Tag: emerging threats
3104 articles
Cybersecurity Experts Imprisoned for Ransomware Extortion Scheme
Two American cybersecurity experts, Ryan Goldberg and Kevin Martin, have been sentenced to prison for their roles in a brazen 2023 ransomware campaign that targeted companies across the United States. Their crimes have brought to light the severe consequences of cyberattacks and the importance of protecting businesses from such threats.
AI-BOMs Tackle Shadow AI Risks in Enterprise Supply Chains
Imagine biting into a cake without knowing the recipe, ingredients, or who's behind the baking - it's a risk you wouldn't take, right? Similarly, without AI-BOMs, enterprises are left in the dark about the AI components powering their supply chains, leaving them vulnerable to shadow AI risks.
Fraudsters Target Credit Unions with Structured Loan Scams
Fraudsters are now targeting credit unions with sophisticated loan scams, using stolen identities and social engineering to exploit lending workflows. In fact, auto lending fraud exposure is expected to hit $9.2 billion by 2025, making it a lucrative target for these scammers.
Progress Warns of MOVEit Automation Authentication Bypass Flaw
Progress Software has patched a critical authentication-bypass flaw in its MOVEit Automation product, and is strongly urging users to upgrade to the latest version to avoid low-complexity attacks by remote threat actors. Upgrading to version 2025.1.5, 2025.0.9, or 2024.1.8 and above will fix the vulnerability.
Silver Fox Targets India, Russia with ABCDoor Malware via Tax Phishing
Meet Silver Fox, a China-based cybercrime group that's using tax phishing scams to deliver a sneaky new malware called ABCDoor, targeting India and Russia with cleverly crafted emails that masquerade as official tax notices. The group's tactics involve PDFs with links to infected archives, tricking victims into downloading the malware.
AI-Assisted Attacks Surge as Barrier to Entry Drops
A 17-year-old with no coding experience was recently arrested for hacking into Kaikatsu Club and stealing 7 million users' personal data - his motive? To fund his Pokémon card habit. This shocking case highlights a disturbing trend: nontechnical individuals are now using AI-powered tools to launch devastating cyberattacks.
CISA Warns of Active Linux Exploit
A newly discovered Linux kernel bug, dubbed "Copy Fail," allows unprivileged users to gain root privileges on unpatched systems, prompting urgent warnings from CISA and researchers. If your Linux system was built between 2017 and the recent patch, you're at risk - and need to act fast to protect yourself.
cPanel Vulnerability Exploited to Target Gov't, MSP Networks
A critical cPanel vulnerability, CVE-2026-41940, is being actively exploited by attackers to bypass authentication and gain control of government, military, MSP, and hosting provider networks. This alarming threat uses hard-coded credentials and cleverly defeats CAPTCHA protections to wreak havoc on vulnerable systems.
Microsoft Updates Disrupt Third-Party Backup Apps on Windows
Microsoft's latest Windows security update has caused disruptions to third-party backup apps, adding a vulnerable kernel driver to its blocklist to protect users from potential exploits. This change aims to prevent attackers from escalating privileges or executing arbitrary code, but has unfortunately caused failures in some backup products.
Voter Data Exposes Personal Info to Potential Abuse
Your voter data is at risk of being exposed and used against you, with publicly available registration files potentially revealing sensitive information about you and your family. Even redacted files can be easily linked to other public datasets, making it simple for employers, fraud rings, or others to access your personal info.
Global Crackdown Targets Crypto Scam Centers, Arrests 276
In a major global crackdown, authorities have arrested 276 suspects and shut down nine cryptocurrency scam centers, dealing a significant blow to fraudsters targeting Americans from abroad. This coordinated effort, led by Dubai Police and involving the FBI and China's Ministry of Public Security, sends a clear message: scammers can't hide from the law, no matter where they are in the world.
Pakistan Accelerates Multi-Domain Defence Build-Up
Pakistan is rapidly bolstering its defence capabilities, with recent milestones including the launch of its fifth dedicated remote-sensing satellite and the commissioning of the advanced Hangor-class submarine, PNS/M Hangor, marking a return to long-endurance submarine operations. This strategic boost is set to significantly enhance the country's naval prowess.
Israel Bolsters Air Force with F-15IA and F-35I Squadrons
Israel's air defense is taking a massive leap forward with the government's approval of not one, but two cutting-edge fighter squadrons - the F-15IA and F-35I Adir - set to bolster the Israeli Air Force like never before. Prime Minister Benjamin Netanyahu proudly declared, "Israel is stronger than ever, and Israel must always be significantly stronger than our enemies."
Iran's Shahed Drone Imposes Cost-Exchange Crisis on US Air Defences
Iran's massive production of Shahed drones, potentially reaching 400-500 units monthly, has transformed these once-nuisance weapons into a game-changing force that could redefine the US-Iran conflict. With Iranian and Russian facilities churning out over 200 units per month, the US air defenses now face a daunting cost-exchange crisis.
Japan Emerges as Risk Mitigator in AUKUS Submarine Deal
Japan may not be joining the AUKUS submarine deal, but a new report suggests it could be the key to helping Australia avoid a critical capability gap. By playing a strategic role, Japan can help mitigate risks in the AUKUS Optimal Pathway, widely considered the best defence mechanism for the partner nations.
China's ZTZ100 Tank Exposes Modernized Battlefield Capabilities
New field photographs of China's ZTZ100 main battle tank have confirmed that it operates with a lean and efficient three-man crew. This verified detail offers a glimpse into the modernized battlefield capabilities of China's advanced tank.
US Airstrikes Expose Limits of American Power Against Iran
Within days of the US and Israel launching a massive air campaign against Iran, the scale of Iran's retaliation - over 500 ballistic missiles and 2,000 drones - dramatically reshaped the war's trajectory. The initial barrage of 900 strikes in just 12 hours, targeting military sites, nuclear facilities, and top officials, came at a staggering $3.7 billion cost in the first 100 hours alone.
Grain Markets Expose National Security Fault Lines
Discover how global conflicts, from World War I to today, have exposed the shocking vulnerabilities of grain markets and national security, revealing the high stakes of protecting our food supply. Maritime chokepoints like the Dardanelles and Strait of Hormuz have repeatedly put grain supplies at risk, highlighting the urgent need for secure agricultural supply chains.
Five Eyes Agencies Warn of Agentic AI Risks, Urge Cautious Adoption
As agentic AI systems increasingly power critical infrastructure and defense sectors, Five Eyes agencies are sounding the alarm on the need for careful security planning to mitigate potential risks. They're urging a slow and cautious approach to adopting this powerful technology.
Instructure Breach Exposes Data of 275 Million Users
A recent data breach at Instructure, the company behind Canvas, has compromised the sensitive information of 275 million users, including names, email addresses, student ID numbers, and private messages. The company is actively investigating the incident with cybersecurity experts and law enforcement.
Microsoft Defender Flags DigiCert Certificates as Malware in False Positives
Microsoft Defender's recent signature update mistakenly flagged legitimate DigiCert root certificates as malware, causing widespread alerts and removal of the certificates, and even prompting some users to reinstall Windows. DigiCert quickly revoked the affected certificates within 24 hours of discovery, minimizing the impact.
Shield AI Unveils Upgraded X-BAT Stealth Drone Ahead of VTOL Tests
Meet the X-BAT, a game-changing, jet-powered stealth drone that's poised to revolutionize the drone market with its autonomous capabilities and vertical takeoff and landing technology. Shield AI's latest unveiling promises to blur the lines between advanced drones and crewed fighters.
Telegram Abused for Crypto Scams and Android Malware Delivery
Researchers uncovered a massive scam operation, dubbed FEMITBOT, that uses Telegram's Mini Apps to spread fake crypto platforms, brand impersonations, and Android malware, with a single API string tying it all together. Victims are lured in with a convincing, app-like interface that tricks them into divulging sensitive info.
CISA Warns of Actively Exploited Linux Root Access Bug
A nine-year-old Linux kernel bug, known as Copy Fail, is being actively exploited in the wild, allowing unprivileged users to gain root access with a simple 732-byte Python-based exploit. The Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, warning of potential security risks.