News

This Week in Cyber: AI Gets Scary, Super Funds Get Hit, and Privacy Keeps Eroding

Phil Hall
Phil Hall
Computer keyboard and screen showing code and security data

Another week, another batch of stories that make you want to wrap your phone in tinfoil. Let’s get into it.

AI Is Getting Scary Real

The AI security conversation shifted this week from theoretical to actual. We’re no longer talking about what could happen – we’re talking about what is happening.

Research from NTT DATA highlighted a growing problem: enterprises are deploying AI agents faster than they can secure them. These aren’t chatbots – they’re autonomous systems that can browse the web, access databases, and make decisions without human oversight.

Meanwhile, reports of AI-generated sextortion targeting teenagers are increasing. Scammers are using AI to create fake nude images from social media profiles and threatening to share them. This is the kind of threat that should make every parent sit up and pay attention.

Super Funds Under Attack

The credential stuffing wave that hit Australian super funds last month is still reverberating. The numbers are stark: AustralianSuper alone lost around $500,000, with 600 accounts compromised.

The thing that gets me is how preventable this was. Password reuse isn’t a new problem. We’ve been shouting about it for years. Yet here we are, watching people lose their retirement savings because they used the same password for their super account as they did for some random shopping site.

Privacy Keeps Eroding

If you drive a smart vehicle, you might want to check what data it’s collecting. Tesla, BYD, Volvo – they’re all vacuuming up location data, driving habits, and in some cases, camera footage. The features are great, but the trade-off is real.

And if you use Grafana for monitoring, you’ll want to update. The company confirmed a breach this week, and if you’re running a self-hosted instance, you need to act now.

What I’m Watching Next Week

  • The fallout from the Grafana breach – more details should emerge
  • Continued pressure on AI regulation in Australia
  • More developments in the social media ban implementation

Stay safe out there. And for the love of good passwords, use a password manager.

The best security tool is still common sense. Use it generously.

Worth Reading

Got a story I should cover next week? Drop me a line at info@philiphall.com.

Subscribe

Related articles

Artificial Intelligence

AI Just Discovered 21 Zero-Days in FFmpeg. That Changes Everything.

An autonomous AI agent found 21 zero-day vulnerabilities in FFmpeg while Chrome patched a record 429 bugs. Here is what that means for every team shipping software today.
Read more
Artificial Intelligence

Shadow AI Is quietly making every data breach more expensive

Unmonitored AI tools are adding hundreds of thousands of dollars to breach costs. Here is what is actually happening and why your governance gap is the problem.
Read more
Artificial Intelligence

Software Flaws Are Now the #1 Breach Cause, and AI Is Making It Worse

The 2026 Verizon report puts software flaws ahead of stolen credentials as the top breach cause, with AI accelerating every stage of the attack chain.
Read more
Artificial Intelligence

Anthropic, OpenAI and the race to weaponise AI against insecurity

Anthropic’s Glasswing expansion and OpenAI’s internal drama show AI is being sold as defence, but the threat landscape is moving faster than the governance.
Read more
Artificial Intelligence

ChatGPhish: How ChatGPT Turned Into a Phishing Machine

ChatGPhish shows how attackers can turn AI-generated web summaries into a phishing surface. Here’s why your team needs to treat AI links like untrusted content.
Read more
Previous article
Someone’s Using AI to Make Fake Nudes of Teenagers. Here’s What Parents Need to Know.
Next article
AI Agents Are Everywhere. Your Security Team Probably Isn’t Ready.