Tag: emerging threats
3037 articles
Hackers Exploit KnowledgeDeliver Flaw to Install Web Shells
Hackers have exploited a critical flaw in KnowledgeDeliver, using it as a zero-day to sneakily install a powerful .NET web shell called Godzilla on vulnerable servers. This sneaky attack was made possible by a deserialization vulnerability, CVE-2026-5426, that allowed threat actors to execute code at the operating-system level.
Charter Breach Exposes Millions of Customer Records
Millions of customer records have been exposed in a shocking data breach at Charter Communications, with the company swiftly confirming the incident and assuring customers that sensitive personal info remains safe. The breach, reportedly involving 40 million records, has triggered a thorough investigation and cooperation with authorities.
MyPillow Targeted in Play Ransomware Attack
MyPillow has been hit by a ransomware attack, with hackers claiming to have stolen highly sensitive data including private documents, financial information, and employee details. The attackers are demanding a ransom and threatening to publish the stolen data unless paid.
Inertial Navigation Emerges as Imperative for Land Warfare
The US Space Operations chief warns that adversaries are deploying counterspace capabilities at a mind-boggling pace, turning GNSS, once a cornerstone of modern warfare, into a double-edged sword vulnerable to jamming and spoofing. This threat is no longer confined to major powers, but has become a routine feature of even lower-intensity conflicts.
Australian Firm Offers Armored Roofs to Counter Drone Threats in Ukraine
Australian firm Andvare VI Defence Industries is tackling the growing threat of small attack drones with a game-changing armored roof solution, providing up to 22 square feet of overhead protection. This innovative shield is set to be fielded with Polaris Government and Defense's MRZR all-terrain vehicles for Ukrainian special operations forces.
NATO Tests Unmanned Ground Vehicles in Latvia
NATO recently put unmanned ground vehicles to the test in Latvia's forests as part of its Crystal Arrow 2026 exercise, and our Europe reporter Elisabeth Gosselin-Malo was there to witness the action firsthand.
Air Force Delays Next-Gen Fighter Jet Engine Prototyping to 2031
The Air Force has pushed back the prototyping timeline for its Next-Gen Fighter jet engine to 2031, allowing for more rigorous testing and evaluation of the Next Generation Adaptive Propulsion program. This delay enables the service to thoroughly investigate test findings and ensure the program's success.
China's Support for Russia Undermines Ukraine Peace Efforts
China's backing of Russia has taken a concerning turn, with reports emerging that Chinese forces secretly trained around 200 Russian military personnel in Beijing and Nanjing as recently as last year. This development has raised questions about its impact on Ukraine peace efforts.
MuddyWater Exploits DLL Side-Loading in Global Espionage Push
MuddyWater hackers have launched a massive global espionage campaign, infiltrating at least nine organizations across four continents by cleverly disguising malicious code as legitimate software. They used a sneaky trick called DLL side-loading to quietly steal credentials and browser data.
Fiber Network Anchors US Homeland Defense Initiative
In today's complex threat landscape, the US faces a multitude of adversaries with malicious intentions, making traditional defense strategies obsolete. Lumen's Golden Dome initiative aims to revolutionize homeland defense with a cutting-edge, data-driven approach that enables rapid decision-making and decisive action.
South Korea Accelerates Nuclear-Powered Submarine Development Plan
South Korea is set to make waves with its ambitious plan to launch its first nuclear-powered submarine in the mid-2030s, with the goal of having it enter operational service later that decade. The development roadmap, unveiled by Defense Minister Ahn Gyu-back, marks a major milestone in the country's naval modernization efforts.
Anthropic's AI Model Uncovers 10,000 Software Vulnerabilities
Anthropic's AI model has made a groundbreaking discovery, uncovering over 10,000 high- or critical-severity software vulnerabilities in just a month of testing. This game-changing technology is shifting the focus from detection to fixing these bugs, highlighting the need for increased human capacity to triage, report, and deploy patches.
Texas Tech University Bolsters Critical Infrastructure Security with New Research Site
Texas Tech University is taking a giant leap in safeguarding America's critical infrastructure with the launch of a cutting-edge research site, solidifying its role as a leader in national security. The new facility at the Reese National Security Complex will supercharge innovation and collaboration to tackle vulnerabilities and protect the nation's backbone.
Chinese Phishing Services Shift to Live Credential Interception Tactics
Cyber attackers are now using live administration panels to interact with victims in real-time, capturing one-time passcodes and instantly bypassing multifactor authentication protections. This new tactic allows them to neutralize security measures and steal sensitive information more effectively.
Lithuania's National Register Breached, 600,000 Entries Exposed
A massive data breach has hit Lithuania's national registers, exposing over 600,000 sensitive entries, including records of legal entities and real estate holdings. The breach has prompted swift action from authorities, who have restricted access and blocked suspected accounts to mitigate the damage.
BTMOB Android RAT Exploits No-Code Tools in Global Phishing Campaigns
A single malicious download can put an entire company's sensitive data at risk, so it's crucial for corporate security teams to educate employees on the dangers of rogue apps.
Microsoft Defender Automatically Isolates Hacked Endpoints
Microsoft Defender for Endpoint just got a major boost with its new automatic isolation feature, which swiftly isolates compromised devices to prevent attackers from wreaking havoc on your organization. This cutting-edge capability is part of Microsoft's automatic attack disruption feature, designed to contain threats and give security teams more time to respond.
Microsoft Fixes SharePoint Flaw That Exposes Servers to Remote Code Execution
Microsoft just patched a high-severity flaw in SharePoint that could let hackers execute malicious code remotely - and it's crucial you update your servers ASAP to stay safe. The vulnerability, tracked as CVE-2026-45659, has a CVSS score of 8.8, making it a prime target for attackers.
Experts Dispute Farage's Russian Hack Claim
Nigel Farage's claim that Russian spies hacked his phone and leaked a £5 million gift from a close associate has sparked controversy, with experts demanding evidence to back up the explosive allegation. Ciaran Martin hit back, saying Farage has produced no evidence to support his aggressive intervention claim.
MFA Prompt Bombing Exposes Weakness in Two-Factor Security
A shocking 2.8GB of data was stolen from Cisco after a clever attacker tricked an employee into approving a push-based MFA prompt, highlighting a disturbing vulnerability in two-factor security. This brazen hack, linked to the Yanluowang ransomware group, shows how attackers can exploit the very security measures meant to protect us.
India's CERT-In Mandates Swift Patching for Exposed Flaws
CERT-In is urging organizations to act fast to contain cyber threats, setting a tight 12-hour deadline to patch known vulnerabilities in critical, internet-facing systems. This swift response aims to combat the accelerating threat of AI-driven cyber-attacks.
Iranian Hackers Deploy AI-Backed MiniFast Backdoor via Phishing and SEO Poisoning
Iranian hackers have escalated their cyber attacks, leveraging AI-powered tools to craft malware and targeting key sectors like aviation, defense, and telecommunications across the US, Europe, and the Middle East. Their sophisticated tactics, including phishing and SEO poisoning, have allowed them to spy on organizations with alarming speed and efficiency.
Iran-Linked Hackers Target US Aviation with Sophisticated Phishing and SEO Poisoning
Meet Nimbus Manticore, an Iran-linked hacking group that's back with a vengeance, using clever phishing and SEO poisoning tactics to target the US aviation industry in a series of sophisticated attacks. Their latest campaign, which ran from February to April 2026, marked a significant expansion into aviation, defense, and telecommunications.
CISA Mandates Patching of Exploited Drupal Vulnerability
The US Cybersecurity and Infrastructure Security Agency has issued a directive requiring federal agencies to patch a critical Drupal vulnerability, known as CVE-2026-9082, by May 27 to prevent devastating SQL injection attacks. This highly critical flaw allows hackers to exploit PostgreSQL-powered Drupal sites and gain unauthorized access to sensitive information.