Tag: emerging threats
3042 articles
US Military Enhances LUCAS Drone with AI-Powered Swarming Capability
The US military is supercharging its LUCAS drone system with a game-changing AI-powered swarming capability, thanks to a new partnership with Shield AI - and Adm. Brad Cooper couldn't be more impressed, calling LUCAS "indispensable". This cutting-edge upgrade is set to revolutionize the drone's potential, unleashing a coordinated army of affordable, long-range attack drones that can overwhelm targets at a fraction of the cost of traditional missiles.
Middle East Tensions Force Cancellation of UK's Royal International Air Tattoo
The Royal International Air Tattoo, a highly anticipated event, has been cancelled due to uncertainty over access to RAF Fairford amid rising tensions in the Middle East. Ticket holders can opt for a full refund or roll over their tickets to the 2027 edition.
Nation-State Actors Exploit ROADtools in Cloud Attacks
Cloud attackers are now leveraging ROADtools, a publicly available toolkit, to exploit vulnerabilities in cloud tenants, allowing them to persist, discover, and evade defenses with ease. This dual-use framework's ability to speak Entra ID and Microsoft Graph makes it a red flag for defenders to take notice.
Norway Warns of Russian Nuclear Threat to US Cities
Norway's Foreign Minister Espen Barth Eide issued a stark warning: Russia's nuclear arsenal poses a catastrophic threat to US cities, capable of unleashing unprecedented destruction. A united NATO is crucial to counter this menace.
Iran-nexus APT Expands Espionage Ops with New RAT Variants
Unit 42 researchers have uncovered a sophisticated espionage campaign by an Iran-linked threat group, dubbed Screening Serpens, which has deployed six new remote access Trojan (RAT) variants to target entities across the US, Israel, and the Middle East. These variants, part of two distinct malware families, signal a significant expansion of the group's cyber spying operations.
Cloud Atlas Expands Arsenal with New Tools, Payloads
Cloud Atlas is beefing up its toolkit with fresh tools and payloads, including a blast from the past - the notorious CVE-2018-0802 Microsoft Office Equation Editor vulnerability. The group is also reviving its use of ZIP archives with malicious LNK shortcuts that trigger PowerShell scripts, keeping security experts on high alert.
Trend Micro Discloses Apex One Zero-Day Exploited in Attacks
A critical zero-day vulnerability, CVE-2026-34926, has been discovered in Trend Micro's Apex One on-premises server, allowing pre-authenticated local attackers to inject malicious code - and it's being actively exploited in attacks. Federal agencies have been ordered to patch affected systems ASAP, with a deadline of June 4, 2026.
Exploiting Windows Drivers Without Hardware: The BYOVD Perspective
Discover how attackers can exploit Windows drivers without hardware, turning kernel-mode driver bugs into powerful tools to bypass security controls. The Atos Threat Research Center reveals a game-changing method to manipulate reachability from userland on Windows 11 23H2.
Fraud Losses Exceed Chargebacks, Threaten Growth
Relying solely on chargeback rates to measure fraud performance can be misleading, as it overlooks significant costs and risks that affect revenue, operations, and customer trust long before a dispute escalates into a chargeback. By focusing on this single metric, teams may be ignoring a much larger problem that's hiding in plain sight.
GitHub Megalodon Attack Targets Repos with Malicious CI/CD Workflows
In a shocking six-hour blitz on May 18, 2026, attackers unleashed a massive supply-chain campaign dubbed "Megalodon," pushing 5,718 malicious commits to 5,561 GitHub repositories. The sneaky assault mimicked routine CI maintenance, using fake author names and convincing commit messages to deceive victims.
Drupal Sites Targeted in SQL Injection Attacks
Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.
Cyber Thieves Exploit SEO to Spread Infostealers via Fake AI Sites
Cyber thieves are using clever SEO tricks to spread infostealers through fake AI sites, targeting enterprise users and developer workstations with a potent mix of imitation and in-memory malware. This brief but potent campaign has been meticulously planned, with malicious domains deployed as early as March 2026.
Ubiquiti Fixes Maximum-Severity UniFi OS Flaws
Ubiquiti has patched three critical vulnerabilities in UniFi OS that left nearly 100,000 Internet-exposed endpoints, including 50,000 in the US, open to remote attacks without requiring login credentials. The fixes address severe flaws that could allow unauthorized system changes, file access, and even command injection.
Apple Thwarts $2.2bn in App Store Fraud with AI-Driven Defenses
Apple's AI-powered defenses have successfully blocked a whopping $2.2 billion in App Store fraud over the past year, and a staggering $11.2 billion over six years, protecting consumers and businesses from malicious actors.
Trump Mobile Website Exposed Thousands of User Records
A shocking security lapse has been uncovered on the Trump Mobile website, allegedly exposing thousands of users' sensitive information, according to a report by The Register. The breach claim, made by a techie, raises serious concerns about the website's data protection measures.
Canada Arrests Kimwolf DDoS Botnet Operator in US-Led Crackdown
In a major cybercrime crackdown, a 23-year-old Canadian man, Jacob Butler, has been arrested and charged with operating the notorious Kimwolf DDoS botnet, which targeted vulnerable devices like digital photo frames and web cameras. If convicted, Butler faces up to 10 years in prison for aiding and abetting computer intrusion.
US Charges Suspected Kimwolf Botnet Admin in Global Crackdown
In a major global crackdown, 23-year-old Jacob Butler, aka "Dort", has been arrested in Ottawa and charged with running the notorious KimWolf botnet, which infected nearly 2 million devices and fueled some of the largest DDoS attacks on record. Butler now faces extradition to the US and serious consequences for his alleged role in the massive cyber operation.
CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could allow attackers to take control of systems and execute malicious code.
Cisco Tests AI for Incident Reports, Finds Mixed Results
Cisco's experiment with AI-generated incident reports yielded mixed results, with large language models producing significant inaccuracies, unusual conclusions, and inconsistent writing styles when used for long-form technical content. The findings revealed four predictable failure modes, highlighting the need for guardrails to ensure reliable outcomes.
Cisco Fixes API Flaw Enabling Unauth Data Access
Cisco has patched a critical API flaw that allowed hackers to access sensitive data without authentication, potentially leading to configuration changes with admin-level privileges. This vulnerability, tracked as CVE-2026-20223, highlights the importance of robust API security measures to prevent devastating breaches.
CISA Warns of Open-Source Vulnerabilities Amid Delayed Security Improvements
The open-source community's rapid vulnerability discovery is a pressing concern, with the tempo of exploitation accelerating and straining traditional defensive practices, according to CISA's acting director Nick Andersen. He warns that this situation will require hard security decisions to mitigate the risks to federal and private networks.
US Navy Bolsters Submarine Detection with Next-Gen Sonobuoys
The US Navy is stepping up its submarine detection game with cutting-edge sonobuoys, driven by the growing threat of quieter enemy subs operated by China and Russia. These advanced floating sensors, weighing in at just 30 pounds, pack a powerful punch in precision sensing to help the Navy stay one step ahead.
Trump Delays AI Security Order Amid Industry Competition Concerns
President Donald Trump has delayed an executive order aimed at regulating frontier AI models, citing concerns over certain aspects of the proposal, which would have required a 90-day testing and vetting regime for new AI models. The order would have allowed federal agencies to study new models before public release and facilitated access for cybersecurity testers.
US Military Seeks Expanded Training Ranges to Simulate Contested Environments
The US military needs advanced training ranges that replicate the chaos of modern battlefields, where operators can rehearse and perfect critical maneuvers in simulated contested environments. Currently, regulatory hurdles and limited training spaces are hindering their ability to prepare for the complexities of modern warfare.