114 matches found
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his...
Darktrace Annual Threat Report 2026
The Darktrace Annual Threat Report 2026 reinforces a reality every CISO feels: the center of gravity isn't the perimeter, vulnerability management, or malware, but trust abused via identity. Their analysis found that nearly 70% of incidents in the Americas region begin with stolen or misused...
Toward Risk Thresholds for AI-Enabled Cyber Threats: Enhancing Decision-Making under Uncertainty with Bayesian Networks
Artificial intelligence AI is increasingly being used to augment and automate cyber operations, altering the scale, speed, and accessibility of malicious activity. These shifts raise urgent questions about when AI systems introduce unacceptable or intolerable cyber risk, and how risk thresholds...
CVE-2025-65553
D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel. An attacker within RF range can transmit continuous interference to block sensor transmissions, resulting in missed alarms and loss of security monitoring. The device lacks jamming...
UAT-7290 targets high value telecommunications infrastructure in South Asia
Cisco Talos is disclosing a sophisticated threat actor we track as UAT-7290, who has been active since at least 2022. UAT-7290 is tasked with gaining initial access as well as conducting espionage focused intrusions against critical infrastructure entities in South Asia. UAT-7290's arsenal includ...
Scattered Spider: Rapid7 Insights, Observations, and Recommendations
Overview of Scattered Spider and recent activity Scattered Spider also tracked as UNC3944, Scatter Swine, Muddled Libra, among other aliases is a financially motivated cybercriminal group active since at least May 2022. The group is notorious for targeting large enterprises — especially...
Neuromorphic Mimicry Attacks Exploiting Brain-Inspired Computing for Covert Cyber Intrusions
Neuromorphic computing, inspired by the human brain's neural architecture, is revolutionizing artificial intelligence and edge computing with its low-power, adaptive, and event-driven designs. However, these unique characteristics introduce novel cybersecurity risks. This paper proposes...
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions
Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific APAC and Latin American LATAM regions. "Th...
The Impact of Supply Chain Attacks on the Global Landscape
Background From the Silk Road’s ancient trade routes to today’s global networks, supply chains have shaped empires, fueled revolutions, and driven economies. Now, in an age of digital transformation, they’ve evolved from logistical backbones into dynamic, tech-driven ecosystems. Powered by digita...
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visu...
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
The U.S. Federal Bureau of Investigation FBI has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed...
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper aka SnipBot or RomCom...
CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager LTM module to conduct reconnaissance of target networks. It said the module is being used to...
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat APT threat actor likely affiliated with the Ministry of Intelligence and Security MOIS is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker...
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default, without any configuration option. This behavior can expose private network resources to unauthorized external access, leading to significant security...
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...
CVE-2024-6221 Improper Access Control in corydolphin/flask-cors
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...