Tag: emerging threats
3111 articles
Microsoft Teams Free Disrupted by Backend Change
A recent backend change has caused issues for new users of Microsoft Teams Free, skipping crucial onboarding and privacy consent steps and leaving their profiles incomplete. As a result, these users appear as 'Unknown users', can't be found in searches, and struggle to connect with others in chat.
ClawHub Skills Co-opt AI Agents in Secret Crypto Mining Operation
Meet ClawSwarm, a mysterious crypto mining operation that masquerades as a collection of harmless OpenClaw skills, with 9,800 downloads and counting. Researchers uncovered thirty suspicious skills published by a single user, "imaflytok", on ClawHub, a registry and marketplace for OpenClaw skills.
LiteLLM SQL Flaw Exploited 36 Hours After Disclosure
A critical SQL injection flaw, CVE-2026-42208, was exploited just 36 hours after its disclosure, putting vulnerable LiteLLM versions at risk of unauthorized database access. The bug, with a CVSS score of 9.3, allows unauthenticated callers to reach a vulnerable database query through the proxy's error-handling path.
Marines Overhaul Land Warfare Doctrine for Drone-Driven Battles
The Marine Corps is revolutionizing its land warfare strategy with a bold new doctrine, Ground Combat Element 2040, designed to tackle the challenges of drone-driven battles and great-power competition. This game-changing update is part of a broader effort to modernize the Corps and stay ahead of emerging threats.
Pentagon Proposes Name Change to Department of War
The Pentagon has made a surprising proposal to Congress: rename the Defense Department to the Department of War, a change that would serve as a fundamental reminder of the importance of war and defense. If implemented, the name change would be rolled out in a cost-effective way, with minimal disruption and no significant impact on the budget.
SOCOM Accelerates AI and Autonomy Integration Across Operations
US Special Operations Command is rapidly integrating AI and autonomy into every level of its operations to revolutionize sensing, surveillance, and response capabilities on the battlefield. This cutting-edge technology enables the command to stay ahead of adversaries and project power with precision, says Adm. Frank "Mitch" Bradley.
Australia Urged to Establish Northern Hybrid Zone to Bolster Economic Security
Australia can supercharge its economic security by creating a Northern Hybrid Zone, turning its abundant resources into a powerful engine for growth. By following the US-Philippines' 4,000-acre precedent, Australia can anchor its supply chains, concentrate infrastructure, and embed resilience.
Marines to Mandate Integrated Counter-Drone Tech
The Marines are taking a crucial step towards unified defense by integrating counter-drone technology, aiming to merge currently disparate systems into a cohesive solution. Lt. Col. R.M. Barclay revealed that wearable counter-unmanned aerial systems are being fielded to meet an urgent need, with a focus on non-kinetic, handheld solutions.
US Cautiously Adopts AI-Powered Cyber Defense Tool
The US is taking a cautious step forward in AI-powered cyber defense with Anthropic's Mythos, a tool that could revolutionize defensive work by speeding discovery and analysis. Federal CIO Greg Barbaccia envisions a future where AI bots can outsmart malicious bots, but acknowledges that Mythos' true effectiveness in real-world networks remains to be seen.
China's Military Presence Normalizes in Indo-Pacific Waters
China's recent live-fire drills in the Tasman Sea and plans for future exercises signal a new era of normalized military presence in Indo-Pacific waters, with projections suggesting this assertive approach could become the norm by 2036. This shift marks a significant change in how Beijing deploys its force beyond its shores.
CIOs Face Growing Pressure to Govern AI Risks
The rapid adoption of AI has led to a surge in disclosures, with a staggering 83% of S&P 500 companies now citing AI as a material business risk - a number that skyrocketed from just 12% in 2023. As executives anticipate significant productivity gains and workforce disruption, they're under growing pressure to govern AI risks effectively.
Frontier AI Labs Cut Off OT Sector from Cyber Vulnerability Tools
A concerning gap in cybersecurity support has emerged, as operational technology companies are being left out of access to cutting-edge AI models from Anthropic and OpenAI, despite being crucial to the sector. This exclusion raises significant questions about the vulnerability of these organizations to cyber threats.
Hackers Exploit LiteLLM SQL Flaw for Sensitive Data Access
Within just 36 hours of being publicly disclosed, a critical SQL injection flaw in LiteLLM, known as CVE-2026-42208, was actively exploited by hackers, allowing them to access sensitive data without authentication. This alarming vulnerability highlights the importance of swift patching, with LiteLLM version 1.83.7 now available to fix the issue.
VECT 2.0 Ransomware Exploits Flaw to Permanently Destroy Large Files
VECT 2.0 ransomware has a devastating flaw that can permanently destroy large files, including routine documents and databases, by exploiting a bug in its encryption process. This flaw kicks in even for files as small as 128 KB, making it a serious threat to valuable data.
Russia Targets Signal Users in Germany with Social Engineering Hacks
Stay vigilant, especially when it comes to trusted messaging apps like Signal - a recent wave of social-engineering attacks in Germany targeted government officials, exploiting user trust rather than any technical flaw. Signal has assured users that its encryption and infrastructure remain secure, but warns that these types of attacks can still compromise user safety.
UK Urges Adoption of Passkeys Over Passwords
Say goodbye to password headaches! The UK is leading the charge towards a more secure and user-friendly login experience with passkeys, which offer stronger resilience and eliminate many common cyber threats.
Vect Ransomware Exposed as Data Wiper, Not Recovery Tool
Meet Vect, a so-called ransomware that's actually a data wiper, making full recovery impossible - even for the attackers themselves. This destructive malware permanently destroys files larger than 128KB, rendering it useless for data recovery and a serious threat to enterprise assets.
GitHub Flaw Exposes Remote Code Execution to Authenticated Users
A single git push command was all it took to exploit a flaw in GitHub's internal protocol, allowing authenticated users to execute code on backend infrastructure. This shocking vulnerability, tracked as CVE-2026-3854, highlights the potential for devastating remote code execution attacks.
Vimeo Breach Exposes User Data After Anodot Hack
Vimeo users, be aware: a recent data breach at analytics company Anodot exposed some of your personal info, including video titles, metadata, and in some cases, email addresses. Fortunately, uploaded video content, account credentials, and payment card info remain safe.
LofyGang Revives With Minecraft-Focused LofyStealer Campaign
Meet LofyGang, a notorious threat actor that's back in the game with a sneaky new campaign called LofyStealer, targeting Minecraft fans with malware disguised as a hack called 'Slinky'. This Brazil-based group has a history of infiltrating gaming communities and digital entertainment services.
US Army Opens Call for Commercial EW, Signals Intelligence Solutions
The US Army is seeking cutting-edge commercial solutions for electronic warfare and signals intelligence, aiming to build a trusted library of innovative technologies that commanders can quickly tap into to tackle their unique mission needs. This initiative, called REWSI, will streamline the process of finding and deploying the best tools for the job.
US Military Adopts Software-Defined Approach to Dominate Space Domain
To stay ahead of evolving threats, the US military is turning to a software-defined approach to secure its space assets and maintain freedom of action. By adopting open-systems architectures, satellite operators can rapidly update spacecraft software in orbit and counter adversarial moves with speed.
UK lawmakers warn AUKUS submarine program faces delays over investment shortcomings
UK lawmakers are sounding the alarm that the AUKUS submarine program is at risk of delays due to insufficient investment in upgrading the BAE Systems shipyard in Barrow, England, where the submarines will be built. If upgrades continue to slip, it could have serious consequences for UK national security and damage credibility with AUKUS partners.
Army's $50 Billion MAPS Contract Draws First Protest Over Transparency Concerns
A dispute is brewing over the Army's massive $50 billion MAPS contract, with MetroStar Systems filing a protest at the Government Accountability Office citing concerns over transparency. The protest could delay the awarding of this lucrative 10-year contract.