Tag: emerging threats
3132 articles
LiteLLM Exploit Turns Dev Machines into Hacker Credential Hubs
Your developer's workstation is the secret Achilles' heel of your enterprise, unwittingly morphing into a credential hub where sensitive authentication material is created, tested, and reused - making it a prime target for hackers. A recent exploit, dubbed LiteLLM, has already shown how these machines can be turned into treasure troves for threat actors.
Google Accelerates Post-Quantum Cryptography Migration
Google just made a bold move towards a more secure future, announcing plans to fully transition to post-quantum cryptography by 2029 - but what does this mean for your security planning today? This forward-thinking shift is a great step towards crypto-agility, and experts are already weighing in on its potential impact.
Germany Identifies Head of REvil, GandCrab Ransomware Gangs
Meet Daniil Maksimovich Shchukin, the 31-year-old Russian allegedly behind the notorious REvil and GandCrab ransomware gangs, whose online alias "UNKN" has finally been unmasked by German authorities. Shchukin's digital ghost has been tied to a wave of ransomware attacks targeting victims across Germany.
Ransomware Actors Exploit Vulnerable Drivers to Evade EDR Tools
Ransomware operators are outsmarting defenders by exploiting vulnerable drivers to evade detection by endpoint security tools, with recent attacks disabling over 300 security products. This clever tactic allows hackers to silence security defenses and wreak havoc on networks.
BKA Unmasks REvil Ransomware Leaders Behind 130 German Attacks
Germany's Federal Criminal Police Office has made a major breakthrough, unmasking the leaders behind the notorious REvil ransomware operation, responsible for 130 devastating attacks on companies, hospitals, and municipalities across the country. The culprits, once hidden behind aliases, have finally been exposed.
Anthropic Faces Scrutiny After Claude Code Source Leak
Anthropic is reeling after accidentally releasing the source code for its prized AI model, Claude, leaving the company scrambling to contain the fallout and defend its impending IPO. The leak has raised serious questions about the company's ability to protect its crown-jewel technology.
DPRK Exploits Solana Exchange in $285 Million Heist
In a shocking turn of events, a sophisticated social engineering operation by the DPRK culminated in a single-day heist of $285 million from Drift, a Solana-based decentralized exchange, on April 1, 2026. The attack was the result of a six-month campaign of persuasion that left users, engineers, and policymakers stunned.
Scammers Deploy QR Code Phishing Texts in Traffic Violation Scams
Beware of scammers sending fake traffic violation texts with a QR code that appears to come from a state court, pressuring you to pay $6.99 immediately and putting your personal and financial info at risk. Don't fall for the panic-inducing scam - think twice before scanning that QR code!
Fortinet Rushes Patch for Exploited EMS Flaw
When the very tool designed to safeguard your network becomes a vulnerability, swift action is crucial - and that's exactly what Fortinet took by issuing an emergency security update over a weekend to patch a critical flaw in FortiClient Enterprise Management Server (EMS) that's being actively exploited by attackers. This out-of-the-usual-cycle patch underscores the urgency to protect your organization from prolonged exposure to potential threats.
Hackers Exploit React2Shell in Widespread Credential Theft Drive
Hackers are on the prowl, exploiting the React2Shell flaw (CVE-2025-55182) to steal sensitive credentials from vulnerable Next.js applications on a massive scale. With a single vulnerability, they can wreak havoc - the question is, how many credentials will be compromised before a patch is applied?
Researchers Mock Cybercrime Crews in Unconventional Takedown
In a bold move, researchers fighting cybercrime decided to take a stand against the mystique surrounding digital gangs by roasting them with ridicule, stripping away their legendary status. By mocking notorious crews like Wizard Spider and Velvet Tempest, they're reclaiming the narrative and deflating the glamour often associated with these cybercrime teams.
Fortinet Fixes Exploited Flaw in FortiClient EMS Software
Fortinet has urgently patched a critical vulnerability in its FortiClient EMS software, which had already been exploited in the wild, to prevent further security breaches. The flaw, tracked as CVE-2026-35616, allows for pre-authentication API access bypass and privilege escalation, posing a significant threat to endpoint security.
LinkedIn Harvests Browser Data with Secret Chrome Extension Scans
A recent report, dubbed BrowserGate, uncovers LinkedIn's hidden practice of scanning visitors' browsers for installed extensions and harvesting device data, raising serious questions about user privacy. The professional social network reportedly checks for over 6,000 Chrome extensions, leaving users to wonder: what should LinkedIn know about your browser?
Device Code Phishing Attacks Proliferate as OAuth Abuse Kits Spread
This year, device code phishing attacks have skyrocketed, surging over 37 times as new OAuth abuse kits make it easier for hackers to hijack accounts. The alarming rise puts account security at risk, leaving many users wondering if the accounts they think are safe really belong to them.
AI Takes Center Stage at Federal Cybersecurity Summit
At the Federal Cybersecurity Summit, AI is taking center stage as a crucial tool for federal leaders to tackle the daunting challenge of evolving cyber threats and limited resources. The summit aims to spark a practical conversation on harnessing AI-driven defenses to move beyond mere compliance and toward effective, real-world solutions.
LiteLLM Supply-Chain Compromise Exposes Mercor Data
A single faulty AI dependency can become a backdoor for attackers - as seen in the recent LiteLLM supply-chain compromise that exposed sensitive data, source code, and internal credentials at Mercor. This alarming incident highlights the risks of relying on third-party dependencies and the importance of securing your supply chain.
Fraudsters Exploit SMS Verification in Financial Fraud Schemes
Think a simple text message with a one-time passcode is the ultimate security measure? Not quite - a recent report reveals that fraudsters are exploiting SMS verification to hijack accounts and siphon off funds.
Hormuz Crisis Exposes Vulnerability in AI Chip Supply Chain
A shipping crisis in the Strait of Hormuz has exposed a vulnerable link in the AI chip supply chain, threatening to disrupt the production of specialist memory chips that power artificial intelligence systems. This critical bottleneck comes at a precarious time, with the industry's manufacturing heavily concentrated in South Korea.
LinkedIn Harvests Browser Data with Secret JavaScript Scripts
Did you know that LinkedIn is quietly harvesting browser data, including a list of your installed Chrome extensions, every time you load a page? A recent analysis, dubbed BrowserGate, uncovered the surprising truth behind LinkedIn's use of secret JavaScript scripts to scan visitor browsers.
Stryker Restores Manufacturing Systems After Iranian Hacktivist Attack
Stryker has successfully restored its manufacturing systems after a devastating cyberattack by an Iranian hacktivist group caused a global outage, and is now operating at full capacity across its global network. The company is still investigating the incident, but is reassuring customers that all is back to normal.
Vendor Breaches Spotlight Healthcare's Cyber Vulnerability
Recent vendor breaches have exposed healthcare's alarming cyber vulnerability, raising critical questions about who bears the cost - and the consequences - when a vendor's systems fail. As the threat landscape evolves, one thing is clear: the healthcare industry must rethink its approach to cybersecurity and vendor risk management.
CISOs Face Shadow AI Surge as Gen AI Deployments Stall
The alarming gap between AI pilot programs and enterprise-wide deployments has CISOs and IT leaders scratching their heads - while 60% of businesses are testing productivity AI tools like M365 Copilot, only 6% are successfully scaling them. What's holding them back, and how can organizations bridge the gap between experiment and enterprise?
TA416 Targets Europe with OAuth Phishing and PlugX Malware
A China-aligned cyber threat, known as TA416, has resurfaced in Europe, targeting government and diplomatic networks with OAuth phishing and PlugX malware, raising concerns about intent and defensive readiness. This renewed focus comes after a two-year lull, with the threat actor employing new tactics to infiltrate European organizations.
Hims & Hers Discloses Data Breach After Zendesk Ticket Compromise
Hims & Hers Health has alerted customers to a data breach after sensitive support tickets were stolen from a third-party platform operated by Zendesk, raising concerns about consumer safety when sharing personal info online. The breach exposed data from support tickets, highlighting the vulnerability of sensitive transactions on external systems.