< ciso
brief />
Tag Banner

All news with #zscaler tag

21 articles

Zscaler report shows AI agents vulnerable to IPI traps

🛡️ Zscaler tested 26 LLMs and found several autonomous agents susceptible to indirect prompt injection (IPI) traps, with some high-end models failing while a few lower-tier models fared better. The vendor identified hidden instructions on websites that manipulated agent behavior and caused real-world impacts in controlled tests. Experts warn that agent risk is dynamic, the attack surface is architectural, and binary "safe/vulnerable" labels are overly simplistic for CISOs. The findings highlight that agentic AI introduces new trust boundaries and insider-like threats to enterprise security.
read more →

Zscaler finds AI agents vulnerable to prompt injection

🛡️ Zscaler tested 26 LLM-based autonomous agents and found several susceptible to indirect prompt injection (IPI) schemes, with some high-end models failing while a few lower-tier models fared better. The vendor reported four models as "vulnerable" and three as "safe," but experts warn that agent behavior evolves and binary classifications can be misleading. The findings highlight the architectural risks in agentic AI where untrusted content in the context window can be treated as authoritative, expanding the attack surface for enterprises.
read more →

Hidden web prompts steer AI agents into scams

🔍 Zscaler ThreatLabz uncovered real-world campaigns using indirect prompt injection, where hidden instructions embedded in web pages steer AI agents. Attackers used SEO poisoning to surface malicious pages and hid prompts via CSS and JSON-LD metadata. One campaign impersonated a Python library to trick agents into paying a $3 bogus API key; another typosquatted a DeBank site to claim authority. Tests across 26 LLMs showed varying susceptibility depending on model and context.
read more →

Malicious Edge extension leverages native messaging

🛡️ A malicious Microsoft Edge extension named Edgecution was used to bypass the browser sandbox and deploy a Python-based backdoor by abusing the Chrome Native Messaging protocol. Attackers lured victims via fake Microsoft update pages and social engineering on Microsoft Teams, delivering a malformed ZIP with an embedded Python runtime and two components: a headless Edge extension and a native Python backdoor. Zscaler links the activity to an IAB associated with the Payouts Kings ransomware operation and provides IoCs and mitigation recommendations.
read more →

Stealthy Mistic backdoor tied to KongTuke broker

🛡️ Symantec and Zscaler have detected a new backdoor named Mistic (tracked as MTLBackdoor) used in financially motivated intrusions since April, linked to the initial access broker KongTuke/Woodgnat. The malware was observed in attacks against insurance, education, IT, and professional services organizations and was sometimes deployed after ModeloRAT via social-engineering on Microsoft Teams. Mistic is designed for long-term stealth, side-loading as version.dll from a legitimate executable and running payloads in memory while offering file management, remote command execution, configurable C2 check intervals, and a self-deletion kill switch.
read more →

Zero Trust as the AI control plane for Southeast Asia

🔒 At Zscaler’s Zenith Live 2026 in Vienna, the vendor argued that AI agents are rapidly becoming digital workers while regulators tighten data residency and supply‑chain threats move closer to core operations. Zscaler proposes extending its Zero Trust Exchange and SASE platform to govern AI agents, unmanaged devices, multi‑cloud workloads, and B2B partners, positioning zero trust as the control plane for secure AI adoption in regulated, highly connected markets like Southeast Asia. The company emphasised an AI Broker, endpoint AI security, and an AI Access Graph to map and protect AI assets and data flows.
read more →

Employee uploads to AI tools nearly double enterprise risk

📈 The Zscaler 2026 AI Threat Report warns that sensitive enterprise data uploaded to AI and ML applications nearly doubled year-over-year, driven largely by tools like Grammarly and ChatGPT. The report found a 93% increase in enterprise data transfers and identified over 410 million DLP violations tied to ChatGPT and 242 million for Codium, exposing PII, financials, source code and healthcare data. Zscaler recommends inventorying GenAI apps, disabling risky defaults, enforcing zero trust for model interactions and applying inline inspection to protect sensitive information.
read more →

Zscaler Acquires SquareX to Extend Browser Zero Trust

🔒 Zscaler has acquired Singapore-based SquareX to extend browser detection and response (BDR) capabilities into standard web browsers across managed and unmanaged devices. The move enables Zscaler to deliver Zero Trust Exchange controls via lightweight extensions rather than requiring a separate enterprise browser. SquareX's runtime extension enforces session-specific controls such as browser-native DLP, dynamic content isolation, real-time behaviour monitoring, clipboard protections and AI prompt safeguards, integrating with Zscaler policy enforcement to reduce reliance on legacy VPN/VDI.
read more →

Zscaler Warns of Rising AI Security Threats as Usage Soars

⚠️ Zscaler's ThreatLabz 2026 report finds enterprise AI use rose 91% in 2025 after analyzing 989.3 billion AI/ML transactions on the Zscaler Zero Trust Exchange. Adoption has outpaced oversight across more than 3,400 AI applications, with OpenAI services the top LLM and Grammarly and ChatGPT becoming concentrated repositories of corporate data. Analysts reported critical vulnerabilities in 100% of observed AI systems and a median time to first critical failure of 16 minutes, warning that agentic AI could scale attacks at machine speed.
read more →

Webinar: AI-Powered Zero Trust to Expose Fileless Attacks

🔍 This contributed webinar from Zscaler Internet Access examines how today’s attacks often run “hidden in plain sight,” abusing trusted tools and developer workflows instead of delivering conventional binaries. The session covers living off the land techniques, fileless “last mile” reassembly via obfuscated HTML/JavaScript, and the risks in CI/CD and third‑party repositories. It explains how cloud‑native inspection, behavioral analysis, and zero‑trust design can restore visibility and surface relevant activity without slowing the business.
read more →

SASE Certifications: Validating Converged Network Security

🔐 This article outlines seven certification programs from leading vendors that validate skills in converged, cloud-native Secure Access Service Edge (SASE) architectures. It summarizes entry to professional-level credentials from Cato Networks, Cisco, Fortinet, Netskope, Palo Alto Networks, Versa, and Zscaler, highlighting target audiences, exam formats, costs, and key competencies such as SD‑WAN, ZTNA, CASB and FWaaS. The piece also notes Gartner’s market projection and emphasizes that these credentials address a widening skills gap as enterprises migrate from perimeter-based defenses.
read more →

Cybersecurity M&A Roundup: Giants Strengthen AI Security

🛡️ November 2025 saw a flurry of cybersecurity acquisitions as major vendors raced to embed AI, observability and exposure management across their portfolios. Deals included Palo Alto Networks' $3.35bn purchase of Chronosphere, LevelBlue's completion of its Cybereason acquisition, and Bugcrowd's buy of AI app-security firm Mayhem. Other moves saw Safe Security acquire Balbix, Zscaler buy SPLX, and Arctic Wolf agree to acquire UpSight to bolster ransomware prevention. Collectively these transactions accelerate AI-driven automation and resilience across cloud, endpoint and software security.
read more →

DanaBot Malware Returns Targeting Windows After Disruption

🔁 Zscaler ThreatLabz has observed a new DanaBot variant (v669) returning to Windows systems after a six-month disruption caused by Operation Endgame. The rebuilt command-and-control infrastructure uses Tor .onion domains and 'backconnect' nodes, and operators are collecting stolen funds via multiple cryptocurrency addresses (BTC, ETH, LTC, TRX). Organizations should add Zscaler's IoCs to blocklists, update detection tools, and harden email and web defenses against malspam, SEO poisoning, and malvertising.
read more →

Hundreds of Malware Android Apps Downloaded 42 Million

📱 Security researchers at Zscaler report a 67% year-on-year rise in Android-targeted malware after finding 239 malicious apps on Google Play that were downloaded 42 million times. The analysis covers more than 20 million mobile requests observed between June 2024 and May 2025 and highlights productivity and Tools apps as common vectors. Sectors such as manufacturing and energy were disproportionately targeted, with the energy sector seeing a 387% spike in mobile attacks.
read more →

Malicious Android Apps on Google Play Reach 42M Downloads

🔒 A Zscaler report found 239 malicious Android apps on Google Play that were downloaded a combined 42 million times between June 2024 and May 2025, driven largely by adware, spyware, and banking trojans. Telemetry shows a 67% year-over-year increase in mobile-targeted malware, with adware now comprising roughly 69% of detections and spyware up 220% YoY. Zscaler highlights evolving strains such as Anatsa, Android Void, and Xnotice, and advises timely updates, strict app permissions, disabling unnecessary Accessibility access, and regular Play Protect scans.
read more →

New COLDRIVER ClickFix Campaign Uses BAITSWITCH, SIMPLEFIX

🔍 Zscaler details a new COLDRIVER ClickFix campaign that deploys two lightweight families: BAITSWITCH, a DLL downloader, and SIMPLEFIX, a PowerShell backdoor. Victims are lured to execute a malicious DLL via a fake CAPTCHA; BAITSWITCH fetches SIMPLEFIX while presenting a Google Drive decoy. The chain stores encrypted payloads in the Windows Registry, uses a PowerShell stager, and clears the Run dialog to erase traces. Zscaler notes the campaign targets NGOs, human-rights defenders, think tanks, and exiles connected to Russia.
read more →

AI-Powered ZTNA Protects the Hybrid Future and Agility

🔒 Enterprises face a paradox: AI promises intelligent, automated access control, but hybrid complexity and legacy systems are blocking adoption. Teams report being buried in manual policy creation, vendor integrations and constant firefighting despite mature platforms like Palo Alto Networks, Netskope and Zscaler. AI-driven ZTNA shifts the model from policy-first to behavior-first, building behavioral baselines that generate context-aware policies and can wrap legacy apps without invasive changes. Success requires operational bandwidth, reliable data and a mindset shift to treat access control as a business enabler rather than a compliance burden.
read more →

CRM Supply-Chain Breach via Salesloft Drift Impacts Vendors

🔒 Palo Alto Networks, Zscaler and Cloudflare disclosed a supply-chain breach traced to the Salesloft Drift integration with Salesforce. The compromise exposed business contact information, account/contact/case/opportunity records and, in some instances, OAuth tokens and plaintext support-case content; attachments and files were reportedly not affected. Palo Alto's Unit 42 observed active searches of exfiltrated data and deletion of queries consistent with anti-forensics. Vendors are advising immediate token revocation, credential rotation and comprehensive review of Salesforce logs and SOQL query history.
read more →

Supply-chain Breach Impacts Palo Alto, Zscaler, Cloudflare

🔒 Three major vendors—Palo Alto Networks, Zscaler, and Cloudflare disclosed a supply‑chain breach tied to the Salesloft Drift Salesforce integration that exposed OAuth tokens and customer CRM data. The incident reportedly involved mass exfiltration from Account, Contact, Case and Opportunity records and included business contact data and some plaintext case notes. Vendors recommend rotating credentials, revoking unused OAuth tokens, auditing Salesforce Event Monitoring and reviewing SOQL query logs and connected-app activity for signs of abuse.
read more →

Zscaler Says Salesforce Data Exposed via Drift OAuth

🔒 Zscaler has disclosed that OAuth tokens tied to the third-party Salesloft Drift application were stolen, allowing an attacker to access its Salesforce instance. The company said exposed data included business contact details, job titles, phone numbers, regional information, product licensing and some plain-text support case content, but not attachments or images. Zscaler revoked the app's access, rotated API tokens, implemented additional safeguards and urged customers to remain vigilant for phishing and social-engineering attempts.
read more →