Tag: emerging threats
3051 articles
Space Force Taps Sandhoo to Lead Missile Warning Office
Gurpartap "GP" Sandhoo has been appointed to lead the Space Force's Missile Warning Office, bringing a wealth of experience to the role as he takes on new program acquisition executive responsibilities. He will continue to serve as director of the Space Development Agency, now in a permanent capacity.
Malicious Android Apps Fuel 659M Daily Ad Fraud Bid Requests
Meet Trapdoor, a massive ad fraud scam driven by 455 malicious Android apps that generated a whopping 659 million daily bid requests at its peak, all while hiding in plain sight as harmless utilities like PDF viewers and file managers. These fake apps tricked users into installing malware, unleashing a hidden ad fraud operation controlled by 183 threat actor-owned domains.
ChromaDB Flaw Enables Server Hijacking via AI Model Exploit
A newly discovered vulnerability, CVE-2026-45829, in ChromaDB's Python FastAPI variant allows hackers to hijack servers by exploiting AI models, with a security expert noting that authentication is present but poorly placed. This flaw lets unauthenticated attackers run arbitrary code on exposed servers by cleverly manipulating API endpoints.
NYC Health Breach Exposes 1.8M Patients' Sensitive Data
A massive data breach at NYC Health + Hospitals has exposed the sensitive information of 1.8 million patients, highlighting the alarming vulnerability of personal data in the healthcare system. This incident serves as a stark reminder of the devastating consequences of a breach, especially when it comes to biometric data that can never be truly reset.
Judges Weigh Pentagon's AI Ban on Anthropic
A Department of Justice attorney warned that a faulty AI model in military ops could have disastrous consequences, putting service members' lives at risk. Anthropic is challenging the Pentagon's decision to label it a national security risk, sparking a heated debate in the courts.
Microsoft Disrupts Cybercrime Service Selling Code-Signing Certificates to Ransomware Gangs
Microsoft has disrupted a notorious cybercrime operation, dubbed Fox Tempest, that sold code-signing certificates to ransomware gangs, allowing them to disguise malware as legitimate Windows software. The operation, which created over 580 fake Microsoft accounts, has been linked to two individuals, John Doe 1 and John Doe 2, who allegedly traded in real, Microsoft-issued code-signing credentials.
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft cracked down on a notorious malware-signing service used by ransomware gangs, disrupting the operations of Fox Tempest, a financially motivated group that generated millions of dollars in profits by selling trust to cybercriminals. The group had created over 1,000 code-signing certificates and hundreds of Azure tenants to support its industrial-scale scheme.
AI Adoption Exposes Identity Security Blind Spots
As organizations rapidly adopt AI, they're unwittingly creating a surge in non-human identities - like AI agents and machine identities - that are outpacing their ability to manage and secure them, leaving them vulnerable to new security risks. This blind spot is exposing companies to excessive privileges, unmanaged access, and orphaned accounts, threatening their security, compliance, and operations.
Europe Bolsters Defenses Against AI-Powered Cyberattacks
The European Commission is proactively bolstering its defenses against AI-powered cyberattacks, with Vice President Henna Virkkunen pledging to ramp up preparedness and unveil a list of concrete actions in the coming weeks. The commission is considering activating the EU Cybersecurity Reserve to stay ahead of emerging threats.
Discord Deploys End-to-End Encryption on Voice, Video Calls
Big news for Discord users: the platform has just rolled out end-to-end encryption for all voice and video calls by default, giving you an extra layer of security and peace of mind when chatting with friends or colleagues. This major update is powered by the innovative DAVE protocol, designed to keep your conversations private and secure.
FBI Warns of $388 Million Lost to Crypto ATM Scams
The FBI's Internet Crime Complaint Center received over 13,400 complaints about crypto ATM scams in 2025, with victims losing a staggering $388 million - a 58% jump in losses from the previous year. This alarming trend is part of a broader surge in cybercrime, with over 1 million complaints filed and nearly $21 billion in losses reported last year.
Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks
Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.
7-Eleven Breach Exposes Franchisee Data to Cyber Risk
A recent 7-Eleven data breach has put franchisee information at risk, with sensitive documents accessed by an unauthorized party, potentially exposing names, addresses, and other personal data. Fortunately, customers who used their credit cards to make purchases can breathe a sigh of relief, as their payment info appears to be safe.
Cyberwar Expands to Orbit as Satellites Become New Front
The lines between space and cyber are blurring, and the threat landscape for satellites and other space systems is evolving at a breakneck pace. As space systems become increasingly intertwined with cyberspace, eroding norms are leaving them vulnerable to attacks, as seen in the Russians' 2022 cyberattack on a US commercial satellite system, Viasat, at the start of their invasion of Ukraine.
Drupal Warns of Highly Critical Vulnerability Requiring Immediate Patch
Drupal is warning of a highly critical vulnerability that requires immediate attention, urging site operators to clear their calendars for a crucial patch rollout on Wednesday, May 20, between 1700 and 2100 UTC. Exploits could be developed within hours or days, making swift action essential to protect your site.
CISA Exposes Security Lapse with Open GitHub Repository
The US's leading cyber-defense agency, CISA, made a shocking security blunder by leaving a GitHub repository open, exposing sensitive passwords, keys, and tokens with alarmingly obvious filenames. This careless mistake raises serious concerns about the agency's ability to protect itself and the nation from cyber threats.
OpenClaw Flaw Enables Hackers to Hijack AI Agents
A newly discovered flaw in OpenClaw, dubbed the Claw Chain, allows hackers to hijack AI agents and use their privileges to gain persistent control of an environment. By exploiting this vulnerability, attackers can escalate privileges, access sensitive data, and maintain a foothold within the system.
Trapdoor Android Ad Fraud Scheme Exposes 455 Malicious Apps
Meet Trapdoor, a massive Android ad fraud scheme that used 455 malicious apps to generate a staggering 659 million daily bid requests, fueling a self-sustaining machine that turned innocent installs into big bucks. This complex operation was uncovered by HUMAN's Satori Threat Intelligence and Research Team, shedding light on a pipeline for multi-stage fraud.
Microsoft Disrupts Malware Signing Service Used by Ransomware Groups
Microsoft cracked down on a sophisticated malware signing service run by a group called Fox Tempest, which helped ransomware gangs disguise their malicious programs as legitimate software. This service was like a master forgery operation, creating counterfeit digital signatures that even experts struggled to spot.
Vulnerabilities Dwindle to Manageable Number in Supply Chain Risk Landscape
The good news on supply chain risk: out of 1,200 high-priority vulnerabilities in 2025, only 58 proved both highly exposed and easily exploitable, making them a manageable threat. By focusing on these urgent few, organizations can tackle their most immediate and impactful risks.
Air Force Special Ops Command to Test OA-1K Skyraider II's Rapid Deployability
The Air Force Special Ops Command is pushing the boundaries of rapid deployability with the OA-1K Skyraider II, a game-changing aircraft designed to tackle everything from counter-terrorism to full-on conflict. Dubbed the "Swiss Army knife of airborne capability," this modular marvel can be rapidly reconfigured to meet the most pressing needs on the battlefield.
AI Models Force Government to Rethink Cybersecurity Risks
The government's approach to cybersecurity is at a critical reflection point, thanks to advanced AI models like Anthropic's Mythos, which present both risks and opportunities for agencies handling sensitive information. Collaboration between the government and vendors is crucial to navigate this new landscape.
US Military's Golden Dome Costs Under Scrutiny
The US military's ambitious Golden Dome missile defense system has sparked a heated debate over its hefty price tag, with the Congressional Budget Office estimating a staggering $1.2 trillion cost that Space Force Gen. Michael Guetlein has publicly disputed. Gen. Guetlein argues that the estimate is inflated, setting off a battle over the program's true cost.
Malware Campaign Compromises Hundreds of npm Packages
A new, highly aggressive malware campaign, linked to the notorious TeamPCP group, has infected hundreds of npm packages, putting countless environments at risk of exposure. If you're concerned about potential damage, take immediate action to rotate secrets, remove persistence artifacts, and review recent publish activity.