Tag: emerging threats
3093 articles
Instructure Breach Exposes 280 Million Records from 8,800 Educational Institutions
A massive data breach at Instructure has put the sensitive information of 280 million students, teachers, and staff from 8,800 educational institutions at risk, with the ShinyHunters extortion gang claiming responsibility for the attack. The stolen records include data from colleges, school districts, and online education platforms that use Canvas.
CISOs Confront Growing Skills Gap in Cybersecurity Teams
A growing concern for CISOs is the widening skills gap in their cybersecurity teams, with 60% citing a lack of skilled staff as a bigger challenge than filling vacant positions. The right people with the right skills are proving harder to find than more bodies to fill open roles.
Hybrid Crypto Gains Traction in Quantum-Safe Security Push
By combining post-quantum cryptography and quantum key distribution, hybrid crypto approaches provide a robust security solution that protects systems even if one layer is compromised. This layered defense offsets the weaknesses of each, ensuring a stronger safeguard against emerging quantum threats.
Breach Readiness Lags as Identities Become Prime Attack Surface
To stay ahead of threats, organizations must move beyond generic risk assessments and instead focus on tailored risk management, taking into account the unique business context and technical severity of potential breaches. By doing so, they can harden identity controls, improve governance, and build a stronger defense against cyber attacks.
CISA Launches CI Fortify to Bolster Critical Infrastructure Resilience
CISA has launched CI Fortify, a groundbreaking initiative that empowers critical infrastructure providers to bolster their defenses and ensure uninterrupted delivery of essential services, even in the face of cyber threats. By investing in resilience measures now, infrastructure owners and operators can safeguard against operational gaps and maintain business continuity during periods of cyber duress.
Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack
If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to protect your organization.
Securing AI Adoption Requires New Risk Oversight Approach
As AI adoption accelerates, organizations are essentially onboarding fast-moving digital colleagues that require a new risk oversight approach - one that acknowledges their unique behavior and risk profile, which differs significantly from human workers. Traditional human-centric controls may not be enough to secure this new digital perimeter.
Phishing Campaign Targets 35,000 Users in 2 Days
In just 48 hours, a massive phishing campaign hit over 35,000 users across 13,000 organizations in 26 countries, with nearly 1 in 5 targets in the healthcare and life sciences sector. The alarming attack highlights the speed and scale of modern phishing operations.
AI Models Reach Hacking Parity, But Reasoning Falters
The AI hacking landscape has reached a major milestone: two top AI models, GPT-5.5 and Anthropic's Mythos Preview, have demonstrated nearly identical capabilities in a rigorous 95-task cybersecurity evaluation, with scores of 71.4% and 68.6% respectively. This parity marks a significant tipping point in the development of AI-powered hacking tools.
European Lawmakers Urge Swift Action on AI-Driven Cybersecurity Threats
European lawmakers are sounding the alarm, warning that Europe is unprepared for the growing threat of AI-driven cybersecurity attacks and urging swift action to defend against them. They've pressed the European Commission for rapid action, citing the alarming capabilities of advanced AI models like Anthropic's Mythos.
Taiwan Railway Hack Exposes Vulnerabilities in TETRA System
A clever 23-year-old hacker brought Taiwan's high-speed rail to a standstill for 48 minutes by exploiting a shocking weakness in the TETRA system, used to coordinate critical communications. Using just a few pieces of easily-bought equipment, the attacker sent a fake "General Alarm" signal that was treated as the real deal.
Former NASA Chief Jim Bridenstine Steers Quantum Space Toward National Security Orbit
Quantum Space is taking a giant leap forward with Jim Bridenstine at the helm, poised to propel the company into a new era of growth and innovation in national security and space exploration. As the former NASA chief and newly appointed CEO, Bridenstine is set to lead Quantum Space as spending on space defense and exploration accelerates.
NATO Faces AI Interoperability Challenge in Geospatial Intel Sharing
NATO is facing a pressing challenge: can it establish common AI standards before the technology advances beyond its frameworks? Maj. Gen. Paul Lynch warns that decades of experience in areas like air defense and data formats may not be enough to keep pace with AI's rapid evolution.
Turkey Unveils Swath of One-Way Attack Drones, Naval Systems
Turkish defense tech giant Aselsan has unveiled a game-changing lineup of one-way attack drones and naval systems, pushing the boundaries of autonomy and operational flexibility. The innovative TUFAN and KILIC systems are set to revolutionize naval capabilities, enabling advanced intelligence, surveillance, and strike operations.
Kaspersky Uncovers DAEMON Tools Supply Chain Attack
Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.
US Bolsters Maritime Security with Hormuz Escort Operation
The US has launched Project Freedom, a temporary escort operation through the Strait of Hormuz, to safeguard commercial ships and ensure the free flow of global trade. Dubbed a "powerful red, white and blue dome" by Defense Secretary Pete Hegseth, this defensive initiative aims to protect vessels navigating the critical waterway.
Turkey Unveils Neşter Precision Munition with Bladed Design
Meet Neşter, a game-changing precision munition that's redefining surgical strikes with its unique bladed design, allowing for pinpoint accuracy and controlled neutralization of targets with minimal collateral damage. This Turkish innovation is set to revolutionize the defense industry with its cutting-edge technology.
Apache HTTP Server Flaw Enables DoS and Potential RCE Attacks
A critical flaw in the Apache HTTP Server, known as CVE-2026-23918, can be exploited to launch devastating denial-of-service (DoS) and potential remote code execution (RCE) attacks, putting your online security at risk. This high-severity bug has been patched in Apache HTTP Server version 2.4.67, so updating is crucial to prevent attacks.
Latvian Hacker Sentenced for Role in Former Conti Leaders' Ransomware Extortion Scheme
A Latvian hacker has been sentenced to 8.5 years in federal prison for his role in a massive ransomware extortion scheme that targeted over 54 companies, causing hundreds of millions of dollars in losses. Deniss Zolotarjovs, 35, helped former Conti leaders extort payments from victims over a two-year period.
Army Hosts Hackathons to Integrate Dozens of Military Systems
The Army is shaking things up with a series of hackathons called "Right to Integrate," where vendors will gather for a one-day brainstorming session to make their software and systems more compatible, with the goal of integrating dozens of military systems for seamless communication and data sharing. This move aims to give the Army a game-changing edge on the battlefield by enabling its systems, weapons, and sensors to talk to each other like never before.
Microsoft Uncovers Large-Scale Phishing Campaign Using Fake Compliance Emails
In just 48 hours, a massive phishing campaign targeted over 35,000 users across 13,000 organizations in 26 countries, using convincing fake compliance emails to steal login credentials. The sophisticated attack, detected by Microsoft's Defender Research team, hit US firms hard, but its global reach was widespread.
China-Linked UAT-8302 Exploits Shared Malware to Target Global Governments
Meet UAT-8302, a sophisticated China-linked threat group that's been secretly targeting governments worldwide, deploying custom malware to infiltrate and gather intel. Its recent attacks have hit government entities in South America and southeastern Europe, raising global cybersecurity concerns.
Stalkerware Breach Exposes Risks for Executives
A shocking stalkerware breach has exposed a treasure trove of sensitive information, including 86,859 images - seemingly screenshots from a single victim's device - used to secretly stalk a high-profile European entrepreneur and media personality. The alarming leak highlights the very real risks executives face in the digital age.
ScarCruft APT Exploits Yanbian Gaming Platform for Intelligence Gathering
Meet ScarCruft, a notorious North Korea-aligned espionage group that's been caught exploiting a popular gaming platform in China to gather intel on its users. The group trojanized a site serving traditional Yanbian-themed games, compromising both Windows and Android software.