications to steal personal and banking information.

Europe Gets Serious About Age Verification Online

Five EU countries are testing a digital wallet for age verification, but progress varies significantly among them.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

fromArs Technica

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

fromAdExchanger

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

fromArs Technica

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

Why Website Cookies Aren't As Sweet As They Sound

Website cookies can raise serious privacy concerns due to their role in tracking user behavior and collecting personal data.

fromPopular Science

How to stop your smart TV from tracking you

Smart TVs are capable of tracking user data, including viewing habits and app usage, which can lead to personalized advertising and content recommendations. Users may prefer to limit this tracking to protect their privacy.

Privacy technologies

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

fromTNW | Offers

10 Best SOC 2 Compliance Software for 2026

SOC 2 compliance software automates security controls, streamlining the audit process and ensuring readiness in weeks instead of months.

fromInfoWorld

3 weeks ago

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

#identity-management

Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

more#identity-management

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

fromAdExchanger

What Regulators Talk About When They Talk About Ad Tech | AdExchanger

Privacy regulators emphasize protecting children, honoring opt-outs, and ensuring companies are transparent about data collection practices.

fromThe Verge

3 weeks ago

Online age checks came first - a VPN crackdown could be next

Lawmakers aim to ensure VPNs do not obstruct online age verification efforts.

fromMedCity News

3 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

fromTheregister

4 weeks ago

Age verification isn't sage verification inside OSes

California's Digital Age Assurance Act attempts age verification for minors but is vague, incoherent, and creates liability risks without clearly defining compliance requirements or addressing practical implementation across diverse computing devices.

fromEntrepreneur

2 months ago

AI Can Delete Your Data. Here's Your Prevention Plan.

Never feel that you are totally safe. In July 2025, one company learned the hard way after an AI coding assistant it dearly trusted from Replit ended up breaching a "code freeze" and implemented a command that ended up deleting its entire product database. This was a huge blow to the staff. It effectively meant that months of extremely hard work, comprising 1,200 executive records and 1,196 company records, ended up going away.

Artificial intelligence

fromBusiness Matters

1 month ago

7 Data Privacy Risks Leaders Miss in 2026

Organizations overlook seven critical privacy risks in 2026 that bypass security awareness, including public WiFi interception, malicious browser extensions, shadow AI tools, unencrypted messaging, credential reuse, unmanaged personal devices, and data retention gaps.