Tag: emerging threats
3067 articles
Pakistan's Drone Push Tests Industrial Limits
Pakistan is grappling with a critical dilemma: should it churn out affordable, mass-produced drones as expendable weapons, or invest in high-end systems that may be too scarce to make a significant impact in an air-defence war of attrition? The country's limited industrial base, lacking in advanced manufacturing and precision electronics, poses a significant hurdle to producing cutting-edge loitering munitions at scale.
FTC to Crack Down on Deepfake Takedowns
Get ready for a major crackdown on deepfakes - starting May 19, 2026, websites and online services must swiftly remove nonconsensual deepfake media within 48 hours or face fines and FTC action. The Federal Trade Commission is set to enforce the Take It Down Act, protecting victims and holding platforms accountable.
Google Exposes BlackFile Extortion Operation's Tactics
Google's Threat Intelligence Group just exposed the clever tactics of the notorious BlackFile extortion operation, revealing how they use voice phishing and sneaky tech tricks to swindle dozens of organizations worldwide. Their clever scheme starts with a simple phone call, where fake IT helpers trick victims into spilling their secrets.
Zero-Knowledge Proofs Evolve to Bypass Age-Verification Checks
As the digital landscape continues to shift, it's only a matter of time before you'll have to face the music - and the cameras - when it comes to age verification checks. But what's really behind these on-camera checks: protecting kids or creating a way for governments to control access to online platforms?
Gremlin Stealer Evolves With Advanced Obfuscation Tactics
Meet the new and improved Gremlin Stealer, which has upgraded its hiding game by cleverly concealing its payloads in .NET resource blobs and only revealing them at runtime, making it a stealthier threat than ever. This latest variant uses single-byte XOR encoding to mask its malicious code, evading detection by signature and heuristic scanners.
Pentagon Draws Congressional Fire Over Canceled Europe Deployment
Congressional leaders are breathing down the Pentagon's neck after a surprise deployment cancellation left lawmakers fuming, with the House Armed Services Committee chair vowing to ensure the department sticks to its statutory commitments. The canceled deployment involved the 2nd Armored Brigade Combat Team, 1st Cavalry Division, which was set to head to Poland.
Southeast Asia Bolsters Counter-Drone Capabilities
Southeast Asian countries are rapidly adapting to the evolving drone threat landscape, with nations like Malaysia and Singapore leading the charge by developing cutting-edge counter-drone capabilities and integrating drone operations into their military training. From interceptor drones to revamped military doctrines, the region is proactively bolstering its defenses to stay ahead of the curve.
US AI Lead at Risk as Chip Controls Weaken
The US risks losing its lead in artificial intelligence to China by 2028 unless export controls on advanced computer chips are tightened, according to a report by Anthropic. Without stricter controls, the US advantage in frontier AI development will quickly narrow.
AIRO Unveils Hybrid-Electric VTOL Drone for Resupply Missions
Meet AIRO's game-changing hybrid-electric VTOL drone, designed for resupply missions in remote areas where traditional charging infrastructure is scarce. With its versatile JC250 cargo and JX250 ISR variants, this cutting-edge platform is poised to revolutionize defense, government, and commercial operations.
Iran Targets US Gas Stations with Tank Reader Hacks
US gas stations have been targeted by Iranian hackers, who manipulated fuel level readings at vulnerable sites, sparking concerns of a potentially catastrophic cyber attack. The breach highlights the alarming threat of kinetic cyber attacks, with experts warning of the devastating consequences.
ShinyHunters Fuel Surge in Data Leaks
Meet the ShinyHunters, a notorious group behind a surge in public data leaks, who team up with The Com to scam victims out of cloud system access and then hold their data for ransom. This duo's alarming tactic has resulted in a steady stream of sensitive information being dumped into the public domain.
Microsoft Unveils 100-Agent AI System for Advanced Bug Hunting
Microsoft has just unveiled MDASH, a game-changing AI system that leverages 100 specialized agents to supercharge bug hunting and vulnerability discovery. This cutting-edge technology combines multiple AI models to outperform traditional single-model approaches, giving enterprises a powerful new defense against cyber threats.
Funnel Builder Plugin Exploited to Inject Credit Card Skimmers
A vulnerability in the popular Funnel Builder plugin, used on over 40,000 websites, has been exploited to inject credit card skimmers into WooCommerce checkout pages, putting sensitive payment data at risk. This flaw allows attackers to sneak malicious code into checkout pages, harvesting valuable information from unsuspecting customers.
Ransomware Gangs Test Trust with Data Deletion Promises
Can you ever trust a ransomware gang's promise to delete stolen data? The recent Instructure breach has brought this question to the forefront, leaving victims wondering if paying up is worth the risk of broken promises.
Hackers Disrupt Microsoft Exchange, Windows 11 at Pwn2Own Contest
Security researchers just scored big at Pwn2Own Berlin 2026, raking in $385,750 for exploiting 15 zero-day vulnerabilities in top tech targets like Microsoft Exchange and Windows 11. The contest, running from May 14-16, offers up to $1 million in prizes for hacking the latest enterprise technologies.
Turla Upgrades Kazuar Backdoor to Modular P2P Botnet
Microsoft's Threat Intelligence team has uncovered a significant upgrade to the Kazuar backdoor by the notorious Russian state-sponsored group Turla, now a modular P2P botnet designed for long-term intelligence collection. This move enables Turla to maintain a persistent grip on compromised systems.
Node-ipc Package Infected with Credential-Stealing Malware
A malicious update to the widely-used node-ipc library has infected thousands of projects with credential-stealing malware, posing a significant supply-chain risk for developer environments and CI systems. With over 690,000 weekly downloads, this single compromised library could be exfiltrating sensitive data from countless unsuspecting users.
OpenClaw Flaws Expose Data, Enable Privilege Escalation
A chain of four vulnerabilities, dubbed Claw Chain, in OpenClaw can be exploited to turn an agent into a powerful tool for attackers, allowing them to extract sensitive data, escalate privileges, and plant backdoors for long-term access. This flaw chain enables adversaries to gain a foothold, move undetected, and wreak havoc on an OpenClaw-managed environment.
Avada Builder Flaws Expose WordPress Sites to Credential Theft
A critical vulnerability in the Avada Builder WordPress plugin, used by an estimated one million active installations, leaves sites exposed to credential theft and data breaches. Two flaws, CVE-2026-4782 and CVE-2026-4798, allow attackers to read sensitive files and extract database information, putting your site at risk.
Microsoft Alters Edge to Mitigate Password Exposure Risk
Microsoft is taking a major step to boost password security in its Edge browser, rolling out a defense-in-depth change to mitigate the risk of password exposure. This update will be applied across all supported Edge versions, prioritizing a swift rollout to protect users.
REMUS Infostealer Targets Session Theft, Password Managers
Meet REMUS Infostealer, a rapidly evolving threat that's been making waves in the underground scene since February 2026, with its operators boasting a staggering 90% callback rate thanks to top-notch crypting and a dedicated server. This infostealer has quickly become a commercialized and professionalized menace, with a flurry of updates, features, and customer communications flooding the dark web.
Gremlin Stealer Evolves with Advanced Evasion Tactics
In just 12 months, the Gremlin stealer malware has transformed from a basic credential harvester to a sophisticated modular toolkit that can stealthily siphon sensitive information from compromised systems. Its latest variant now specifically targets Chromium-based browsers, making it an even more formidable threat.
Autonomous AI Exposes Gaps in Enterprise Resilience Plans
As organizations deploy autonomous AI, they're exposing gaps in their resilience plans, putting business continuity at risk and creating new operational and infrastructure challenges for IT teams to navigate. Traditional security and recovery models are ill-equipped to handle the machine-speed, dynamic environments that autonomous AI creates.
Securing Autonomous AI Requires New Risk Strategies
Autonomous AI agents are revolutionizing enterprise environments with lightning-fast speed, unprecedented autonomy, and access to sensitive systems and data - but many security teams lack the visibility and control to manage the resulting risks. This game-changing technology is rapidly expanding the enterprise attack surface, demanding new risk strategies to stay ahead.