Tag: emerging threats
3089 articles
CISA's Election Security Support Plummets Ahead of Midterms
As the midterms approach, Senator Mark Warner is sounding the alarm on a concerning decline in federal election security support, warning that states can't go it alone in protecting their elections from growing physical and cyber threats. Without robust federal backing, states are left vulnerable to attacks, despite their best efforts to safeguard the democratic process.
US Duo Sentenced for Hosting Laptop Farms for North Korean IT Workers
The FBI, along with its partners, is cracking down on North Korea's efforts to evade sanctions and fund its regime, with two US nationals recently sentenced to 18 months in prison for running laptop farms that enabled North Korean IT workers to operate remotely. The duo, Matthew Issac Knoot and Erick Ntekereze Prince, were also ordered to pay restitution and forfeit gains made from their scheme.
Woot-Tech Unveils SHARDS Infantry-Portable Drone Swarm System
Imagine being able to unleash a devastating, synchronized attack with just the push of a button - Woot-Tech's SHARDS drone swarm system makes it possible, allowing one person to deploy a fleet of mini drones that can overwhelm targets with a thousand tiny, lethal strikes. This game-changing tech lets a single operator command a swarm of expendable drones with simple, intuitive commands.
Pentagon Disrupts AI Vendor Lock-in with Multi-Provider Deals
The Pentagon is shaking up its AI strategy, ditching the single-vendor approach and embracing a multi-provider model to ensure seamless integration with classified systems. This bold move follows a hard-won lesson: relying on one AI vendor just won't cut it.
Congress Weighs Defense Spending Boost Amid Budget Reconciliation Talks
The White House is pushing for a massive $1.5 trillion defense budget, sparking a heated debate on Capitol Hill over how to make it happen. Lawmakers are now racing to find a legislative route to deliver on this hefty request, with the Pentagon's final funding hanging in the balance.
China's PLAN Nears Addition of Advanced Type 052DL Destroyer
Get ready for a major boost to China's naval power: the Type 052DL destroyer, also known as the Extended Mod class, is expected to join the People's Liberation Army Navy (PLAN) by the end of 2026. Recent photos from Dalian Shipyard show the advanced warship nearing completion.
Ivanti Discloses Actively Exploited Zero-Day in Endpoint Manager
Ivanti has confirmed that hackers are actively exploiting a zero-day vulnerability, CVE-2026-6973, in its Endpoint Manager Mobile (EPMM) software, allowing them to run code remotely with administrative privileges. The company has issued patches for this and four other EPMM flaws to protect its customers.
Space Force Scrambles to Expand Launch Capacity Amid Rocket Surge
The Space Force is racing to boost its launch capacity as rocket missions skyrocket, with a staggering surge from 36 launches in 2021 to over 200 planned for this year from just two primary sites. With demand showing no signs of slowing, the service is scrambling to keep pace.
China Sentences Ex-Defense Ministers to Death With Reprieve
China has taken a drastic step in its anti-corruption campaign, sentencing two former defense ministers, Wei Fenghe and Li Shangfu, to death with a two-year reprieve for accepting and exchanging bribes. This severe punishment marks a significant escalation in the country's efforts to crack down on corruption within the People's Liberation Army.
US Strikes Iranian Targets in Strait of Hormuz Retaliation
Tensions escalate in the Strait of Hormuz as the US launches retaliatory strikes on Iranian targets, sparking a flurry of competing claims from Iranian state and semi-official outlets about the extent of the damage. Explosions have been reported in southern Iran, with allegations of attacks on key ports including Bahman Qeshm pier and Bandar Abbas.
US Agencies Deploy Biometric Glasses, Sparking Surveillance Fears
Imagine a pair of smart glasses that can scan faces and instantly match them to records in multiple federal databases, raising serious concerns about surveillance and personal privacy. This technology, powered by facial recognition and other biometric signals, has sparked fears about the potential for real-time identification and the reliability of database records.
Pentagon Sees AI Tools Boosting Cyber Defense Capabilities
The Pentagon is banking on AI tools to supercharge its cyber defense capabilities, with Assistant Secretary for Cyber Policy Katherine Sutton touting their potential to develop secure code in minutes to seconds. This revolutionary speed could transform the current defensive posture, outpacing threats and safeguarding against vulnerabilities at unprecedented rates.
Mozilla Reveals AI-Powered Bug Detection Boosts Firefox Security Fixes
Mozilla's April bug cull was massive, with 423 Firefox security fixes - a whopping five times more than the previous month and 20 times the usual monthly average, thanks in part to a boost from AI-powered bug detection. This huge spike in repairs is a testament to the power of innovative technology in keeping Firefox users safe and secure.
ShinyHunters Breach Exposes 330 Colleges in Canvas Hack
The notorious ShinyHunters gang has breached Instructure's Canvas, exposing a staggering 330 colleges to a devastating hack, and issued a chilling ultimatum with a May 2026 deadline to negotiate. The attackers replaced login pages with an extortion message, demanding schools seek cyber advisory help and secretly reach out to settle.
TCLBanker Malware Spreads Rapidly via WhatsApp, Outlook
Beware of a rapidly spreading malware, TCLBanker, that's infecting 59 major banking, fintech, and cryptocurrency platforms through sneaky WhatsApp and Outlook attacks. This sneaky trojan uses a fake Logitech AI Prompt Builder installer to wreak havoc on your digital security.
Pentagon Moves to Diversify Frontier AI Suppliers Amid Anthropic Dispute
The Pentagon is shaking things up by diversifying its frontier AI suppliers, vowing to never again rely on just one vendor for advanced artificial intelligence systems. This move comes after a public pledge from Under Secretary of Defense Emil Michael to break free from a single-provider dependency.
Microsoft Edge Exposes Saved Passwords in Plaintext
Microsoft Edge's password management has a concerning vulnerability: it loads all saved passwords into browser memory in plaintext at startup, making it easier for hackers to steal credentials on compromised systems. This is in stark contrast to other Chromium-based browsers like Google Chrome and Brave, which only decrypt passwords when needed.
Anthropic's AI Tool Exposes to One-Click Remote Code Execution Risk
A single click on Claude Code's generic dialog can unleash a major security risk, allowing an unsandboxed Node.js process to spawn with full user privileges. This vulnerability can be exploited using just two common JSON files, putting developers at risk of one-click remote code execution.
Firewalls Evolve to Bolster Zero Trust, Cloud Security
As organisations navigate the complexities of multi-cloud estates, modern cloud firewalls are emerging as a crucial linchpin for reclaiming coherent security controls and mastering cloud networking. They're not old tech, but a vital tool for cloud architects and security pros to enforce robust, zero-trust security across multiple providers.
PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems
Meet PCPJack, a sneaky credential stealer that's exploiting vulnerabilities to spread rapidly across cloud systems, swiping sensitive info from services like cloud, finance, and productivity tools. Its operators are after one thing: illicit financial gain.
Ivanti EPMM Flaw Exploited, Grants Admin-Level Access
A critical flaw in Ivanti's Endpoint Manager Mobile (EPMM) has been exploited, allowing attackers to gain admin-level access - and the government is taking swift action to mitigate the threat. Federal agencies are now required to remediate the vulnerability, known as CVE-2026-6973, by May 10, 2026.
PCPJack Worm Targets Cloud Infrastructure, Steals Credentials
A fresh malware campaign, dubbed PCPJack, is targeting cloud infrastructure, stealing credentials and wreaking havoc on Linux-based systems with a sophisticated framework that installs hidden working directories and establishes persistence. This alarming attack bears striking similarities to earlier TeamPCP/PCPCat campaigns, raising concerns about its potential impact.
Breach Response Requires Sustained Control
When a cyber breach hits, the decisions made in the first few days can have a lasting impact, setting the stage for years of consequences - and it's not just about fixing the tech, but also about the legal and communication choices that are made early on. In fact, a single incident can generate a ripple effect of legal, regulatory, and reputational consequences that persist for years.
Australia Warns of ClickFix Malware Attacks Spreading Vidar Stealer
Beware of ClickFix malware attacks that trick you into executing commands, allowing hackers to bypass security and steal your info. The Australian Cyber Security Center has warned of a new campaign using WordPress-hosted sites to spread the Vidar Stealer malware.