Tag: emerging threats
3069 articles
Autonomous AI Exposes Gaps in Enterprise Resilience Plans
As organizations deploy autonomous AI, they're exposing gaps in their resilience plans, putting business continuity at risk and creating new operational and infrastructure challenges for IT teams to navigate. Traditional security and recovery models are ill-equipped to handle the machine-speed, dynamic environments that autonomous AI creates.
Securing Autonomous AI Requires New Risk Strategies
Autonomous AI agents are revolutionizing enterprise environments with lightning-fast speed, unprecedented autonomy, and access to sensitive systems and data - but many security teams lack the visibility and control to manage the resulting risks. This game-changing technology is rapidly expanding the enterprise attack surface, demanding new risk strategies to stay ahead.
AI-Powered Phishing Scams Evade Detection in Workplace
Phishing scams are getting sneakier, with 72% of people saying AI-powered attempts are more convincing than ever - and 57% believe AI makes them harder to spot because they seem more professional. As a result, employees are struggling to tell the difference between genuine workplace messages and fraudulent ones.
Autonomous AI Exposes Governance Gaps in Enterprise Security
As autonomous AI revolutionizes enterprise security, it's also revealing alarming governance gaps that can leave organizations in highly regulated environments exposed to unprecedented risks. The rapid adoption of autonomous AI is creating a trust gap, where innovation outpaces control, and novel risks to visibility, control, and regulatory compliance are emerging.
TanStack Supply Chain Attack Targets OpenAI, Forces macOS Updates
OpenAI sprang into action after detecting a sneaky supply chain attack targeting TanStack, quickly investigating and containing the threat to protect its systems. The attack impacted just two employee devices, with limited internal code repositories and credential material compromised.
Enterprises Lag in AI-Agent Risk Mitigation Despite Funding
Most enterprise leaders are bracing for a major security breach or fraud incident driven by AI agents within the next year, yet their organizations are woefully unprepared to mitigate the risks. A recent survey of 300 security leaders reveals a stark gap between threat awareness and adequate safeguards.
Autonomous AI Exposes New Risks in Enterprise Environments
As autonomous AI weaves itself into the fabric of enterprise operations, it brings a new wave of complexity and unpredictability, testing the limits of infrastructure and IT teams like never before. The result? A whole new landscape of operational and infrastructure risks that threaten to upend traditional security and recovery models.
Wireless Vulnerabilities Skyrocket, Outpacing Traditional Threats
The number of wireless vulnerabilities has skyrocketed, with a staggering 937 new threats discovered in 2025 alone - that's 2.5 new vulnerabilities every day. This represents a 60% increase since the start of 2024, and a growth rate that's 20 times faster than traditional threats over the last 15 years.
Bitdefender Exposes Hidden Attack Surface in Trusted Tools
Did you know that 84% of high-severity incidents involve the abuse of trusted tools, making them nearly invisible to traditional security measures? This shocking statistic highlights the alarming ease with which attackers can hide in plain sight, using legitimate tools against you.
Microsoft Introduces Automated Windows Driver Rollback Feature
Microsoft's new Cloud-Initiated Driver Recovery feature lets them swiftly roll back faulty Windows drivers, so you don't have to - no more manual uninstalls or waiting for an updated driver from the hardware partner. This means your device can quickly get back on track with a reliable driver.
Microsoft Warns of Severe Zero-Day Flaw in On-Prem Exchange Servers
Microsoft just sounded the alarm on a severe zero-day flaw in on-prem Exchange servers, warning that a high-severity vulnerability could let attackers send malicious code to victims via specially crafted emails. This flaw, tracked as CVE-2026-42897, has already been automatically mitigated if the EM Service is enabled, which it is by default.
ODNI Bolsters Election Security with New Coordination Leaders
The Office of the Director of National Intelligence (ODNI) has appointed two new leaders, Dave Mastro and James Cangialosi, to spearhead efforts to safeguard the 2026 midterm elections from threats. This move bolsters the ODNI's team of experts dedicated to protecting election integrity.
Australia Faces Battle for Access to Powerful Frontier AI Models
As countries like Australia scramble to access cutting-edge AI models, a harsh reality sets in: national security will take precedence, and access can't be taken for granted. It's time for Australia to develop a plan to stay ahead in the AI game.
US Army Expands Drone Warfare Experiments with Larger Operations
The US Army is taking drone warfare to the next level with larger, more complex experiments, like Project Flytrap 5.0 in Lithuania, where troops from multiple nations teamed up to integrate drone tech with traditional combat tactics. This latest exercise tested over 20 new systems, pushing the boundaries of modern warfare.
Pentagon Pushes Back on $1.2 Trillion Missile Defense Estimate
The Space Force is pushing back on a staggering $1.2 trillion price tag for its Golden Dome missile-defense system, with Gen. Michael Guetlein saying the Congressional Budget Office's estimate doesn't match the architecture they're building. The disputed cost has sparked a heated debate over the program's true price.
OpenAI Disrupted in TanStack npm Supply Chain Breach
Malicious packages have rocked the TanStack npm supply chain, with 84 tainted versions of 42 @tanstack/* packages published, drawing OpenAI into the crisis and prompting urgent action to secure its systems. The AI company has confirmed that attackers compromised two employee devices, stealing credentials and forcing a reset across multiple desktop products.
UK MPs Urge Tougher Social Media Safety Rules
The UK's parliamentary committee is sounding the alarm, warning that current social media safety rules are failing children and urging a tougher approach to protect them from online harm. It's time to treat social media like "unsafe toys," not harmless apps, and take action to keep kids safe.
China-Linked Hackers Deploy TencShell Malware Against Global Manufacturer
In a clever move, China-linked hackers adapted existing malware tools to create TencShell, using it to launch a stealthy attack on a global manufacturer's Indian site. Fortunately, researchers at Cato Networks' Cyber Threats Research Lab were able to block the intrusion and uncover the sophisticated tactics used.
Microsoft Exchange Servers Targeted by Active CVE-2026-42897 Exploit
Microsoft warns of a high-severity vulnerability, CVE-2026-42897, in its Exchange Servers, allowing attackers to spoof network communications via a cleverly crafted email. This cross-site scripting flaw has been actively exploited, earning a concerning CVSS score of 8.1.
CISA Flags Cisco SD-WAN Vulnerability as Exploited
CISA has flagged a critical Cisco SD-WAN vulnerability, CVE-2026-20182, as exploited, giving federal agencies until May 17, 2026, to patch the authentication bypass flaw that could grant hackers administrative privileges. This vulnerability, scoring 10.0 on the CVSS scale, is now a top priority for remediation.
US Approves AI Chip Sales to China, Sparking Security Fears
The US has greenlit the sale of AI chips to China, with around 10 Chinese firms cleared to buy Nvidia's H200 chips, sparking concerns about national security and the rapidly evolving AI landscape. Treasury Secretary Scott Bessent hinted at upcoming discussions with China on implementing AI safeguards.
Ransomware Gang Targets Canvas, Exposes Student Data Risks
A ransomware gang claimed to have stolen data from 275 million students, teachers, and staff, but Instructure, the company behind Canvas, says it's reached a deal with the hackers and has digital proof that the data has been destroyed. But can we really trust that the threat has passed?
TeamPCP hackers target Mistral AI code repos for sale
Hackers from TeamPCP are demanding $25,000 for nearly 5 gigabytes of stolen Mistral AI code, threatening to leak it for free if they don't find a buyer within a week. The group claims to have snagged around 450 internal repositories, including sensitive source code used for training and model delivery.
Air Force Stabilizes B-52 Modernization After Cost Spikes, Delays
The Air Force has successfully stabilized the cost and schedule of the B-52 modernization program, bringing months of turbulence to a close, according to William Bailey, performing the duties of the Air Force's acquisition czar.