Tag: emerging threats
3132 articles
Russian Hackers Exploit Router Flaws to Steal Microsoft Office Tokens
Russian hackers have been quietly stealing Microsoft Office tokens from users on over 18,000 networks by exploiting known flaws in older internet routers, and here's the kicker: they did it without installing any malicious software. This sneaky campaign, linked to Russia's military intelligence units, highlights the surprising vulnerability of legacy devices to secret siphoning.
AI-Powered Software Shifts Cybersecurity Landscape
Imagine a future where you can ask an AI to create a custom spreadsheet, use it once, and then have it disappear - no more clutter, no more hassle. This is the emerging world of "instant software," where artificial intelligence makes it possible to write, deploy, and delete custom apps on demand.
Cybercrime Inflicts Record $21 Billion Loss on US Citizens
Last year, US citizens suffered a staggering $21 billion loss to cybercrime, a record that raises a crucial question: is the convenience of digital life worth the growing risk of fraud and theft? The alarming figure is largely driven by investment scams, business email compromise, tech support fraud, and data breaches.
Microsoft Device-Code Phishing Attacks Compromise Hundreds Daily
A shocking reality check: a sophisticated Microsoft device-code phishing campaign, dubbed "EvilTokens," is breaching hundreds of organizations daily, using AI and automation to snoop through corporate email inboxes and steal financial data. This alarming threat is making short work of traditional security measures, leaving businesses vulnerable to devastating attacks.
Cyberattack Cripples Massachusetts Hospital Operations
A devastating cyberattack has forced Signature Healthcare in Massachusetts to divert ambulances, cancel critical cancer treatments, and revert to paper-based procedures, putting patients' lives on hold. Every second counts as the hospital scrambles to respond to the attack and restore vital electronic systems.
Snowflake Breach Compounds as Hackers Exploit Integrator Vulnerability
A recent breach of a SaaS integration provider has led to a Snowflake data breach, with stolen authentication tokens being used to compromise the sensitive data of over a dozen companies. This devastating chain of events highlights the urgent need for robust security measures to protect against increasingly sophisticated cyber threats.
Identity Verification Shifts Under Regulatory Steady State
When regulations remain steady, but your identity landscape evolves rapidly, what gives? The real question is, how will your organization adapt to the shifting identity verification landscape while staying compliant with unchanged regulations?
APT28 Hijacks SOHO Routers in Global DNS Espionage Push
Your home router, that innocent-looking box under your desk, can be turned against you: a Russia-linked cyber threat group, APT28, has been hijacking insecure SOHO routers worldwide to fuel a massive DNS espionage campaign. By exploiting vulnerabilities in popular router brands like MikroTik and TP-Link, they've been manipulating DNS settings to spy on unsuspecting users.
US Warns of Iranian Hackers Targeting Exposed Industrial Controls
When devices that connect our physical and digital worlds are left exposed to the public internet, they become an open invitation for hackers - and Iranian-linked cybercriminals are now actively targeting Internet-exposed industrial control systems, specifically Rockwell/Allen-Bradley programmable logic controllers, in US critical infrastructure organizations.
Flowise RCE vulnerability exploited in attacks
Hackers are actively exploiting a critical vulnerability in Flowise, a popular open-source AI tool, that allows them to take control of systems designed to run code - a fundamental flaw that raises serious questions about securing AI-powered applications. This maximum-severity flaw, tracked as CVE-2025-59528, has left developers, organizations, and regulators scrambling for answers.
NCSC Warns of Russia's Ongoing Router Exploits
Russia's notorious hackers, Fancy Bear, are exploiting routers to steal passwords and sensitive information, compromising the security of countless individuals and organisations. With around 5,000 devices and 200 organisations already affected, experts warn that this latest threat is one to take seriously.
GPU Rowhammer Flaw Enables System Compromise via Memory Corruption
Researchers have uncovered a chilling new threat: GPUBreach, a flaw that uses GPU Rowhammer to corrupt memory, granting hackers a backdoor to escalate privileges and take control of your entire system. This sneaky attack exploits GDDR6 memory, flipping bits and paving the way for a complete system compromise.
White House Slashes CISA Funding by $707 Million
The White House's plan to slash $707 million from CISA funding raises critical questions about the impact on the agency's vital services and the trade-offs policymakers will have to make. This massive cut will have far-reaching consequences for the people who rely on CISA's work to keep them safe and secure.
APT28 Hijacks Routers to Steal Credentials via Malicious DNS Servers
Beware of invisible hands rerouting your online traffic: a state-linked Russian hacking group, APT28, has been hijacking routers to intercept credentials by manipulating DNS servers, putting your online security at risk. This stealthy tactic allows them to capture user authentication data, compromising your digital identity.
Docker Flaw Exposes Hosts to Unauthorized Access
A recent security patch meant to tighten up Docker Engine's defenses has left a gaping hole, exposing hosts to unauthorized access - and it's up to you to make sure you're not the one who gets exploited. A high-severity flaw, tracked as CVE-2026-34040, allows attackers to bypass authorization plugins and potentially gain access to your host.
Law Enforcement Disrupts APT28's Router DNS Hijack Operation
In a major breakthrough, an international coalition of law enforcement authorities and private companies has successfully disrupted a sneaky DNS hijack operation by APT28, known as FrostArmada, that targeted home network routers to steal Microsoft account credentials. This operation thwarted the hackers' plan to intercept traffic and harvest cloud account keys, protecting countless individuals from potential cyber threats.
Defense Agencies Pursue Multi-Cloud Strategies to Bolster Operational Tempo
As defense agencies shift their focus beyond mere cloud migration metrics, they're now prioritizing a new set of goals that will give them a decisive edge in the digital landscape. They're leveraging multi-cloud strategies to drive decision advantage at scale, financial transparency, and operational tempo.
GrafanaGhost Exploit Bypasses AI Defenses for Covert Data Theft
A newly discovered exploit, dubbed GrafanaGhost, has been found to cleverly bypass AI defenses, allowing for covert data theft by chaining together AI prompt injection and URL-handling flaws. This sneaky attack enables silent exfiltration of sensitive Grafana data, catching users off guard.
ComfyUI Instances Enlisted in Widespread Cryptomining Botnet Campaign
A sneaky campaign is on the hunt for exposed ComfyUI instances, using them to fuel a cryptomining botnet and secretly install malicious nodes - putting unsuspecting users' systems at risk. This covert operation uses a Python scanner to scour cloud IP ranges, exploiting vulnerabilities and turning systems into cryptocurrency-mining machines.
Automated Pentesting Tools Hit PoC Plateau
Automated pentesting tools can deliver impressive early results, quickly uncovering low-hanging fruit and generating proof-of-concept failures - but often hit a plateau, leaving significant attack surfaces untested and creating a validation gap that's hard to ignore. This phenomenon, known as the PoC cliff, can abruptly halt progress, causing detection and exploitation attempts to drop off and tools to stop producing actionable findings.
Recurring Credential Incidents Drain Corporate Finances
Did you know that a single credential security breach can cost a whopping $4.4 million, making it a top priority for businesses to prevent? But while avoiding a major incident is crucial, what's often overlooked are the recurring credential incidents that quietly drain corporate finances.
FBI Warns of $17bn Cyber Fraud Surge
The FBI has sounded the alarm on a staggering $17 billion surge in cyber fraud, with cryptocurrency scams alone accounting for over $7 billion in losses - and experts warn that AI-enabled threats are on the rise. This isn't just a minor annoyance, it's a massive financial hemorrhage that's happening right now.
New Mexico Ruling Threatens End-to-End Encryption
A recent New Mexico court ruling against Meta has sparked a crucial debate: is it riskier to have social platforms that shield private messages with end-to-end encryption, or to leave them exposed for law enforcement to scrutinize? This case highlights the tricky trade-offs between user privacy and public safety.
Fortinet Rushes Patch for Exploited FortiClient EMS Vulnerability
Fortinet has rushed out an emergency patch for a zero-day vulnerability in its FortiClient EMS product, which was being exploited by attackers before the fix was even available. This swift response aims to protect businesses from potential security breaches through its endpoint security clients.