Tag: emerging threats
3058 articles
Trapdoor Android Ad Fraud Scheme Exposes 455 Malicious Apps
Meet Trapdoor, a massive Android ad fraud scheme that used 455 malicious apps to generate a staggering 659 million daily bid requests, fueling a self-sustaining machine that turned innocent installs into big bucks. This complex operation was uncovered by HUMAN's Satori Threat Intelligence and Research Team, shedding light on a pipeline for multi-stage fraud.
Microsoft Disrupts Malware Signing Service Used by Ransomware Groups
Microsoft cracked down on a sophisticated malware signing service run by a group called Fox Tempest, which helped ransomware gangs disguise their malicious programs as legitimate software. This service was like a master forgery operation, creating counterfeit digital signatures that even experts struggled to spot.
Vulnerabilities Dwindle to Manageable Number in Supply Chain Risk Landscape
The good news on supply chain risk: out of 1,200 high-priority vulnerabilities in 2025, only 58 proved both highly exposed and easily exploitable, making them a manageable threat. By focusing on these urgent few, organizations can tackle their most immediate and impactful risks.
Air Force Special Ops Command to Test OA-1K Skyraider II's Rapid Deployability
The Air Force Special Ops Command is pushing the boundaries of rapid deployability with the OA-1K Skyraider II, a game-changing aircraft designed to tackle everything from counter-terrorism to full-on conflict. Dubbed the "Swiss Army knife of airborne capability," this modular marvel can be rapidly reconfigured to meet the most pressing needs on the battlefield.
AI Models Force Government to Rethink Cybersecurity Risks
The government's approach to cybersecurity is at a critical reflection point, thanks to advanced AI models like Anthropic's Mythos, which present both risks and opportunities for agencies handling sensitive information. Collaboration between the government and vendors is crucial to navigate this new landscape.
US Military's Golden Dome Costs Under Scrutiny
The US military's ambitious Golden Dome missile defense system has sparked a heated debate over its hefty price tag, with the Congressional Budget Office estimating a staggering $1.2 trillion cost that Space Force Gen. Michael Guetlein has publicly disputed. Gen. Guetlein argues that the estimate is inflated, setting off a battle over the program's true cost.
Malware Campaign Compromises Hundreds of npm Packages
A new, highly aggressive malware campaign, linked to the notorious TeamPCP group, has infected hundreds of npm packages, putting countless environments at risk of exposure. If you're concerned about potential damage, take immediate action to rotate secrets, remove persistence artifacts, and review recent publish activity.
Army Probes Apache Helicopter Transmission Failures Amid Funding Cuts
The Army has launched an investigation into transmission failures in its AH-64E Apache helicopters after an internal safety document revealed a potentially catastrophic flaw that can lead to loss of power, hydraulics, and tail rotor thrust. The probe comes as the military slashes flying hours and accelerates the retirement of older Apaches due to funding cuts.
Drupal Users Face Urgent Patch Deadline
Drupal users, take note: a highly critical core patch is coming and it's essential to act fast to secure your site. Get ready to install the update ASAP to avoid potential risks.
Microsoft Teams Hit by macOS Update Glitch
If you're a macOS user of Microsoft Teams, you might have encountered a frustrating glitch - a location-permission dialog that just won't go away, no matter how many times you click "Don't Allow". This annoying issue started surfacing on May 11, with some users reporting they had to click "Don't Allow" up to 20 times in a row.
Microsoft Disrupts Fox Tempest's Ransomware-Enabling Code-Signing Service
Microsoft's Digital Crimes Unit has successfully disrupted a notorious code-signing service used by cybercriminals, including the group behind Fox Tempest, to create fake IDs and gain easy access to systems. This operation has effectively shut down a key tool used by hackers to spread ransomware and malware.
Linux Kernel Faces New Exploit for DirtyDecrypt Vulnerability
A new exploit has been discovered for the DirtyDecrypt vulnerability in the Linux Kernel, allowing for a potentially devastating rxgk pagecache write due to a missing copy-on-write guard. This flaw, tracked as CVE-2026-31635, has a CVSS score of 7.5 and was recently patched after being reported by security researchers.
7-Eleven Breach Exposes Franchisee Data After ShinyHunters Attack
7-Eleven recently confirmed a data breach that exposed sensitive franchisee information after a cyberattack by the group ShinyHunters, with unauthorized access detected on April 8. The company swiftly launched an investigation and began notifying affected individuals on May 1.
Shai-Hulud Malware Targets 600 Npm Packages in Supply-Chain Attack
In a shocking supply-chain attack, malicious Shai-Hulud malware targeted a staggering 600 npm packages, with researchers uncovering nearly 640 tainted versions across 323 unique libraries in just one hour. The assault hit popular ecosystems like @antv and spread to widely-used packages, leaving a trail of poisoned code in its wake.
Torq Bolsters AI-Powered Security with Jit Context Graph Acquisition
Torq supercharges its AI-powered security with the acquisition of Jit's innovative context graph technology, enabling real-time understanding of business relationships between assets and alerts. This game-changing integration helps Torq deliver smarter, more effective security solutions.
Microsoft Utility MSHTA Fuels Malware Surge via Lumma Stealer Campaigns
Malware campaigns are on the rise, fueled by the Microsoft Utility MSHTA, which is being exploited to spread info stealers like Lumma Stealer and Amatera. This sneaky tactic is just the latest example of how cybercriminals are abusing a long-standing Windows feature to wreak havoc.
Vulnerability Exploitation Surges in Data Breaches
Vulnerability exploitation is now the top attack vector, responsible for a staggering one-third of all data breaches. This alarming trend highlights the urgent need for robust patch management and cybersecurity measures to stay ahead of threats.
Microsoft Vulnerabilities Spike in Critical Areas
A single critical flaw, like CVE-2025-55241, can give attackers unrestricted access to any tenant, highlighting the alarming rise in critical Microsoft vulnerabilities, which doubled in 2025 despite a stable overall number of vulnerabilities. This sharp increase in high-impact weaknesses demands attention and action.
Drupal Warns of Imminent Core Security Updates, Urges Site Prep
Drupal is warning site owners to prepare for imminent core security updates, urging them to reserve time on May 20, 2026, between 5-9 p.m. UTC, to apply crucial patches and protect against potential exploits. Don't miss this window to safeguard your site and stay ahead of potential threats!
OAuth Grants Expose Hidden Risk Below MFA Perimeter
In just five weeks, a phishing-as-a-service platform called EvilTokens compromised over 340 Microsoft 365 organizations across five countries by exploiting a clever trick: instead of stealing passwords, it convinced users to hand over OAuth refresh tokens, granting attackers long-term access to sensitive data like mailboxes, drives, and calendars. This sneaky tactic allowed hackers to bypass traditional security measures, including multi-factor authentication.
AI-Powered Tools Elevate Vulnerability Detection, Pressing Secure-by-Design Mandate
With AI-powered tools, companies can now instantly detect and fix software vulnerabilities, making ignorance a thing of the past when it comes to cybersecurity. As Hans de Vries of ENISA notes, this shift makes a secure-by-design approach not just best practice, but a pressing mandate.
SEPPMail Gateway Vulnerabilities Expose Remote Code Execution Risk
Critical vulnerabilities in SEPPMail's Secure E-Mail Gateway could allow hackers to read all mail traffic, gain entry into internal networks, and even execute remote code - putting your entire system at risk. These flaws could have devastating consequences, from data breaches to full-scale system compromise.
Grafana Labs Discloses Source Code Theft by Hackers
Hackers recently breached Grafana Labs' security, gaining unauthorized access to a GitHub token that allowed them to download the company's source code, and subsequently attempting to extort payment to keep it under wraps. The incident was swiftly investigated, and the compromised token was promptly invalidated.
Agentic AI Turbo Boosts Mobile App Attacks
The alarming rise of mobile app attacks is no longer looming on the horizon - it's here, with a staggering 87% of monitored apps facing threats in 2026, a drastic jump from 55% in 2022, fueled by the rapid adoption of AI models. This explosive growth in attacks is a wake-up call for businesses to bolster their mobile app security.