Tag: emerging threats
3120 articles
Medtronic Breach Exposes 9 Million Records to Hackers
Medtronic has confirmed a data breach affecting 9 million records, but thankfully, the hackers didn't compromise critical systems that could impact patient safety or product operations. The company's corporate IT systems were the target, and Medtronic assures that business operations, including manufacturing and distribution, remain unaffected.
Deepfake Voice Attacks Expose Vulnerabilities in Corporate Defenses
With just three seconds of a CEO's voice online, your company is vulnerable to a deepfake voice attack - and it only takes one convincing call to compromise your defenses, as seen in a string of high-profile heists. Make sure your team knows how to spot and stop these sophisticated scams before it's too late.
Crypto Launderer Sentenced to 70 Months for $230M Heist Role
Meet Evan Tangeman, a 22-year-old crypto launderer who lived large on stolen millions, racking up half-million-dollar nightclub tabs and luxury cars, before getting sentenced to 70 months in prison for his role in a $230M heist. His lavish lifestyle, fueled by greed, came crashing down with a guilty plea and a lengthy prison term.
Researchers Expose 73 Fake VS Code Extensions Spreading GlassWorm v2 Malware
Malicious VS Code extensions are putting developers at risk, with 73 fake extensions discovered spreading GlassWorm v2 malware, allowing attackers to stealthily retrieve and execute payloads after activation. These extensions act as loaders, using obfuscated JavaScript to achieve the same malicious outcomes as their binary-based counterparts.
PhantomCore Exploits TrueConf Flaws to Breach Russian Networks
Researchers Daniil Grigoryan and Georgy Khandozhko revealed that PhantomCore attackers exploited a chain of three TrueConf Server vulnerabilities, including insufficient access control and file reading flaws, to breach Russian networks. This sophisticated attack highlights the importance of addressing these critical vulnerabilities to protect against potential threats.
Cybersecurity Salaries Stagnate Amid Rising Threats and Workloads
Despite the rising demand for cybersecurity experts, a shocking 71% of infosec pros worldwide - and 77% in the UK - have seen their salaries stagnate over the past year, leaving them lagging behind their peers in other tech fields.
Vulnerability Discovery Outpaces Remediation Infrastructure
The latest AI-powered vulnerability discovery tool, Anthropic's Claude Mythos Preview, can identify a massive number of security risks at unprecedented speed, raising crucial questions about whether organizations can keep up with remediation. With AI outpacing human teams, the real challenge now is turning these findings into actionable fixes.
ADT Breach Exposes Customer Data, ShinyHunters Claim Responsibility
ADT confirmed a data breach on April 20, after discovering unauthorized access to sensitive customer and prospective-customer information, which was swiftly shut down and investigated. The breach exposed key personal details, but thankfully, payment information and customer security systems remained unaffected.
Microsoft Probes Outlook.com Outage as Sign-in Failures Mount
Microsoft is investigating an Outlook.com outage that's causing sign-in failures and unexpected sign-outs for some users, citing possible issues with client sign-in scenarios. The company is working to identify the root cause, but hasn't yet shared details on the number of affected users or regions.
ADT Confirms Cyber Intrusion After ShinyHunters Extortion Attempt
ADT confirmed a cyber intrusion on April 20, swiftly isolating the breach and collaborating with incident responders and law enforcement to contain the damage. The compromised data included sensitive information like names, phone numbers, and addresses, as well as dates of birth and partial Social Security numbers for a smaller subset of individuals.
Identity Management Wrestles with AI-Driven Risks
The rapid evolution of Artificial Intelligence is a double-edged sword for IT leaders, bringing unprecedented opportunities for efficiency, but also sophisticated threats and complex identity management challenges. As organizations adopt autonomous digital workers, they must navigate the tension between harnessing AI's power and mitigating its risks to trust and identity.
Researchers Uncover Fast16 Malware That Preceded Stuxnet
Meet fast16.sys, a sneaky kernel driver that intercepts and modifies executable code as it's read from disk, giving its creators unprecedented control over the storage stack and filesystem. This boot-start filesystem component was a game-changer in its time, and researchers are still unraveling its secrets.
UK Data Watchdog Chief Steps Back Amid Workplace Probe
UK's top data watchdog, John Edwards, has temporarily stepped down from his role amid an independent workplace investigation, cooperating fully with the probe. He made the announcement via LinkedIn, confirming his voluntary leave of duties as head of the Information Commissioner's Office.
Cybersecurity Researchers Expose Global SMS, Crypto Fraud Ring
Beware of fake CAPTCHAs that can drain your wallet! A cunning SMS scam routes victims to bogus web pages, tricking them into sending costly texts to over 50 international destinations.
Anthropic's AI Model Exposes Code Flaws, But Limitations Remain
Meet Mythos, a game-changing AI tool that automates code auditing with impressive accuracy, but isn't quite a magic bullet for uncovering entirely new software flaws. It's highly effective at spotting known vulnerabilities, but its capabilities are still limited to what humans have taught it.
BlackFile Group Launches Vishing Attacks on Retail, Hospitality Firms
Retail and hospitality firms are under siege from a financially motivated threat group, known as BlackFile Group, that's launching vishing attacks to extort money, with a campaign that has been quietly escalating since February 2026. This persistent threat uses no custom malware, making it a stealthy and formidable foe.
Australia's Defence Strategy Shifts Focus to Self-Reliance
In a world that's grown increasingly perilous, Australia is taking a bold new approach to defence, shifting its focus to self-reliance while strengthening partnerships with trusted allies. The 2026 National Defence Strategy and its $425 billion spending plan prioritise cutting-edge capabilities to safeguard the nation and support regional partners.
US Aircraft Carriers Deploy in Force Across Middle East
In a historic display of military strength, the US has deployed not one, not two, but three aircraft carriers to the Middle East - a triple-carrier strike that hasn't been seen since the 2003 Iraq War. This unprecedented show of force brings a whopping 14 acres of US territory to the region, with the George H.W. Bush, Abraham Lincoln, and Gerald R. Ford carrier strike groups leading the charge.
Itron Breach Exposes Internal IT Network Vulnerability
Itron recently disclosed that its internal IT network was breached by an unauthorized third party, prompting swift action to contain and mitigate the incident. The company quickly activated its cybersecurity response plan and notified law enforcement, successfully blocking the unauthorized activity with no reported follow-up attempts.
Cal.com Shifts Away From Open Source Amid AI-Driven Security Concerns
Cal.com is ditching open source, citing AI-driven security risks that make transparent code a liability. Its CEO claims open source is dead, as AI tools empower attackers to exploit published code like never before.
Microsoft Overhauls Windows Insider Program to Address Reliability Concerns
Microsoft has heard your frustration loud and clear: the unpredictable rollout of new features in the Windows Insider Program has left many testers feeling confused and left behind. The company is now shaking things up to bring simplicity and reliability back to the program.
Microsoft Teams Used to Deploy Sophisticated Snow Malware
Cyber attackers have cleverly used Microsoft Teams to deploy a sophisticated malware suite, dubbed Snow, by tricking victims into installing a fake anti-spam patch that ultimately led to prolonged access, credential theft, and domain compromise. They started by creating a sense of urgency through email bombing, then followed up with a direct message on Microsoft Teams.
Researchers Uncover 'fast16' Malware Targeting Engineering Software Years Before Stuxnet
Researchers have uncovered a long-forgotten malware, fast16, that was designed to sabotage engineering software, beating even the infamous Stuxnet by at least five years. This ancient cyber threat, dating back to 2005, was engineered to spread rapidly and produce inaccurate calculations across entire facilities.
Google Exposes Microsoft Teams Phishing Campaign Using Custom Snow Malware
Beware of scammers posing as helpdesk heroes! They'll flood your inbox with spam, then reach out on Microsoft Teams with a fake fix that actually steals your password using custom Snow malware.