Tag: emerging threats
3129 articles
US Navy Deploys Minesweepers to Middle East
The US Navy is gearing up for a major operation in the Middle East, with a cluster of minesweeping assets making a significant move west from the Pacific, hinting at preparations for a large-scale effort to clear sea lanes of mines. This coordinated shift in posture suggests that something big is on the horizon.
wolfSSL library vulnerability undermines ECDSA signature verification
A single misstep in a crucial cryptographic check can have far-reaching consequences, rendering digital certificates unreliable and putting security at risk. The recently discovered wolfSSL library vulnerability compromises ECDSA signature verification, allowing for potentially forged certificates and weakened security.
JanelaRAT Malware Strikes Latin American Banks with 14,739 Attacks
Latin American banks faced a staggering 14,739 attacks from the JanelaRAT malware in 2025, putting sensitive information at risk and raising the stakes for financial institutions and their customers. This surge in attacks highlights the growing threat of JanelaRAT, a modified malware family that continues to target banks in countries like Brazil and Mexico.
France Accelerates Exodus from US Tech with Open-Source Push
France is taking a bold step towards digital independence, with a push to ditch American commercial software for open-source alternatives, and all government ministries are now racing against the clock to reduce their reliance on US tech by the fall. This move signals a growing unease among European governments about Silicon Valley's influence.
Rockstar Games Data Breach Exposes Sensitive Analytics Information
Rockstar Games has suffered a data breach, with sensitive analytics information - including insights into the behavior of millions of players - leaked by the ShinyHunters extortion gang on a criminal site. The breach is linked to a recent security incident at Anodot, a company used by Rockstar Games.
FBI dismantles W3LL phishing service, arrests developer
In a groundbreaking cross-border operation, the FBI and Indonesian authorities joined forces to dismantle the notorious W3LL phishing service, seizing key infrastructure and arresting an alleged developer. This historic collaboration marks a significant win in the fight against cybercrime, and raises hopes for a safer online landscape.
Impersonator Exploits Slack to Target Linux Developers
A clever impersonator tricked Linux developers on Slack by posing as a trusted official, leading them to click a link that seemed harmless but actually handed over their credentials and development environment. This sneaky attack used Google-hosted pages to disguise a bogus root certificate, catching developers off guard.
Booking.com Breach Exposes User Data, Prompts PIN Resets
Booking.com recently suffered a data breach, admitting that hackers accessed sensitive reservation and user information - as a precaution, the company has reset PINs for affected bookings.
OpenAI Revokes macOS Certs Amid Supply Chain Breach Fallout
A recent supply chain breach has raised concerns about software trustworthiness, prompting OpenAI to revoke its macOS code-signing certificates after a malicious package was executed in its build pipeline. This swift action highlights the vulnerability of even the most secure systems to supply chain attacks.
Cloud Breaches Persist as Detection Gaps Remain Unaddressed
Cloud security breaches continue to fly under the radar, leaving us to wonder who's left to sound the alarm. Uncover the reasons behind persistent detection gaps in cloud intrusions by exploring the insightful GovInfoSecurity webinar.
Banks Urged to Unite Against AI-Driven Fraud Networks
Generative AI has created a haven for fraudsters, allowing them to organize and scale their operations like never before - and experts warn that banks must adapt quickly or risk being left behind. To stay ahead, financial institutions must unite against these AI-driven fraud networks and respond with the same level of sophistication.
FBI Disrupts W3LL Phishing Network Behind $20 Million Fraud Attempts
In a major breakthrough, the FBI and Indonesian National Police joined forces to dismantle a global phishing network that had harvested thousands of account credentials in a bid to scam over $20 million. The operation, which used a ready-made toolkit called W3LL, was successfully disrupted, and the alleged developer was detained.
Cybersecurity Risk Outpaces Corporate Defenses
As companies pour more resources into AI and technology, a pressing question remains: can they defend what matters most? Despite escalating investments, many firms admit they're ill-equipped to tackle growing cybersecurity risks, which now rank among the top business threats.
Adobe Fixes Zero-Day Flaw in Acrobat Reader Exploited in Attacks
Adobe has rushed out an emergency patch for a critical vulnerability in Acrobat Reader that's been exploited by attackers since at least December, forcing users to rethink their document reader's security. This zero-day flaw, tracked as CVE-2026-34621, highlights the rapid discovery and weaponization of software flaws.
Mirax Trojan Hijacks Android Devices for Proxy Network
Meet Mirax, a sneaky new Android banking trojan that's not only stealing credentials, but also hijacking devices to create a powerful proxy network - putting European users at risk. This emerging malware is a triple threat, combining a malware-as-a-service model, remote access capabilities, and residential proxies to wreak havoc on infected phones.
Booking.com Exposes Reservation Data Breach Risk
Did you know that a recent data breach at Booking.com may have exposed sensitive trip details, including your name, contact info, and private messages to hotels, to unknown attackers? This incident is a stark reminder that even major travel platforms can be vulnerable to data breaches, putting your personal info at risk.
Hackers Exploit Microsoft 365 Mailbox Rules to Conceal Post-Breach Activity
Hackers are exploiting a sneaky vulnerability in Microsoft 365 mailbox rules to hide their tracks, siphon sensitive data, and maintain a backdoor into compromised accounts. This stealthy tactic allows attackers to fly under the radar, making it even harder to detect and stop them.
Storm Infostealer Exploits Server-Side Decryption for Session Hijacking
Imagine if hackers could hijack your online sessions, bypassing even the strongest passwords and multifactor protections - a new infostealer called Storm makes this a chilling reality by exploiting server-side decryption to steal sensitive browser data. This sneaky malware allows attackers to take over your accounts, all without needing to crack your password.
Zero-Day Exploits Target PDF Files Amid State-Sponsored Infrastructure Meddling
A critical zero-day flaw has been hiding in plain sight within everyday PDF files, and at the same time, state-sponsored actors have been aggressively probing vital infrastructure, creating a perfect storm that demands immediate attention. This dual threat of quietly persistent PDFs and long-simmering meddling has escalated into a situation that requires rapid action.
Zero-Day Exploits Proliferate as Breakout Times Shrink
Imagine a research preview that can teach itself to find and exploit the very flaws security teams scramble to patch - that's now a harsh reality, as an advanced language model has autonomously discovered and exploited zero-day vulnerabilities in every major operating system and browser. This breakthrough should be a wake-up call for security teams to rethink their response times to alerts.
Booking.com Breach Exposes Customer Data
A single-line warning from Booking.com that your personal data may have been exposed can be unsettling, especially when it lacks crucial details on what happened and how to protect yourself. This data breach notification raises more questions than answers, leaving customers and experts alike searching for clarity.
Basic-Fit Discloses Data Breach Exposing Member Information
Basic-Fit, Europe's largest gym chain, has confirmed a data breach that exposed sensitive information, including bank details, for around one million customers, raising urgent concerns about data security and accountability. The breach, which resulted from a cyberattack, compromised names, addresses, dates of birth, and financial information, but thankfully did not involve password theft.
FBI Disrupts W3LL Phishing Operation Linked to $20m in Fraud
The FBI has successfully dismantled a massive phishing operation built around the notorious W3LL phishing kit, which was linked to a staggering $20 million in fraud attempts. By taking down this operation, the bureau has disrupted a key tool used by cybercriminals to carry out their scams.
Rockstar Games Data Breached as ShinyHunters Exploits Third-Party Vulnerability
Rockstar Games has been hit by a data breach, with a notorious hacking group called ShinyHunters claiming it accessed sensitive information through a vulnerability in a third-party tool, rather than a complex hack. The group says it simply walked through an open door, exploiting access to Snowflake metrics to get to the data.