Tag: emerging threats
3067 articles
Infosecurity Europe Spotlights Cyber Startups
Get ready to witness the future of cybersecurity as five innovative startups take the stage at Infosecurity Europe 2026 to pitch their game-changing ideas and compete for a coveted prize package. The event will also feature a dedicated Cyber Startups Zone, where you can discover the latest solutions and meet the minds behind them.
Grafana Breach Exposes Source Code via Stolen GitHub Token
Grafana Labs revealed that hackers breached its GitHub environment using a stolen access token, downloading the company's source code, but fortunately, took swift action to invalidate the token and beef up security measures. The incident is currently under investigation, with more details to be shared once complete.
Interpol Disrupts Cybercrime Networks in MENA Region with 201 Arrests
In a major win against cybercrime, Interpol's Operation Ramz has led to the arrest of 201 individuals and identification of 382 suspects across the Middle East and North Africa. This cross-border crackdown, involving 13 countries, has brought relief to 3,867 victims and dismantled key cybercrime networks.
Phishing Attacks Expose Gaps in Early Detection
In just 40 seconds, ANY.RUN's interactive sandbox exposed the full attack chain of a phishing attack, revealing redirects, fake pages, and signs of possible remote access. This game-changing tool helps teams detect phishing threats early, providing concrete evidence of business exposure before it's too late.
Poland Shifts Officials to State Messaging App Citing Security Concerns
Poland is swapping out Signal for a state-developed messaging app touted as more secure, amid rising concerns over targeted social engineering attacks on government officials. The move marks a significant shift in how officials communicate, prioritizing security over popular choice.
NGINX Rift Attackers Exploit Exposed Servers Within Days of Disclosure
Malicious actors are already probing and exploiting a long-standing vulnerability in NGINX web server software, just days after its disclosure - highlighting the urgent need for organizations to update their systems and safeguard against cyber threats. This 18-year-old flaw has quickly become a prime target for attackers seeking unauthorized access to exposed servers.
Major Vendors Patch Critical Flaws Amid Cyber Threat Surge
A critical flaw in Ivanti Xtraction, tracked as CVE-2026-8043, allows remote attackers to read sensitive files and launch client-side attacks - but fortunately, patches are now available to fix this high-risk vulnerability.
Developer Workstations Expose Software Supply Chain to Credential Theft
In a shocking 48-hour span, three separate cyber attacks hit major platforms, targeting sensitive secrets like API keys and cloud credentials from developer workstations and CI/CD pipelines. This new wave of supply chain threats reveals a disturbing trend: attackers are now focusing on harvesting credentials to compromise your entire software development process.
Malicious npm Packages Deliver Infostealers and DDoS Malware
Researchers uncovered malicious npm packages, including one that was essentially a clone of the notorious Shai-Hulud worm, which was uploaded with its own command-and-control server and private key, ready to steal credentials and wreak havoc. This alarming discovery highlights the growing threat of malicious packages on npm.
NCSC Warns of Agentic AI Risks, Urges Cautious Deployment
Be cautious with agentic AI - a single misstep could have serious consequences if an agent misinterprets its task, oversteps its boundaries, or falls prey to manipulation. Don't give agentic AI unrestricted access to sensitive data or critical systems without careful consideration.
Mozilla Warns UK Against Breaking VPNs
Mozilla warns the UK that cracking down on VPNs won't solve the country's age-check conundrum, as these essential security tools are not a teenage loophole, but a vital part of online protection. By breaking VPNs, the UK risks undermining online security for all users.
Security Researchers Uncover 47 Zero-Days at Pwn2Own Berlin
In a thrilling three-day competition, security researchers at Pwn2Own Berlin uncovered a staggering 47 zero-day vulnerabilities, raking in nearly $1.3 million in prize money, with the Devcore Research Team taking home a whopping $505,000. The top prizes included a $200,000 award for a VMware ESXi exploit and a $100,000 prize for a Microsoft SharePoint hack.
Zero-Day Exploit Escalates Privileges on Patched Windows Systems
A security researcher has uncovered a zero-day exploit, dubbed MiniPlasma, that can escalate privileges to LOCAL SYSTEM on fully patched Windows systems by targeting a vulnerability in the Windows Cloud Files Mini Filter Driver. This shocking flaw has left experts wondering if Microsoft simply missed the issue or if a patch was quietly rolled back.
UK Regulators Warn Financial Firms on Frontier AI Cybersecurity Risks
UK regulators are sounding the alarm: as frontier AI models advance, financial firms must urgently bolster their cyber defences to avoid catastrophic threats to safety, customers, and financial stability. The warning comes as AI capabilities increasingly outpace human expertise, offering malicious actors unprecedented speed, scale, and low-cost opportunities to wreak havoc.
Fast16 Malware Targeted Nuclear Weapons Simulations Pre-Stuxnet
Meet the fast16 malware, a highly targeted threat that sabotaged nuclear weapons simulations by corrupting results in popular engineering tools LS-DYNA and AUTODYN, but only when conditions reached explosive intensities. Its creators fine-tuned it to strike with surgical precision.
Microsoft Windows 11 Update Fails to Install Due to EFI Space Issue
Struggling with a frustrating update fail? The latest Windows 11 security update may not install on your device due to a sneaky space issue on the EFI System Partition, causing error code 0x800f0922 and an automatic rollback.
DirtyDecrypt Flaw Exposes Linux Systems to Root Access Risk
A newly patched Linux kernel flaw, dubbed DirtyDecrypt, has been exposed through a public proof-of-concept exploit that can grant root access to vulnerable systems. This critical vulnerability was recently patched, but a public exploit is now available, putting Linux systems at risk.
Grafana Labs Hit by GitHub Breach, Code Stolen in Ransom Demand
Grafana Labs sprang into action after a security breach at GitHub compromised its code, swiftly invalidating leaked credentials and bolstering defenses to prevent further unauthorized access. The company quickly responded to the breach, taking crucial steps to safeguard its environment.
Security Researchers Exploit 47 Zero-Days for $1.3 Million at Pwn2Own Berlin
In a stunning display of cybersecurity prowess, researchers at Pwn2Own Berlin 2026 exploited a whopping 47 zero-day flaws, raking in a total of $1.3 million in just three days. The competition saw contestants disclose and exploit vulnerabilities in top enterprise and AI-facing products, earning daily payouts of $523,000, $385,750, and $389,500.
Pakistan's Defence Modernization Accelerates with Strategic Trade-Offs Ahead
Pakistan's defence modernization takes a giant leap forward with the successful test-fire of the Fatah IV ground-launched cruise missile, showcasing its precision and versatility with an air-burst warhead. This milestone achievement signals a strategic push towards standardized, cost-effective missile production.
Navy Growlers Collide in Mid-Air at Idaho Air Show
In a heart-stopping moment, two Navy EA-18G Growler jets from the Whidbey Island-based Electronic Attack Squadron (VAQ) 129 collided mid-air during an electrifying performance at Idaho's Mountain Home Air Force Base Gunfighter Skies Air Show. Fortunately, all four crew members ejected safely and are receiving medical evaluations.
India Advances Hypersonic Capabilities with 1,200-Second Scramjet Test
India's Defence Research and Development Laboratory has successfully tested a full-scale scramjet combustor for a record 1,200 seconds, paving the way for the nation's ambitious Hypersonic Cruise Missile Development Program. This groundbreaking achievement marks a major milestone in India's pursuit of hypersonic capabilities.
US Aircraft Carriers Redeploy After Ford's Record-Breaking 326-Day Mission
After a record-breaking 326-day mission, the USS Gerald R. Ford aircraft carrier has returned to Naval Station Norfolk, accompanied by cheers from hundreds of loved ones. The supercarrier and its crew of nearly 4,500 Sailors sailed over 57,000 nautical miles and supported operations across two continents.
China's PLA Adopts Antiquated Homing Pigeons for Battlefield Communications
In a surprising move, China's PLA Logistics Support Force has turned to an unlikely communication solution: homing pigeons, proudly showcased on state television as a key part of their battlefield communications toolkit. These birds are being used to deliver messages, bringing a touch of nostalgia to modern warfare.