Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Here's the latest product news and updates from Nightfall at a glance.

Last week, Palantir filed a lawsuit in Manhattan federal court alleging that two former senior engineers used Slack to transfer confidential documents - including healthcare demonstration frameworks, revenue cycle diagrams, and customer deployment plans - the day after one of them gave notice. The documents were allegedly accessed later on a personal phone. The engineers had since joined Percepta, a competing AI startup backed by General Catalyst that emerged from stealth mode in October.

Earlier this week, The Australian broke the news that the Cyber Touhan hacking group stole classified plans for Australia’s new infantry fighting vehicles, a $7B AUD procurement program, in a massive cyber-attack targeting 17 Israeli defence contractors in the supply chain. The attack was carried out by targeting a downstream supplier, MAYA Technologies, exploiting vulnerabilities in their network and peripherals to gain access to sensitive data.

A new class of AI-powered browsers are rewriting the rules of data security. While CISOs focus on traditional vectors, employees are unknowingly creating permanent backdoors to your most sensitive data through browsers that remember everything, sync everywhere, and share it all with AI models. The bottom line: If you're not actively protecting against AI browser exfiltration, you're already leaking data. Here's why it's happening, what it costs, and how to stop it today.

The US Department of Justice’s new Data Security Program (DSP) requires organizations to treat large collections of U.S.-person and government-related data as matters of national security.

As organizations evaluate modern DLP solutions, the gap between vendor promises and operational reality becomes critical. Through analysis of organizations running Cyberhaven - including several evaluating migration to Nightfall - we've discovered systematic challenges that impact security effectiveness, operational efficiency, and business productivity. This analysis provides CISOs and security leaders with crucial insights for making informed DLP decisions.

A successful data security strategy isn’t about one tool, it’s about a sequence of steps. The first is understanding your data. The second is controlling how it moves. Together, classification and DLP create a data security foundation that prevents data leaks and breaches without slowing down the business. Unlike point tools, modern data classification solutions continuously scan repositories in real time, ensuring new files and updates are labeled correctly as your environment changes.

Nightfall delivers the most comprehensive endpoint DLP in 2025 by combining lightweight agents with cloud-native architecture, protecting Windows, Mac, endpoints while uniquely preventing data leaks to AI tools with 95% accuracy.

In response to evolving digital risks and growing concerns about data misuse, Australia has introduced a substantial privacy reform via the Privacy and Other Legislation Amendment Act 2024 (POLA Act) passed on December 10, 2024 Designed to modernise the country’s privacy framework and better align it with international standards like the General Data Protection Regulation (GDPR), the POLA Act marks a pivotal shift in how personal information is defined, managed, and protected.