The new strategy identifies cyber operations linked to China, Russia, and North Korea as significant threats. These attacks have targeted public institutions, private companies, and essential services, leveraging advanced technologies like AI.

The Nomani investment scam has surged by 62%, utilizing AI deepfake ads on social media platforms to deceive users. This alert provides an overview of the scam's tactics, improvements in AI-generated content, and the broader implications of ad fraud.

The vulnerabilities in Mitsubishi Electric Air Conditioning Systems could potentially allow unauthorized access or control over the systems, leading to disruptions in operations and potential safety hazards.

The NIST and The MITRE Corporation have announced a $20 million initiative to establish two new research centers focused on artificial intelligence (AI) and its impact on cybersecurity for U.S. critical infrastructure.

The Webrat malware campaign is actively targeting inexperienced security professionals and students by disguising itself as exploits for high-profile vulnerabilities. The campaign exploits vulnerabilities with high CVSSv3 scores.

The Chinese-speaking crypto scam markets on Telegram, specifically Tudou Guarantee and Xinbi Guarantee, have become the largest darknet markets in history. These markets facilitate nearly $2 billion in monthly transactions.

React2Shell is a critical RCE vulnerability affecting React Server Components and the React Flight protocol. This vulnerability allows unauthenticated attackers to execute arbitrary code on vulnerable servers through a single crafted HTTP request.

Uzbekistan's nationwide license plate surveillance system has been exposed to the internet without a password. This lapse reveals the real-time locations of surveillance cameras and millions of photos and videos of vehicles.

MongoDB has issued an urgent advisory for IT administrators to patch a critical remote code execution (RCE) vulnerability, CVE-2025-14847. This flaw affects multiple versions of MongoDB and MongoDB Server.

The CISA has added a critical vulnerability in the Digiever DS-2105 Pro network video recorder to its Known Exploited Vulnerabilities catalog. This vulnerability, identified as CVE-2023-52163, has a CVSS score of 8.8.