Tag: emerging threats
3128 articles
Mexican Surveillance Firm Expands into US Market
A Mexican surveillance company is setting its sights on the US market, raising important questions about the intersection of technology, law, commerce, and civic values. Grupo Seguritech's expansion into new territory sparks a complex conversation about the implications of increased surveillance.
Vercel Breach Exposes OAuth, AI-Driven Threats
A recent breach at Vercel exposed sensitive data after attackers exploited OAuth and hijacked an employee's account, showcasing a disturbingly swift and sophisticated assault that may have been fueled by artificial intelligence. The stolen data is now being sold to the highest bidder for a whopping $2 million.
CISA Warns of Active Exploitation of SD-WAN Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a newly discovered SD-WAN flaw that's already being exploited by attackers, giving US government agencies just four days to secure vulnerable systems. Time is of the essence in this urgent directive, which CISA has framed as an operational emergency.
Google Fixes Antigravity Flaw That Enabled Code Execution
Google's Antigravity tool, designed to streamline coding, had a flaw that allowed hackers to run malicious code - but luckily, the tech giant has patched the vulnerability. This fix prevents cyber threats that could have exploited the tool's file-creation capabilities and lax input sanitization.
NGate Malware Targets Brazil, Trojanizes HandyPay for NFC Data Theft
Security researchers have uncovered a sneaky new Android malware, NGate, that has been hiding in plain sight by infecting a legitimate app called HandyPay, used for NFC data relay, and using AI-generated code to steal payment credentials. This cleverly crafted malware has set its sights on Brazil, putting unsuspecting users at risk of NFC data theft.
Hacker Leaks Surveillance Footage from Mexican IT Firm
A Mexican IT firm's security was left exposed when a hacker posted screenshots of its surveillance footage on a cybercrime forum, raising the unsettling question: who is watching the watchers? The breach was confirmed, but fortunately, client operations remained unaffected.
Stolen Credentials Empower Attackers in Identity-Based Breaches
While security teams obsess over complex threats, attackers often find it easier to simply walk in with stolen credentials - the quickest and most reliable way into networks. By focusing on sophisticated threats, we might be overlooking the front door, which is wide open with a copy of the keys in the wrong hands.
Apache ActiveMQ Vulnerability Exploited, Hits 6,400 Servers
More than 6,400 publicly accessible Apache ActiveMQ servers are under attack, thanks to a high-severity code injection vulnerability that's being actively exploited. Is your server among them?
Met Police Deploys Surveillance Tech to Tackle London Shoplifting
The Metropolitan Police are testing a cutting-edge retail technology to combat London's shoplifting epidemic, and it doesn't rely on live facial recognition - but what does that mean for citizen privacy?
Former Ransomware Negotiator Pleads Guilty to BlackCat Attacks
A former expert who was paid to negotiate with cybercriminals has taken a shocking turn, pleading guilty to participating in high-profile BlackCat ransomware attacks on US companies. Angelo Martino, a 41-year-old ex-incident responder, admitted to his role in the 2023 attacks.
Vercel Breach Exposes Cloud App Security Risks
When a leading cloud app developer like Vercel reports a breach with scarce details, customers and security teams are left scrambling with uncomfortable uncertainty, wondering if their systems and data are at risk. The lack of transparency only tests trust and fuels concerns about cloud app security.
NGate Malware Exploits HandyPay App to Steal Android NFC Payment Data
Malicious NGate malware has been discovered hiding inside a fake version of the HandyPay app, putting Android users' NFC payment data at risk. This sneaky malware exploits a trusted payments tool to steal sensitive information, leaving users vulnerable to financial theft.
Adaptavist Group Breach Sparks Imposter Email Scams
When security breaches strike, even the most trusted names can be compromised - and The Adaptavist Group is the latest example, with hackers using stolen credentials to gain access and now sending fake emails that could put your data at risk.
Lazarus Group Targets KelpDAO in $290m Crypto Heist
In a shocking crypto heist, North Korea's notorious Lazarus Group is accused of swiping $290 million from KelpDAO, raising questions about accountability in the digital age. This brazen theft is a stark reminder of the threats lurking in the shadows of the cryptocurrency world.
CISA Catalog Adds 8 Exploited Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) just beefed up its catalog of actively exploited software flaws by adding eight new entries, including three Cisco vulnerabilities and a high-severity PaperCut flaw. Federal agencies now have until April and May 2026 to mitigate these risks.
Iran Accuses US of Using Backdoors to Disrupt Networking Gear
Iranian media is accusing the US of sneaking backdoors into networking gear to disrupt operations amid the ongoing war, with Chinese state media echoing the claims globally. But what's really at stake when these explosive cyber-accusations make international headlines?
Space Force Launches Cislunar Acquisition Task Force
The US Space Force has just launched a cislunar acquisition task force, a strategic move that signals a major focus on the space between Earth and the Moon, particularly as plans for a future NASA moon base gain momentum. This bold step comes as an experimental satellite, Oracle Prime, is set to launch next year to monitor this largely unexplored region.
Ukraine Unveils M113-Inspired Armored Personnel Carrier in Trials
Ukraine is taking a bold step towards rebuilding its armored forces with a new, M113-inspired armored personnel carrier that's currently undergoing trials, offering a homegrown solution to replace worn-down vehicles lost in years of conflict. This innovative APC is a crucial move towards bolstering the nation's defenses and reducing reliance on external supplies.
Safeguarding the Strait of Hormuz Requires Revitalized Diplomacy
Restoring free movement through the Strait of Hormuz, a critical global waterway, demands creative solutions and revitalized diplomacy that leverages existing frameworks with fresh thinking. By breathing new life into strained diplomatic and military channels, we can unlock a more stable and secure future for this vital chokepoint.
US Struggles to Replicate Ukraine's Robot Navy Model
The US is struggling to replicate Ukraine's innovative robot navy model, but a key challenge lies in balancing human leadership with cutting-edge automation. As robo-boats multiply, one thing is clear: humans will remain at the helm, making crucial command and control decisions.
Insurance Premiums Signal Global Supply Chain Strains Ahead
A sharp spike in maritime war-risk insurance premiums served as an early warning sign of impending supply chain disruptions in the Strait of Hormuz, offering a potential low-cost signal for officials to anticipate and prepare for global supply shocks. By tracking these premium changes, Australia and other nations may be able to mitigate the impact of future disruptions.
Naval Expo Highlights Emerging Defense Tech
Get a glimpse into the future of naval defense through a stunning photo gallery from the Navy League's biggest conference, showcasing the latest emerging tech on display. The eye-catching images offer a visual snapshot of the innovative spirit driving the industry forward.
Iran Peace Talks Teeter on Brink After Weekend Escalation
Iran's fragile peace talks hang in the balance after a weekend of explosive escalation, with both sides trading fire at sea and delivering starkly conflicting messages on the status of negotiations. While one side claims talks are moving forward, the other insists they're stalled, leaving the diplomatic future uncertain.
Malware Disguised as Roblox Cheats Fuels Vercel Breach
Malware masquerading as Roblox cheats sparked a chain reaction, leading to a significant security breach at Vercel and exposing vulnerabilities in modern cloud and SaaS ecosystems. This incident highlights how a seemingly harmless piece of malware can wreak havoc across connected services.