Tag: emerging threats
3130 articles
North Korea-linked actor compromises axios NPM package
A shocking discovery by Google Threat Intelligence Group has exposed a vulnerability in the popular axios NPM package, which has over 100 million weekly downloads, and has raised urgent questions about the trustworthiness of software supply chains. A malicious dependency was secretly introduced into axios releases, putting countless applications at risk.
Kaspersky Uncovers Coruna Exploit Kit Linked to Operation Triangulation
Kaspersky's researchers have made a significant discovery: the Coruna exploit kit, now targeting iPhones, uses an updated kernel exploit linked to the notorious Operation Triangulation. This finding highlights the evolving threat landscape, where offensive code is repurposed to target new devices.
APAC Firms Scramble to Bolster Cloud Security Amid Rising Identity Risks
As APAC firms rush to adopt cloud technology, they're faced with a daunting dilemma: do they risk advancing without a plan, or delay and let identity-related risks leave them vulnerable? With identity issues already causing the majority of cloud breaches in the region, the clock is ticking to get cloud security right.
Unit 42 Research Exposes Risks in Amazon Bedrock's Multi-Agent AI Systems
Unit 42's latest research reveals a hidden threat: multi-agent AI systems on Amazon Bedrock can be vulnerable to new and alarming risks, including prompt injection attacks that practitioners can't afford to ignore. Learn how to safeguard your AI applications from these emerging threats.
Feds Disrupt Russia-Backed Espionage Network Infecting 18,000 Devices
Federal authorities have successfully disrupted a massive Russia-backed espionage operation that had infiltrated nearly 18,000 devices, stealing sensitive account credentials and tokens by hijacking internet traffic. This significant takedown thwarts the efforts of Forest Blizzard, a notorious threat group linked to Russia's GRU.
China's PLA Revives Explosive Tactics in Modern Warfare
The People's Liberation Army is dusting off old-school explosive tactics, deploying high-explosive satchels and makeshift charges in modern warfare, a move that suggests even simple tools can still pack a punch on the battlefield. This revival is reportedly inspired by lessons learned from the war in Ukraine, where humble explosive charges proved their continued relevance.
VMware vSphere Ecosystem Targeted by BRICKSTORM Malware Attacks
Imagine an attacker sneaking past your trusted operating system and into the hidden infrastructure that powers your virtual machines - that's the risk posed by BRICKSTORM malware, which targets the VMware vSphere ecosystem. This stealthy threat allows adversaries to operate undetected, evading traditional endpoint tools by establishing persistence at the virtualization layer.
Malicious AI Gateway Exposes Data Through Supply Chain Breach
A recent analysis of LiteLLM, a popular AI gateway, revealed a supply chain breach that embedded malicious code designed to steal sensitive data, highlighting the vulnerability of even the most trusted components. This breach turned a multifunctional gateway meant to enhance AI agents into a vector for data theft, putting countless users at risk.
Hackers Target Asia Pacific with URL-Based Threats
In Asia Pacific, hackers are ditching traditional tactics and using URL-based threats to gain easy access to your digital life - with just one click, your security can be compromised. This emerging threat landscape is redefining how we think about online identity, access, and trust.
Vulnerabilities Exposed in Amazon Bedrock AgentCore Sandbox
Security researchers at Unit 42 have uncovered critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, revealing that a protective layer meant to separate code and services can be breached using DNS tunneling, exposing sensitive credentials in the process. This alarming discovery highlights the potential risks of slipping through the cracks of a supposedly secure system.
China Upgrades Older Tanks with Active Protection Systems
A game-changing photo has emerged showing an older Chinese tank sporting cutting-edge Active Protection Systems, shifting analysts' focus to the country's strategic intent, costs, and battlefield logistics. This surprise upgrade on a tried-and-true Type 96 main battle tank has significant implications for the future of armored warfare.
Ransomware Evolves with AI-Fueled Mutation Tactics
The game-changing threat of AI-fueled ransomware is here: hackers can now wield polymorphic malware that mutates on the fly, making it exponentially harder to detect and stop. This emerging menace is made possible by ransomware-as-a-service platforms supercharged with artificial intelligence.
Kaspersky Uncovers CrystalX RAT with Extensive Spyware and Stealer Capabilities
Meet CrystalX, a sinister new remote-access tool that's being sold as a ready-made menace, packing an alarming combination of spyware, stealer, and prankware capabilities that put your digital security at risk. This malicious toolkit is the latest threat to watch out for, and Kaspersky researchers are sounding the alarm.
Chinese Satellites Exhibit Patterns Suggesting Covert Military, Intelligence Operations
A recent analysis by the Center for Strategic and International Studies (CSIS) has uncovered 75 unusual moves by a small group of Chinese satellites in orbit over nearly a decade, suggesting potential covert military and intelligence operations. These maneuvers reveal patterns that raise concerns about the true intentions behind China's satellite activities.
Iran War Escalation Strains US Alliances, Disrupts Global Fuel Markets
The Iran war escalation has sent shockwaves around the globe, straining US alliances and disrupting fuel markets, as the conflict enters its second month with the supreme leader gone and global commerce reeling. This unsettling new reality is forcing urgent choices and testing the foundations of the post-Cold War order.
Scams Evolve, Target Human Judgment in AI-Driven Attacks
As cyberattacks evolve, they're no longer targeting weak spots in code or networks, but rather the weakest link of all - human judgment. With AI-driven scams on the rise, attackers are exploiting trust and manipulating people into becoming the unwitting victims of their clever tactics.
Iranian Drones Redefine Defence with Loitering Munitions Tactics
Discover how Iranian drones are revolutionizing defence strategies with their game-changing loitering munitions tactics, and what this means for naval power dynamics in the region. Loitering munitions, as showcased in the US-Iran war, are redefining the rules of engagement.
Scenario Planning Evolves as Uncertainty Compounds Global Risk
When the future suddenly stops making sense, organizations are faced with a daunting decision: stick with outdated planning methods or evolve to anticipate the unexpected. As uncertainty compounds and trends become less reliable, a new approach to strategic planning and risk management is urgently needed.
Pakistan Pursues Cutting-Edge Counter-UAS Capabilities
Imagine having a front-row seat to understanding Pakistan's defense strategy, but the best insights are hidden behind a paywall - that's the dilemma faced by those seeking to grasp the country's evolving counter-UAS (C-UAS) needs. Pakistan is actively pursuing cutting-edge C-UAS capabilities, but the details remain out of reach for those without access to in-depth analysis.
China's Defense Spending Escalates, Shifts Regional Military Balance
China's steadily rising defense spending has significantly tipped the military balance in the region, raising a crucial question: when a nation's defense budget consistently climbs, who adjusts their strategy, and how?
Japan Accelerates Autonomous Weapons Push to Counter China
Japan is racing to harness the power of autonomous weapons to counter China's growing military presence, and is rapidly advancing its use of uncrewed platforms to stay ahead in the game. With new policies already in place and more on the horizon, the country is making a strategic pivot towards a more autonomous military.
Indonesia's UNIFIL Withdrawal Risks Peacekeeping Credibility
Indonesia's decision to withdraw from Lebanon's UNIFIL mission poses a critical risk: compromising its hard-earned peacekeeping credibility and inadvertently playing into the hands of the very global powers it seeks to resist. By choosing to leave, Indonesia would sacrifice its reputation as a reliable contributor to international peacekeeping efforts.
FBI Warns of Iranian Cyberattacks on US Water and Energy Facilities
The FBI is sounding the alarm: Iranian-affiliated hackers are increasingly targeting US water and energy facilities, with some attacks already disrupting operations. Is your facility's infrastructure secure from these growing threats?
Anthropic Warns AI Model Exploits Zero-Day Vulnerabilities
Imagine building a tool to accelerate progress, only to discover it can also create the keys to your kingdom's vulnerabilities - that's the dilemma the security community now faces with Anthropic's AI model that can generate zero-day exploits. This emerging threat redefines the risk landscape, eclipsing long-held fears of quantum computers and introducing a new digital menace.