Tag: emerging threats
3129 articles
Healthcare Sector Tackles Third-Party AI Security Gaps with New Guidance
The healthcare sector is taking a major step towards securing its AI-powered tools with new guidance from the Health Sector Coordinating Council (HSCC) that helps tackle the growing threat of third-party AI security gaps. This playbook is a timely response to the explosion of AI-related cyber risks from vendors, and aims to safeguard the industry's increasing reliance on externally developed artificial intelligence.
Netgear Sidesteps Router Ban with FCC Waiver
Netgear has scored a major win with the FCC granting it a temporary waiver, allowing the company to import consumer routers until 2027 despite a broader ban on foreign-made networking hardware. This move marks a significant exception to the rule, with Netgear becoming the first consumer brand to sidestep the import restriction.
Artemis Secures $70M to Deploy AI Agents Against Cyber Threats
Meet Artemis, a game-changing startup that's using AI agents to revolutionize the way organizations detect and investigate cyber threats - and they've just secured $70 million in funding to make it happen. By ditching outdated security systems, Artemis is pioneering a bold new approach to threat detection with AI-driven agents that span cloud, identity, and endpoints.
Agencies Flout Trump Order, Persist with Anthropic AI Tools
Weeks after President Trump ordered a halt to federal use of Anthropic's AI tools, government staffers are still relying on them, highlighting a clash between presidential directives and operational realities. Agencies are now scrambling to map out where the technology is in use and find suitable replacements.
Nginx Flaw Exploited for Server Takeovers
A critical vulnerability in Nginx UI's Model Context Protocol (MCP) support is being actively exploited, allowing attackers to take over servers without any authentication. If your organization exposes Nginx UI with MCP support, your servers may be at risk of a full takeover.
AgingFly Malware Targets Ukraine Govt, Hospitals in Data Heist
A newly discovered malware called AgingFly is targeting Ukraine's government and hospitals, stealing sensitive online identity keys and putting public services at risk. This fresh threat siphons authentication data from popular web browsers and messaging apps, sparking urgent concern.
CISOs Face Emerging AI Risk Management Challenges
As AI evolves from a useful tool to an omnipresent force, chief information security officers must urgently reassess their risk management playbook to stay ahead of emerging threats. A recent GovInfoSecurity webinar, "What CISOs Need to Know About AI Risk," tackles this critical question and explores the implications of AI risk for CISOs.
WordPress Plugin Suite Compromised, Malware Deployed on Thousands of Sites
Thousands of websites have been unwittingly turned into malware gateways due to a massive compromise of over 30 WordPress plugins in the EssentialPlugin package, highlighting a disturbing vulnerability in the internet ecosystem. This security breach has left countless sites exposed, raising urgent questions about accountability and prevention.
AI-Driven Vulnerability Risks Expose Security Teams to Reality Check
The AI-driven vulnerability landscape just got a harsh reality check: with AI-powered tools like Anthropic's Claude Mythos speeding up vulnerability discovery, security teams are facing a daunting new challenge - keeping up with the rapid pace of exploit development. The real question is, are defenders ready to respond?
Fortinet Sandbox Flaws Allow Attackers to Bypass Authentication, Execute Commands
Two critical flaws in Fortinet's sandbox could let attackers skip login and run malicious commands, putting your system at risk - so don't wait, patch now! A recent report urges administrators to act fast, as these vulnerabilities could be exploited by unauthenticated attackers over HTTP.
Fraud Detection Lags as Losses Mount Despite Heavy Tech Investments
Despite pouring money into cutting-edge fraud detection tools and analytics, financial institutions are still struggling to outsmart scammers, with losses mounting at an alarming rate. The disconnect between heavy tech investments and rising fraud losses reveals a pressing need for a new approach to scam prevention.
Malware Abuses Signed Software to Disable Antivirus Protections
Thousands of vulnerable endpoints across schools, utilities, governments, and hospitals have fallen prey to a sneaky malware that masquerades as legitimate software, only to disable antivirus protections and wreak havoc with SYSTEM-level privileges. This stealthy attack has left countless organizations defenseless against further threats.
Interpol Warns of AI-Driven Fraud Surge
Get ready for a seismic shift in financial crime: Interpol warns that AI-driven fraud is set to explode, with losses already hitting $442 billion last year and AI-enhanced scams being over four times more profitable than traditional methods. The question is, are financial institutions prepared to outsmart an enemy that learns faster than they can adapt?
n8n Workflow Automation Platform Exploited to Deliver Malware via Phishing Emails
Imagine a tool designed to streamline your work being turned against you - that's what happened when threat actors exploited the popular n8n workflow automation platform to deliver malware via phishing emails, starting as early as October 2025. This clever tactic uses trusted infrastructure to evade defenses, turning productivity tools into a conduit for harm.
OpenAI Launches GPT-5.4-Cyber to Bolster AI-Driven Cyber Defenses
OpenAI has unveiled GPT-5.4-Cyber, a groundbreaking AI model designed to revolutionize cybersecurity and tip the scales in favor of digital defense. This bold move follows a similar push from rival developer Anthropic, and raises crucial questions about the future of tech, policy, and online safety.
Microsoft Awards $2.3M for Cloud and AI Flaws Uncovered in Zero Day Quest Hacking Contest
Microsoft just took a bold step towards securing our digital future by awarding $2.3 million to researchers who uncovered critical cloud and AI flaws in its Zero Day Quest hacking contest, showcasing the power of incentive-driven vulnerability discovery. Nearly 700 submissions poured in, highlighting the vast scope of potential weaknesses in our rapidly evolving tech landscape.
Ransomware Disrupts Autovista's Automotive Data Services
A ransomware infection has crippled Autovista's automotive data services in Europe and Australia, forcing customers to choose between isolating the affected vendor or patiently waiting for a resolution. Autovista has called in outside experts to help contain and clean up the breach.
McGraw Hill Breach Exposed by Salesforce Setup Flaw
A configuration error in Salesforce, a widely used customer relationship management platform, led to a data breach at McGraw Hill, exposing customer data and raising questions about vendor services and data stewardship. The incident highlights the importance of proper setup and management of third-party services to protect sensitive information.
Adware Operation Neutralizes Antivirus on 23,000 Hosts via Signed Updates
Imagine receiving a routine software update that secretly disables your antivirus protection, leaving you vulnerable to cyber threats - that's exactly what happened to 23,000 hosts in a shocking adware operation. Hackers cleverly used signed updates to deliver payloads that neutralized antivirus defenses, putting thousands of systems at risk.
SAP Vulnerability Exposes High-Risk Data Breach Potential
A single flaw in widely-used business software can be devastating - and April's Patch Tuesday just revealed a critical SAP vulnerability with an alarmingly high severity score, exposing high-risk data breach potential. This pressing issue demands attention from vendors and security experts alike.
CISA Warns of Exploited Windows Task Host Vulnerability
Stay one step ahead of cyber threats by securing your Windows systems - a recently exploited vulnerability in Windows Task Host could let attackers escalate privileges and take full control of your machines. The Cybersecurity and Infrastructure Security Agency (CISA) has flagged this issue as high-risk, urging swift action to protect affected systems.
New Australian Army Chief Faces Heightened Global Threats
As the new Australian Army Chief takes the reins, a pressing question looms: can one leader steer the country through the treacherous waters of a multipolar crisis, with wars raging in Europe and the Middle East, and China's naval presence closing in on home soil? With global threats converging from three directions, the stakes have never been higher.
B-21 Raider Exposed in Rare Aerial Refueling Image
A rare aerial refueling image of the B-21 Raider has finally given us a thrilling overhead glimpse of this secretive aircraft in flight, revealing physical details that have been hiding in plain sight. This game-changing photo is a major breakthrough, offering a fresh perspective on the B-21's design.
Indonesia Weighs Risks of US Military Airspace Access
Indonesia is being asked to make a high-stakes decision: grant the US military unrestricted access to its skies, potentially compromising its sovereignty and national security. Allowing blanket access could put Indonesia's interests at risk, sparking concerns about the true cost of such an agreement.