Tag: emerging threats
3154 articles
French Police Seize €1.6m in Exclusive Costly Crypto Sting
How do you chase money that lives in code and shadows? French investigators and Europol answered with blockchain sleuthing and old‑fashioned detective work — freezing €1.6m and arresting nine suspects in a cross‑border crypto fraud takedown.
OpenAI Assistants API Exclusive: Critical SesameOp Backdoor
Imagine your helpful AI assistant secretly moonlighting as a command-and-control courier — researchers found the SesameOp backdoor using OpenAI’s Assistants API to stealthily ferry attacker commands and exfiltrated data. This clever pivot turns trusted productivity integrations into covert channels, forcing a rethink of how we govern and monitor AI tools.
Scattered Spider Exclusive: Dangerous Unified Collective
Imagine low‑tech social engineering and SIM swaps teaming up with mass data brokers — that’s Scattered Spider, ShinyHunters and LAPSUS$ fusing tactics to turn bulk theft into pinpoint extortion. Security teams and cloud customers now face a hybrid, high‑leverage threat targeting SaaS platforms like Salesforce.
DragonForce Cartel Exclusive Deadly Conti Ransomware Threat
Get an exclusive look at how the DragonForce Cartel is unleashing the deadly Conti Ransomware—and learn who’s at risk and simple steps you can take to protect yourself.
Teams Flaw: Stunning Reveal of Critical Boss Spoofing
A newly revealed Microsoft Teams vulnerability let attackers convincingly impersonate executives, forge messages and even rewrite chat history—turning everyday collaboration into a pathway for fraud and data theft. Learn how Check Point’s findings expose the danger of boss‑spoofing and what organizations need to patch now.
Cybercrooks Exclusive: Dangerous Rise in Europe Payouts
Cyber extortion is escalating in worrying ways across Europe: researchers have logged at least 18 cases this year where ransomware threats are paired with physical violence. With average demands topping $200,000 and countries like France and the UK feeling the heat, the risk has shifted from data loss to public safety.
DeFi Protocol Balancer Suffers Stunning $120M Heist
Who guards the guards? A sophisticated Balancer exploit drained over $120 million from the protocol’s liquidity pools, jolting the DeFi community and forcing a hard rethink of how permissionless innovation can survive against fast, well‑resourced attackers.
Google AI Stunningly Exposes 5 Critical Safari WebKit Flaws
Googles AI, Big Sleep, exposed five critical security flaws in WebKit — including a buffer‑overflow that could trigger crashes or memory corruption. It’s a stark reminder that AI speeds up vulnerability discovery, shortening the window defenders have to patch Safari’s engine before attackers catch up.
Xi Jinping Exclusive: Damaging Joke on Xiaomi Backdoors
Xi Jinpings offhand joke about Xiaomi backdoors — met with a laugh from South Koreas president — turned a light moment into a diplomatic ripple, reigniting real doubts about device security and supply‑chain vulnerabilities.
MIT Sloan Shelves AI Ransomware Study: Stunning Damage
MIT Sloan’s withdrawal of a paper claiming 80% of ransomware is AI-driven has ignited a fierce debate—exposing both genuine signs of AI-assisted extortion and the danger of leaping from plausible scenarios to sensational conclusions.
Ransomware negotiator: Exclusive Guide to Best Practices
When the ransomware negotiator you trusted to defuse an attack becomes the attacker, the breach of trust is catastrophic. This guide explains what happened, why it matters, and how organizations can guard against insider betrayal.
AWS Targets Security Startups: Exclusive Best Bets
With just two weeks to apply, AWS Targets Security Startups fast-tracks early cloud and AI security founders into a cohort with AWS, CrowdStrike and Nvidia for mentorship, technical integration, and investor introductions. Its a rare chance to turbocharge fundraising and distribution—if youre ready to trade some independence for speed.
Cybercrooks Exclusive: Devastating Cargo Heists Exposed
Meet the new face of cargo theft: software-savvy criminals breach freight systems and team up with on-the-ground hijackers to divert high‑value shipments—creating faster, stealthier heists that ripple through supply chains and national security.
New GDI Flaws: Exclusive Critical Windows RCE Risk
Imagine the Graphics Device Interface — the decades-old Windows component that renders windows, text and images — suddenly becoming an open door for attackers: researchers disclosed GDI flaws that can enable remote code execution or sensitive data leaks via crafted images or fonts. Until patches arrive, treat untrusted images and documents cautiously, tighten monitoring, and apply least-privilege controls to reduce risk.
BankBot-YNRK Exclusive: Critical Trojans Steal Funds
If your phone suddenly knows more about your bank account than you do, this is why: researchers uncovered banking trojans BankBot‑YNRK and DeliveryRAT that harvest credentials, hijack sessions, and even dodge detection by spotting emulators and sandboxes. They spread through sideloaded or re‑packaged apps and abuse high‑risk permissions to steal funds and control devices.
HttpTroy Exclusive: Dangerous VPN Invoice Backdoor in Korea
HttpTroy exposes a dangerous VPN invoice backdoor in Korea. Find out how attackers are slipping into billing systems and what you can do to stay protected.
Conti Suspect Shocking Court Debut Shows Damaging Leads
A Ukrainian national’s U.S. court debut in a Conti-related ransomware case pulled back the curtain on how cybercrime now moves like commerce—crossing borders, inflicting massive economic harm, and leaving a trail of damaging leads. The indictment is just the opening move in a complex fight to hold this near‑industrial extortion trade to account.
Leak Site Ransomware Victims: Alarming 13% Spike Exclusive
Wake-up call: ransomware victims in Europe surged 13% year‑on‑year as criminals adopt stealthy, profit-driven tactics—RATs, data theft and public leak sites—to extract bigger payoffs. Businesses, governments and households need to rethink defenses now before they become the next target.
Attackers Reinstall Malware on Cisco: Stunning Risk
Meet BADCANDY — an implant that watches for removal and quietly reinstalls itself on unpatched Cisco IOS XE devices, turning cleanup into a dangerous game of whack-a-mole that puts enterprise networks and critical infrastructure at risk. If you manage routers or switches, consider this your wake-up call to inventory, patch, and harden before attackers make persistence permanent.
Nation-State Hackers Deploy Dire Exclusive Airstalk Malware
Think your MDM keeps devices safe? Think again — a suspected nation-state is using the AirWatch API to deploy Airstalk malware, hijacking trusted management channels to stealthily compromise fleets of phones.
Conduent Data Breach: Stunning, Severe Impact on 10.5M
A single contractor’s lapse exposed the financial and personal records of 10.5 million people — the Conduent data breach shows how concentrated services can turn vendors into high-stakes targets. Read on to learn what went wrong, who’s at risk, and what comes next.
China-Linked Hackers Exploit Windows Flaw: Exclusive Threat
What looks like a harmless Windows shortcut can be a Trojan at the gate—China-linked UNC6384 used malicious .lnk files in ZIPs to invoke PowerShell and DLL sideloading, quietly breaching diplomatic and government targets across Europe in Sept–Oct 2025.
China-Linked Tick Group Exclusive: Critical Lanscope 0-day
Think of it as the patch arriving after someone already walked through the door — a critical CVE‑2025‑61932 (CVSS 9.3) zero‑day in Motex Lanscope has been weaponized in the wild by the China‑linked Tick group. The flaw allows unauthenticated SYSTEM‑level command execution on on‑prem Lanscope servers, so if you run Lanscope, find exposed instances, isolate them from untrusted networks, and apply mitigations or updates immediately.
Chinese-Linked Hackers Stunning Windows Spy Damages Envoys
Chinese-linked UNC6384 is exploiting a Windows vulnerability to plant stealthy spyware in diplomatic and commercial networks—an unsettling upgrade in tradecraft that challenges whether governments, companies, and users can patch porous defenses before quiet probes turn into loud alarms.