Tag: emerging threats
4580 articles

CISA Flags Exploited SharePoint Zero-Day Vulnerability
Don't wait until it's too late: Federal agencies have until July 19, 2026, to patch a critical Microsoft SharePoint Server vulnerability, CVE-2026-58644, that's already being exploited by hackers to execute malicious code remotely. This high-severity flaw, with a CVSS score of 9.8, could allow attackers to take control of your SharePoint Server if left unpatched.

US Diplomacy Hampered by Post-Layoff Staffing Gaps
One year after devastating layoffs slashed 1,350 jobs from the State Department, the effects are clear: a depleted workforce and a US diplomacy that's struggling to keep pace. The cuts have taken a profound toll, with voices from across the aisle and from former staff themselves warning of a dire impact.

Space Force Nominee Backs $71 Billion Budget Amid China Threat
The White House nominee to lead the US Space Force is pushing for a $71.1 billion budget, saying it's exactly what's needed to counter China's growing threat and ensure America's dominance in space. Lt. Gen. Douglas Schiess emphasized that the hefty budget is crucial for modernizing the Space Force and preparing for a potentially contested space domain.

US Navy Targets 1,000-Mile Combat Radius for Carrier-Based Drone Fleets
The US Navy is setting its sights on a game-changing capability for carrier-based drone fleets: the ability to launch targeted attacks up to 1,000 miles away from aircraft carriers without needing to refuel. This ambitious goal is part of the Navy's vision for the future of naval aviation.

US Military Tests Drones, 3D Printers to Overcome Pacific Distance Challenge
Imagine having manufacturing on demand, delivered at incredible speed and quality - that's what the US military is testing with drones and 3D printers to overcome vast distances in the Pacific. This game-changing approach could revolutionize the way the military gets the parts and supplies it needs, when and where it's needed.

US Indicts Russians for Running Bulletproof Hosting Services
The FBI has struck a major blow against cybercrime by indicting three Russian nationals and two companies for operating bulletproof hosting services that enabled devastating attacks on US critical infrastructure. This significant move disrupts the backbone of cybercriminal operations, dealing a crucial win for online safety.

Farnborough Air Show Navigates Iran War Tensions, Defense Spending Debates
The cancellation of the Royal International Air Tattoo has thrown the spotlight on the Farnborough International Air Show, now set to be the premier aerospace gathering of the summer. With tensions in the Middle East running high, all eyes will be on Farnborough from July 21 to 24.

GRC AI Tools Fall Short on Enterprise Readiness
Most organizations are flying blind when it comes to GRC AI tools, with a staggering 87% of IT and security pros admitting they can't fully see the AI tools active within their organization. This visibility gap poses a foundational risk, making it harder to rely on other controls and assurances.

South Korea Deploys Anti-Drone Netting in Logistics Exercise
South Korea is stepping up its defense game by deploying anti-drone netting in a recent logistics exercise, showcasing its commitment to protecting its operations from aerial threats. Check out the photos from the Combined Joint Logistics Over-the-Shore 26 exercise, where Republic of Korea service members used the innovative netting on a floating causeway.

Zelenskyy's Ouster of Ukraine Defense Minister Sparks Protests, Allies' Concern
Ukrainian President Volodymyr Zelenskyy has ousted Defense Minister Mikhailo Fedorov, citing the minister's unauthorized procurement decisions, a move that has sparked protests and concern among allies. The sudden dismissal follows a public feud with Gen. Oleksandr Syrskyi, commander-in-chief of the armed forces.

Federal Cyber Rotation Program Fails to Gain Traction
The Federal Rotational Cyber Workforce program, launched in 2022, has seen a surprisingly low uptake, with only eight participants out of 634 applicants, despite 13 agencies offering 106 positions. This falls short of its goal to develop a more versatile and agile cyber workforce.

AI Empowers Cyberattacks with Operational Efficiency
As AI continues to evolve, it's crucial to treat AI-driven threats as a top priority, using the technology to supercharge their attacks and compress timelines. AI is being used by attackers to automate routine work, streamline reconnaissance, and shorten development cycles, turning what once took days into operations that can be executed in just hours.

South Korea Develops Sovereign AI Model for Bug Detection
South Korea is racing to develop its own AI model for bug detection by 2026, driven by concerns that relying on foreign models could leave the country vulnerable at critical moments. The homegrown AI model aims to rival leading security-focused models, ensuring the nation has control over its bug-finding capabilities.

OpenAI GPT-5.6 Model Exposes Users to Unintended File Deletion Risk
Beware of the GPT-5.6 model's alarming bug that can wipe out your files in an instant, as shocking incidents from tech investor Matt Shumer and software engineer Bruno Lemos reveal. Users are reporting devastating file deletions, with one victim losing almost all of their Mac's files and another having their entire production database erased.

ClickLock Malware Forces macOS Users to Reveal Login Passwords
Beware: a sneaky new malware called ClickLock has already compromised over 100 macOS systems in 33 countries, tricking users into revealing their login passwords. This stealthy threat has been hiding in plain sight since May, leaving a trail of vulnerable systems in its wake.

Ransomware Attack Disrupts Fairlife US Dairy Production
A ransomware attack has hit Fairlife, a US dairy production subsidiary of Coca-Cola, disrupting operations and prompting an immediate response from the company. The incident has triggered a thorough investigation, with outside experts and law enforcement working to contain the breach.

AI Models Vulnerable to Poisoning for Under $100
A cybersecurity expert recently discovered that AI models can be easily manipulated to behave maliciously, with a backdoor installable in just an hour for under $100. This startling vulnerability was uncovered through a simple fine-tuning test that quickly escalated into a full-blown security threat.

Claude Extension Flaw Exposes AI Actions to Malicious Extensions
A security researcher discovered a vulnerability in Anthropic's Claude browser extension that allows malicious Chrome extensions to trick it into performing predefined AI actions on connected services like Gmail and Google Docs. This flaw could have serious consequences, as it only requires a simple simulated click to launch built-in workflows.

OkoBot Malware Targets Crypto Wallets with 20 Payloads
Beware of OkoBot malware, a sneaky threat that's using clever tactics like fake GitHub repositories and ClickFix attacks to steal your cryptocurrency wallet secrets and sensitive data. This malicious framework is armed with over 20 payloads, making it a formidable foe in the world of cybercrime.

UK Sentences Two Scattered Spider Hackers to 5.5 Years Over £29 Million TfL Hack
Two young hackers, Owen Flowers and Thalha Jubair, have been sentenced to 5.5 years in prison for their reckless cyber attacks, including a £29 million hack of Transport for London, with prosecutors highlighting the disturbing extent of their disregard for human life. The pair's guilty plea marks a landmark case, believed to be the first convictions under the Computer Misuse Act 1990's most serious offence.

Defense Contractors Push Back on NDAA Buyback Provision
Raytheon is seizing the spotlight at the Farnborough International Airshow, showcasing its battle-tested Coyote counter-UAS system, which has seen action in multiple theaters of operation. The company is leveraging real-world results to drive sales, with executive Joseph DeAntona touting the system's proven performance.

GoSerpent Malware Evolves with Advanced Data Exfiltration Tactics
In late 2025, a new wave of malicious activity emerged, led by the evolved GoSerpent malware, which has been quietly lurking in the shadows since at least 2021. This stealthy backdoor has upgraded its data exfiltration tactics, putting organizations on high alert.

ViPNet Update System Exploited in HelloNet APT Campaign
Kaspersky uncovered a sneaky APT campaign, HelloNet, that exploited the ViPNet Update System to spread malware, starting as far back as May 2026. The attackers cleverly used a malicious library to hijack the ViPNet updater, allowing them to siphon off sensitive info and clean up their tracks.

Private 5G Networks Expose Government to Hidden Security Risks
Government agencies and military organizations risk exposing themselves to hidden security threats if they don't adopt a zero-trust approach to their private 5G networks, leaving them vulnerable to potentially devastating attacks. Without proper security measures in place, adversaries could gain unrestricted access to sensitive information and wreak havoc.