Tag: emerging threats
3111 articles
FBI Warns of Surging Cyber-Enabled Cargo Theft Attacks
The FBI is sounding the alarm on a surge in cyber-enabled cargo theft, where sophisticated hackers impersonate legitimate businesses to hijack high-value shipments and reroute deliveries. With nearly $725 million in losses in 2025 alone, this growing threat is costing businesses big time.
Ukraine Arrests Hackers Behind 610,000 Roblox Account Breach
Ukrainian authorities have cracked down on a group of hackers responsible for breaching over 610,000 Roblox accounts in a months-long phishing scam that harvested credentials and tokens. The stolen access was used to snag in-game items and Robux, Roblox's virtual currency.
AI-Driven Cybercrime Fuels 389% Surge in Ransomware Victims
Get ready for a wake-up call: ransomware victims have skyrocketed by 389% in just one year, thanks to cybercriminals harnessing the power of AI to launch more sophisticated attacks. This alarming trend is driven by the growing availability of malicious AI tools, making it easier for hackers to wreak havoc.
Linux Flaw Exposes Root-Level Access Across Major Distros
A newly discovered Linux flaw, nicknamed "Copy Fail," allows unprivileged users to gain root-level access to major distributions, putting countless systems at risk. This vulnerability, which involves a temporary write of just four bytes during a crypto operation, can be exploited by attackers to take full control of an operating system.
Microsoft Update Disrupts Backup Software on Windows 11
Beware: the latest Windows 11 update, KB5083769, is causing backup software to fail on systems running versions 24H2 and 25H2 by triggering Volume Shadow Copy Service (VSS) timeouts. This disruption can lead to frustrating backup failures, affecting users of popular software like Acronis.
Python Backdoor Evades Detection on Windows with Advanced Evasion Techniques
Meet Deep#Door, a sneaky Python-based backdoor framework that hides its malicious payload inside a batch dropper, making it super hard to detect on Windows systems. By embedding its code, it dodges network-based detection and slips into restricted environments with ease.
Attackers Target New Assets Within Minutes of Exposure
The moment a new asset goes live with a public IP address, the clock starts ticking - and within minutes, attackers are circling, waiting to pounce on unsuspecting targets. In just 24 hours, a newly exposed asset can go from discovery to compromise, with threat actors exploiting vulnerabilities at an alarming rate.
Cyberattacks Expose 1.8M RDP Servers Online
A shocking 1.8 million RDP servers are currently vulnerable to cyberattacks, leaving them open to exploitation by opportunistic hackers. Canadian authorities have also cracked down on SMS blaster phishing, arresting three men and seizing a device that sent fake texts to unsuspecting phones.
US Agencies Issue Zero Trust Guidance for OT Security
US government agencies have just released a game-changing guide to help protect critical infrastructure systems with practical, layered security strategies. The new zero-trust guidance provides a tailored approach for operational technology environments, balancing safety and uptime needs with robust security measures.
Linux Flaw Exposes Major Distros to Root Access
Meet CVE-2026-31431, aka "Copy Fail," a newly discovered Linux flaw that leaves major distros vulnerable to root access - and it's surprisingly easy to exploit, affecting a wide range of systems from 2017 to 2026.
GitHub Facades Used to Disguise EtherRAT Malware Distribution
Malicious actors have been using 44 cleverly disguised GitHub facades to spread EtherRAT malware, masquerading as legitimate admin and dev tools between December 2025 and April 2026. These fake repositories were designed to manipulate search results, leading victims to download a malicious MSI installer hidden in a second, secret GitHub account.
UK Education Sector Sees Sharp Rise in Cyber Breaches
UK higher education institutions are under cyber attack, with a staggering 98% reporting breaches in the past year - a sharp jump from 91% the year before. This near-universal vulnerability raises serious concerns about the sector's online security.
Python Backdoor Exploits Tunneling Service to Harvest Browser, Cloud Credentials
Meet DEEP#DOOR, a sneaky Python-based backdoor framework that's harvesting browser and cloud credentials by exploiting a tunneling service, and learn how it infiltrates systems through a clever sequence of stealthy steps. This sophisticated threat starts with a simple batch script that disables Windows security controls and ends with a fully featured Remote Access Trojan (RAT).
Phishing Exploits Persist, Breaching Half of UK Businesses
Phishing attacks remain a major threat, with nearly half of UK businesses falling victim to these scams in the past year, and a staggering 85% of breaches involving phishing as the primary entry point. These attacks often rely on human error, using tactics like impersonation emails and fake logins to trick staff into handing over sensitive information.
cPanel Bug Exploited in Wild as Zero-Day Before Patch Release
A cPanel bug, tracked as CVE-2026-41940, was exploited in the wild as a zero-day vulnerability before a patch was released, with attackers making execution attempts as early as February 23, 2026. The flaw forced vendors and hosting providers into emergency mitigation, with cPanel finally releasing a fix on April 28, 2026.
Global Operation Disrupts Crypto Scam Centers, Arrests 276 Suspects
In a major crackdown on crypto scams, a global operation led by Dubai Police has arrested 276 suspects and shut down nine fraudulent investment centers, dealing a significant blow to scammers who thought they were safe from law enforcement. This coordinated effort with US, Chinese, and Thai authorities has brought global justice to victims of these crimes.
Novel Chinese Spy Group Infiltrates Critical Networks in Poland, Asia
A recent investigation by TrendAI has uncovered a concerning China-linked espionage campaign, with a novel spy group infiltrating over a dozen critical networks across Poland and Asia, leaving behind a lingering threat that's experts' biggest worry. The threat group, tracked as Shadow-Earth-053, has been actively compromising networks since December 2024.
cPanel Vulnerability Exposes Millions of Domains to Root Access Attacks
A critical cPanel vulnerability, rated 9.8 under CVSS, has been discovered, allowing attackers to craft a simple sequence of requests to bypass authentication and gain root access to servers, putting millions of domains at risk. Emergency patches are available to fix this gaping security flaw.
Europol Disrupts Albanian Investment Fraud Ring
In a major crackdown on investment scams, Europol and international authorities have dismantled a sophisticated Albanian investment fraud ring, arresting 10 suspects and seizing nearly €900,000 and 443 computers. The alleged scammers are accused of swindling victims out of at least €50m through their professionalized operation.
UK Clears £6B Ajax Armored Vehicle for Duty Despite Troop Injuries
The UK Ministry of Defence has cleared the £6B Ajax armored vehicle for duty, despite reports of troop injuries, with Minister Luke Pollard emphasizing that the safety of personnel is non-negotiable. The move comes after investigators failed to pinpoint a single cause for the symptoms experienced by crews during a recent military exercise.
Cyber Risks Expose Organizations to Increased Threats
Organizations are facing a harsh reality: understanding cyber risk is only half the battle, as the real challenge lies in responding effectively when a threat strikes. Marsh's 2026 People Risks report reveals that cyber-related challenges, including cyber-threat literacy, top the list of people risks, ahead of technological change and skills shortages.
Linux Flaw Enables Unprivileged Root Access on Major Distributions
A newly discovered Linux flaw, dubbed "Copy Fail," allows unprivileged users to gain root access on major distributions by exploiting a logic error in the kernel's cryptographic subsystem. This high-severity vulnerability, tracked as CVE-2026-31431, poses a significant threat to Linux systems, enabling attackers to write controlled bytes into the page cache of readable files and escalate privileges.
Fintech Firm Exposes Database Credentials in Shared Spreadsheet
A fintech firm's most sensitive secrets were left exposed in a shared spreadsheet, with a password that was embarrassingly simple - literally a combination of the company's name and the year. The shocking discovery was made by Stanislav Kazanov during a routine compliance audit, when he stumbled upon a widely accessible SharePoint folder containing a file ominously titled Prod_DB_Root_Creds_DO_NOT_SHARE.xlsx.
Google Fixes Critical Gemini CLI Flaw Enabling Remote Code Execution
Google patched a critical flaw in Gemini CLI that allowed hackers to inject malicious code and take control of host systems, thanks to a report from Novee Security. The vulnerability, scoring a perfect 10.0 on the CVSS scale, has been fixed in recent updates to the @google/gemini-cli and google-github-actions/run-gemini-cli packages.