Tag: emerging threats
3091 articles
CloudZ RAT Exploits Windows Phone Link for Credential Theft
Cyber attackers have cleverly exploited the Microsoft Phone Link feature to steal sensitive credentials and one-time passwords, all without needing to infect mobile devices with malware. By targeting this built-in Windows application, hackers can access synced phone data and extract valuable information.
India Issues Infosec Alert as Mythos Threat Looms
India's securities regulator is sounding the alarm on a looming cybersecurity threat, warning market players to bolster their defenses and get ahead of AI-powered attacks. With the Mythos threat on the horizon, it's crucial to develop new strategies and solidify cyber-basics to stay safe.
Google Bolsters Android App Security with Public Verification Ledger
Google is stepping up its game to keep your Android apps safe with a new public verification ledger that ensures the Google apps on your device are genuine and exactly as intended. This move builds on its Pixel Binary Transparency feature, now expanding it to all Android production apps.
Palo Alto Networks Firewalls Targeted in Zero-Day Exploits
Palo Alto Networks firewalls are under attack by zero-day exploits targeting a vulnerability in the User-ID Authentication Portal, allowing hackers to execute malicious code with root privileges. This buffer overflow flaw, tracked as CVE-2026-0300, poses a significant risk to organizations with Internet-exposed firewalls.
UK Workers Sell Corporate Logins, Exposing Firms to Cybercrime
One in eight UK employees at large firms have sold or know someone who has sold corporate logins in the past year, a shocking trend that puts companies at risk of cybercrime. Alarming still, many justify this risky behaviour, with senior executives being more likely to think selling credentials is acceptable.
Palo Alto Networks Flaw Exploited for Remote Code Execution
A critical vulnerability in Palo Alto Networks' PAN-OS software has been exploited, allowing hackers to execute malicious code with root privileges on firewalls - and all it takes is a few specially crafted packets. This buffer overflow flaw, tracked as CVE-2026-0300, puts PA-Series and VM-Series firewalls at risk of remote code execution attacks.
US Navy to Test At-Sea Rearming of Warships on Unused Sea Base Ship
The US Navy is set to revolutionize its naval operations with a game-changing at-sea rearming test on the USNS Montford Point, aiming to develop a cost-effective solution for replenishing warships at sea. This ambitious project, funded with $177.7 million, could transform the way the Navy operates, making its vessels more agile and self-sufficient.
Australia's Defence AI Policy Threatens Cognitive EW Capabilities
Imagine a scenario where just 10 low-cost drones can render two battalions combat-ineffective in a matter of hours - a reality brought to life in recent NATO exercises where Ukrainian-led forces outsmarted and outmaneuvered their opponents using cheap, clever technology.
Pakistan Overhauls Strike Doctrine with ISTAR-Driven Precision
Pakistan's military strategy got a major wake-up call in 2019 and again in May 2025, when India rapidly escalated and struck urban targets, forcing Islamabad to rethink its approach to modern warfare. The shocking shift in tactics sparked a bold overhaul of Pakistan's strike doctrine, embracing precision and speed to stay ahead in future conflicts.
US Military Develops Compact AIM-9X Sidewinder for Stealth Aircraft
The US military is advancing its stealth aircraft capabilities with the compact AIM-9X Sidewinder missile, designed for internal carriage on advanced aircraft with enhanced performance. The Navy has allocated $83.3 million in its Fiscal Year 2027 budget request to develop this cutting-edge technology.
CISA Taps AI Automation to Bolster Threat Analysis Capabilities
With AI automation, CISA analysts can quickly sift through threats, cutting through the noise to focus on what matters most. This tech boost has supercharged their Security Operations Unit, enabling rapid, real-time assessments that help prevent threats from unfolding.
Iran Launches Fresh Attacks on UAE Amid Fragile Ceasefire
Tensions escalate as Iran launches a fresh wave of missile and drone attacks on the UAE, prompting the country's air defense systems to spring into action and intercept the incoming threats. The UAE Defense Ministry confirmed the attacks, but the extent of the damage remains unclear.
Japan Shifts Defense Export Strategy with Philippines Deal
Japan is taking a significant leap in its defense export strategy with a groundbreaking deal with the Philippines, aiming to fast-track the export of advanced destroyer escorts through bilateral working-level consultations. This move follows the establishment of a joint working group by Japanese Defense Minister Koizumi Shinjiro and Philippine Defense Secretary Gilberto Teodoro to facilitate the transfer of Maritime Self-Defense Force equipment.
Linux Flaw Exposes Millions to Local Privilege Escalation
A critical Linux flaw, known as Copy Fail, has been discovered, exposing millions to potential local privilege escalation attacks - a vulnerability that highlights a deterministic logic error in the Linux kernel's cryptographic subsystem. This flaw, tracked as CVE-2026-31431, was publicly disclosed on April 29, 2026.
Australia, Japan Forge Deterent Against China's Regional Ambitions
The 2026 National Defence Strategy makes it clear: a strong balance of military power in the Indo-Pacific requires not just the US, but also load-bearing partnerships like the one between Australia and Japan. By teaming up, Australia aims to become more self-reliant and counter China's growing regional ambitions.
Pakistan's High-Tech Defence Strategy Exposes Institutional Gap
Pakistan's defence strategy has a glaring gap - despite boasting impressive tech advancements like the Army Rocket Force Command and satellite systems, its ability to effectively utilize these tools in battle remains uncertain. A stark example of this shortfall is the 42 PAF fighters that successfully held off 72 IAF aircraft during a recent conflict.
CISA Urges Infrastructure Operators to Plan for Extended Isolation
To stay ahead of potential disruptions, critical infrastructure operators must plan for extended isolation - and CISA's CI Fortify initiative is here to help, offering targeted assessments and operational planning to keep essential services running smoothly.
DarkSword Malware Targets iOS with Sophisticated Exploit Chain
Meet DarkSword, a sneaky malware that's been targeting iOS devices with a sophisticated exploit chain, leveraging six different vulnerabilities to deploy its final-stage payloads across iOS versions 18.4 through 18.7. Google Threat Intelligence Group has tracked its use back to November 2025, with multiple actors - from commercial vendors to suspected state-sponsored operators - employing it to compromise devices.
China Bolsters SAR Capabilities with Russian Helicopters
China's search and rescue capabilities just got a major boost with the addition of Russian-exported Mi-171Sh helicopters to the 3rd Transportation and SAR Brigade, enabling them to tackle high-risk missions in rugged terrain with greater ease. The brigade has already put the new helicopters to the test in a series of high-profile exercises, including a recent simulation of recovering a downed pilot in high-altitude desert terrain.
FTC Settlement Forces Kochava to Curb Location Data Sales
Big changes are coming for Kochava, a data broker that allegedly sold precise location data from hundreds of millions of smartphones without consent - under a proposed FTC settlement, they'll need to get explicit permission from consumers before sharing their sensitive info. This move could mark a major shift in how companies handle location data sales.
Quasar Linux Malware Targets Developers with Stealthy Implant
Meet Quasar Linux, a sneaky new malware targeting developers with a potent blend of stealth, persistence, and credential theft capabilities that can compromise software supply chains. This Linux implant is quietly infiltrating dev and DevOps environments, putting cloud toolchains at risk.
BlueVoyant Targets Mature SOCs with AI-Powered SaaS Platform
BlueVoyant's innovative SaaS platform harnesses the power of AI to supercharge security operations, empowering teams to defend customers faster and more effectively. This cutting-edge technology also offers a standalone solution for companies seeking to elevate their SOC capabilities.
Instructure Breach Exposes 280 Million Records from 8,800 Educational Institutions
A massive data breach at Instructure has put the sensitive information of 280 million students, teachers, and staff from 8,800 educational institutions at risk, with the ShinyHunters extortion gang claiming responsibility for the attack. The stolen records include data from colleges, school districts, and online education platforms that use Canvas.
CISOs Confront Growing Skills Gap in Cybersecurity Teams
A growing concern for CISOs is the widening skills gap in their cybersecurity teams, with 60% citing a lack of skilled staff as a bigger challenge than filling vacant positions. The right people with the right skills are proving harder to find than more bodies to fill open roles.