Tag: emerging threats
3037 articles
Microsoft Warns of Domain Controller Lookup Failures on Windows Server 2016
If you've installed the KB5087537 update on your Windows Server 2016 system, be aware that domain controller lookup may fail if your server hostname is exactly 15 characters long. This issue affects only those with 15-character hostnames, so check yours to see if you're impacted.
7-Eleven Data Breach Compromises 185,000 People's Personal Info
A recent 7-Eleven data breach has put the personal info of 185,000 people at risk, exposing sensitive details like names, addresses, birthdays, and phone numbers. The breach, which occurred on April 8, 2026, is still shrouded in mystery, with 7-Eleven only confirming that certain systems storing franchisee documents were compromised.
KnowledgeDeliver LMS Flaw Exploited to Deploy Malware
A security flaw in the KnowledgeDeliver LMS, known as CVE-2026-5426, was exploited by a threat actor to inject malicious code and infect users visiting the site. This vulnerability was caused by a predictable secret in the system's web.config file, allowing attackers to execute remote code.
Pentagon Taps Perennial Autonomy for $500M Counter-Drone Contract
The Pentagon has taken a major stand against the growing threat of drones, awarding a $500 million contract to Perennial Autonomy for cutting-edge, AI-powered counter-drone systems. This game-changing deal is part of the US military's broader Drone Dominance initiative to stay ahead of the curve in modern warfare.
USAF Deploys Upgraded ULTRA Surveillance Drones to Middle East
The US Air Force has taken a major leap forward with its ULTRA Surveillance Drones, successfully completing a 60-hour flight at 25,000 feet and 100 knots - now, a turbocharged variant is set for operational testing in the Middle East. This next phase will see the drone put through its paces in a real-world setting within US Central Command's area of responsibility.
China's 'Bohai Sea Monster' Emerges with Apparent Combat Capabilities
Newly surfaced images of China's mysterious Bohai Sea Monster reveal a surprising detail: four turboprop engines, each driving a three-bladed propeller, hinting at a more complex role and extended range than initially thought. This game-changing feature has analysts reevaluating the capabilities of this enigmatic craft.
Europe's Drone Defense Gap Exposes Critical Infrastructure Risks
Europe's critical infrastructure is left vulnerable due to a lack of clear governance and rules of engagement, despite having the technology to defend against drone threats. The absence of ownership and jurisdictional clarity hinders the deployment of drone defense systems where they're needed most.
Dutch Authorities Disrupt Russian Cyber Operations, Seize 800 Servers
In a major blow to Russian cybercrime, Dutch authorities seized over 800 servers and arrested two individuals in a daring raid that cracked down on illicit online operations. The suspects, a 57-year-old Amsterdam resident and a 39-year-old from The Hague, were charged with violating sanctions law by aiding EU-sanctioned entities.
Damaged KC-135 Tanker Spotted at RAF Mildenhall Amid Post-War Repairs
A KC-135 tanker, bearing scars of a intense battle, has been spotted at RAF Mildenhall, its damaged airframe a testament to the high stakes of war, with makeshift repairs and a missing refueling boom telling a story of their own. Aviation photographer Andrew McKelvey captured striking images of the battered jet, revealing a patchwork of temporary fixes and shrapnel damage.
PLA Unveils Upgraded Bangalore Torpedo
Meet the GBP113A, a game-changing upgrade to the century-old Bangalore torpedo, now with a rigid-flexible combination design that lets it curve, snake, and blast its way into previously hard-to-reach areas. This innovative device delivers the same powerful punch as its predecessor, but with added maneuverability and flexibility.
SaaS Providers Face Trust Crisis After Canvas Breach
A massive breach of the Canvas learning management system has left 275 million users reeling, compromising student records and disrupting learning at over 8,800 institutions worldwide. The shocking incident has sparked a trust crisis for SaaS providers, raising urgent questions about security and data protection.
Anthropic Readies Restricted AI Model for Public Rollout
Anthropic is on the cusp of unveiling its game-changing Mythos model, a frontier AI that's poised to revolutionize code reasoning and autonomy with capabilities that far surpass its predecessors. This powerful tool could redefine the cyber landscape, giving a significant edge to those who harness its potential.
Australia's Defence Strategy Lags in Information War Arena
Australia is losing ground in a different kind of battle – one of perception and understanding – where adversaries are manipulating what people believe to be true, eroding public trust and turning domestic audiences into a vulnerability in times of crisis. By shaping perceptions through information, our nation risks being left behind in the information war arena.
Linux Flaws Expose Critical Infrastructure to Root Command Execution
GitHub confirmed that a compromised employee device, infected by a poisoned Nx Console VS Code extension, led to the theft of around 3,800 internal repositories, sparking swift action to contain the breach and protect sensitive data. The incident highlights the vulnerability of even the most secure systems to supply chain attacks.
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts
Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.
Agentic AI Tames Network Detection's Alert Firehose
Imagine sifting through 847 network anomalies daily - that's like trying to find a needle in a haystack! With agentic AI triage, that overwhelming number is dramatically reduced to just 4 prioritized detections, complete with the evidence and suggested actions analysts need to take swift and effective action.
Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks
Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.
Lazarus Group Deploys Memory-Only RAT in Financial Sector Attacks
The notorious Lazarus Group has unleashed a sneaky new attack tool, a memory-only Remote Access Trojan (RAT), targeting the financial sector with cunning precision. This stealthy malware, known as RemotePE, is just the latest weapon in the group's arsenal, and it's being used to infiltrate and manipulate its victims.
FBI Warns of Kali365 Phishing Kit's OAuth Token Heist
The FBI has sounded the alarm on Kali365, a phishing-as-a-service platform that's making it easy for even novice hackers to steal Microsoft 365 login credentials and bypass security measures like multifactor authentication. This subscription-based service, mainly spread through Telegram, provides attackers with AI-generated phishing lures, campaign templates, and real-time tracking tools to target individuals and organizations.
Fraudsters Target F1 Fans with Fake Streams, Counterfeit Merch Scams
When it comes to motorsports, speed is a double-edged sword - while the action is fast-paced and thrilling, it also creates opportunities for scammers to strike, as noted by Bogdan Botezatu, senior director of threat research at Bitdefender. Cybercriminals are now targeting F1 fans with fake streams and counterfeit merch scams, making it essential for fans to stay vigilant.
TrapDoor Attack Spreads Credential-Stealing Malware Across Software Ecosystems
A massive supply chain attack, dubbed TrapDoor, has been spreading credential-stealing malware across three major language ecosystems, infecting over 34 malicious packages and 384 versions. The coordinated campaign began on May 22, 2026, and continues to target developers with cleverly named packages related to cryptocurrency, DeFi, Solana, and AI.
Pakistan Air Force Explores Bayraktar Kizilelma for Autonomous Combat Architecture
A dramatic photo of Pakistan's top air chief standing beside a cutting-edge stealth drone, fresh from a successful test firing a long-range missile, marks a significant turning point in the country's military capabilities. This powerful image signals a major leap forward in Pakistan's pursuit of autonomous combat technology.
Mandiant Exposes KnowledgeDeliver Vulnerability via ViewState Deserialization
A critical vulnerability, CVE-2026-5426, was discovered in KnowledgeDeliver installations, allowing unauthenticated remote code execution across multiple customer sites due to identical ASP.NET machineKey values. This widespread flaw was caused by a standardized web.config with hardcoded keys, used across deployments, leaving sites vulnerable to attack.
US Navy to Test Aircraft Carrier as Floating Nuclear Power Plant
This summer, the US Navy will pioneer a groundbreaking experiment, using an aircraft carrier as a floating nuclear power plant to energize Norfolk Naval Base. The innovative test aims to demonstrate the Navy's ability to deliver reliable, mission-critical power to its installations.