Tag: emerging threats
3060 articles
Grafana Labs Discloses Source Code Theft by Hackers
Hackers recently breached Grafana Labs' security, gaining unauthorized access to a GitHub token that allowed them to download the company's source code, and subsequently attempting to extort payment to keep it under wraps. The incident was swiftly investigated, and the compromised token was promptly invalidated.
Agentic AI Turbo Boosts Mobile App Attacks
The alarming rise of mobile app attacks is no longer looming on the horizon - it's here, with a staggering 87% of monitored apps facing threats in 2026, a drastic jump from 55% in 2022, fueled by the rapid adoption of AI models. This explosive growth in attacks is a wake-up call for businesses to bolster their mobile app security.
Microsoft Disables Windows Updates in Restricted Networks
If you've installed the January 2026 optional non-security preview updates on a restricted Windows network, you might face update failures - a frustrating issue that could leave your system vulnerable. Specifically, affected devices may still download February's security update, but then get stuck, unable to receive crucial updates from March onwards.
Nx Console Extension Exploited to Steal Developer Credentials
A malicious version of the popular Nx Console Extension was published to the VS Code Marketplace, compromising over 2.2 million installations and putting developer credentials at risk. Within seconds of opening a workspace, the extension silently fetched and executed a hidden payload, allowing attackers to steal sensitive information.
Hackers Exploit Human Behavior to Bypass Security Tools
As cyber threats evolve at an alarming rate, hackers are exploiting human behavior to outsmart security tools, forcing organizations to rethink their defensive strategies. With identity abuse and data extortion on the rise, businesses must stay ahead of the game to protect themselves.
Mini Shai-Hulud Campaign Targets npm Ecosystem with Malicious AntV Packages
A large-scale attack has infected hundreds of popular npm packages, including widely-used data visualization and React components, with malicious updates, putting a vast number of projects and applications at risk. The attackers published 639 malicious versions across 323 unique packages in a fast-moving supply chain operation.
GitHub Actions Supply Chain Attack Exfiltrates CI/CD Credentials
A sneaky supply chain attack on GitHub Actions has led to the theft of CI/CD credentials, with hackers using a clever trick to redirect tags to fake commits that hide malicious code. By masquerading as legitimate commits, attackers were able to execute arbitrary code and evade pull request reviews.
US Leads Shift to Allied Security Web in Indo-Pacific
Imagine a strategic anchor in the Indo-Pacific, where a cutting-edge security network is being woven to safeguard a vital waterway - the Strait of Malacca, which carries a quarter of global trade and nearly 30 percent of seaborne oil. Guam is at the forefront of this revolutionary shift, transforming into a hub of interconnected security, deterrence, and defense systems.
Russia Unveils Two-Seat Variant of Su-57 Felon Fighter
Russia just revealed a game-changing two-seat version of its Su-57 Felon fighter, designed to serve as a flying command center for coordinated air operations. This new variant, spotted undergoing taxi trials, boasts a redesigned fuselage and tandem cockpit.
Pentagon Names Five Winners in Drone Lethality Challenge
The Pentagon has announced the five winners of its Drone Lethality Challenge, a competition seeking payload solutions compatible with small drones, and the solutions must be scalable and cost-effective. The winners - Bravo Ordnance, Kela Defense, Kraken Kinetics, Mountain Horse, and Northrop Grumman - have successfully met the government's requirements for payloads that can be used on Group 1 drones.
India Advances Nuclear Deterrent with Second MIRV Missile Test
India just took a giant leap in defence preparedness with the successful test of its Advanced Agni missile, equipped with a game-changing Multiple Independently Targeted Re-Entry Vehicle (MIRV) system, capable of taking out multiple targets across a vast geographical area. This milestone marks a significant boost to the country's deterrent capabilities against growing threats.
Army Seeks Low-Cost Patriot Interceptor Under $1 Million
The Army is launching a competitive quest for a game-changing, low-cost interceptor that could slash the Patriot system's unit price to under $1 million - a fraction of the current cost. Industry players are invited to submit proposals for innovative designs that could revolutionize missile defense.
Southeast Asia Shifts Defence Strategy to Counter China with Mobile Strike Capabilities
To counter China's growing influence, Southeast Asian nations can bolster their defence by prioritizing mobile strike capabilities, leveraging affordable and agile equipment like strike missiles, drones, and surface-to-air missiles. By doing so, they can significantly raise the stakes for China and make any potential aggression a costly endeavour.
Interpol Disrupts Cybercrime Ops Across 13 Countries
In a major win against cybercrime, Interpol's Operation Ramz has resulted in 201 arrests, 53 servers seized, and nearly 4,000 victims identified across 13 countries in the Middle East and North Africa. This groundbreaking four-month sweep marks a significant milestone in the fight against online crime.
US Soldiers Train to Identify Drones by Sound
US soldiers are now on high alert for a new kind of threat - and it's not just about keeping their eyes on the ground. They're learning to tune in to the unique sounds of drones, like Sgt. 1st Class Tyler Harrington, who's training to distinguish between different types, including one-way attack drones.
US, Israel Escalate Pressure on Iran with Airstrikes, Sanctions
President Donald Trump revealed on Truth Social that he was asked by top Middle Eastern leaders to delay a planned military attack on Iran, which was set to happen the following day. He instructed the military to stand down, but remain ready to launch a full-scale assault if negotiations fail.
China's Influence in Solomons Resists Leadership Shift
Solomon Islands' new Prime Minister Matthew Wale is vowing to shake things up, warning that his country isn't immune to geopolitics and promising that "change is coming" after ousting his pro-China predecessor. Will this leadership shift mark a new direction for the island nation, one that's less aligned with Beijing?
AI Agents Expose Blind Spots in APAC Enterprise Security
Attackers are now targeting AI agents embedded within APAC enterprises, exploiting weaknesses in non-human identities to gain access to sensitive systems, data, and workflows. This emerging threat highlights a significant blind spot in enterprise security, one that's ripe for exploitation by malicious actors.
CISA Contractor Exposes AWS GovCloud Keys in GitHub Leak
A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) made a critical mistake by exposing sensitive AWS GovCloud keys, plaintext passwords, and internal files in a public GitHub repository. The leak, described as one of the worst ever witnessed, included highly privileged credentials and build artifacts for numerous internal CISA systems.
BitLocker Vulnerability Exposed in Zero-Day Windows Exploit
A newly discovered zero-day exploit, dubbed YellowKey, can bypass Windows 11's standard BitLocker encryption - but don't panic, as it requires physical access to the computer. This vulnerability was recently published by a researcher known as Nightmare-Eclipse on GitHub.
AI-Powered Bug Reports Overwhelm Security Teams
GitHub is overhauling its bug report system after being inundated with AI-generated submissions that are often incomplete, unrealistic, or redundant, making it tough for security teams to keep up. The platform is tightening its definition of a "complete" bug report to help separate signal from noise.
Satellites Become New Frontier in Cyberwarfare
As the space and cyber domains converge, the harsh reality is that traditional cybersecurity tools are woefully unprepared for the unique challenges of protecting satellites in orbit. Conventional defenses falter in space, where satellites operate on diverse, limited platforms, demanding reliable security solutions that can thrive in extreme conditions.
Reaper Stealer Targets macOS Users with Password, Wallet Theft and Backdoor Attacks
macOS users beware: Reaper Stealer malware is on the loose, stealing passwords, crypto-wallets, and installing backdoors on infected machines. This triple-threat attack puts Apple platform users and their defenders on high alert.
AI Tools Expose Healthcare to Rising Cyber Risk
The healthcare sector faces a rising cyber risk with the emergence of advanced AI tools like Anthropic's Claude Mythos, which could exponentially speed up vulnerability detection and exploitation. A leak of this powerful technology could create a force multiplier for cybercriminals, putting healthcare CISOs and security teams on high alert.