惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园 - 司徒正美
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
腾讯CDC
WordPress大学
WordPress大学
爱范儿
爱范儿
GbyAI
GbyAI
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 聂微东
Google DeepMind News
Google DeepMind News
Recent Announcements
Recent Announcements
Latest news
Latest news
Last Week in AI
Last Week in AI
V2EX - 技术
V2EX - 技术
I
InfoQ
N
News | PayPal Newsroom
SecWiki News
SecWiki News
Microsoft Azure Blog
Microsoft Azure Blog
美团技术团队
T
Troy Hunt's Blog
H
Hacker News: Front Page
S
SegmentFault 最新的问题
TaoSecurity Blog
TaoSecurity Blog
V
Visual Studio Blog
Martin Fowler
Martin Fowler
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园_首页
S
Security @ Cisco Blogs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
小众软件
小众软件
L
LangChain Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
T
Tor Project blog
L
LINUX DO - 热门话题
月光博客
月光博客
S
Schneier on Security
Y
Y Combinator Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
P
Proofpoint News Feed
Forbes - Security
Forbes - Security
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Hugging Face - Blog
Hugging Face - Blog
A
Arctic Wolf
Webroot Blog
Webroot Blog
博客园 - 叶小钗
F
Fortinet All Blogs
S
Securelist
AI
AI
B
Blog RSS Feed
Security Latest
Security Latest

CyberScoop

Security researchers find stalkers abusing Chrome's sync feature SonicWall customers under threat as attackers exploit 2 zero-days Dems press DNI nominee Jay Clayton on election security questions, but leave dismayed Forget the model. When it comes to cybersecurity, it’s all about the harness White House details ‘Gold Eagle’ clearinghouse for AI cyber threats Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record Treasury sanctions First VPN Service, others for abetting ransomware gangs States are building their own election defense networks as federal support evaporates Europe strikes out against Russia’s Turla over espionage, ‘destructive attacks’ Officials once again warn defenders that Russian hackers are targeting network devices AI-generated code has made security debt a governance problem Armenian national pleads guilty to Ryuk ransomware attacks CISA looks to remedy ailments from big May credential leak Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail Interpol cybercrime crackdown nets 5,800 arrests across 97 countries 764 splinter group leader sentenced to 40 years in jail French nonprofit starts global intelligence and research hub for AI cyber threats Found fast, fixed slow: The gap the AI clearinghouse must close Spain arrests suspected hacker linked to Russian hacktivist campaign Deepfake CSAM lawsuit against xAI, Grok expands Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities US Army websites defaced with pro-Kurdish sentiments, insults to Trump Sysdig clocks first documented case of agentic ransomware Finding vulnerabilities was never the hard part Someone infected a spyware probe overseer with spyware Alleged longstanding member of Scattered Spider extradited to US Researchers spot exploitation of another critical Oracle defect U.S. lifting export control restrictions on Anthropic’s Mythos, Fable This phishing kit looks more like BEC-as-a-service Citrix patches a new NetScaler flaw with echoes of CitrixBleed Trump budget boss Russell Vought open to re-staffing CISA DHS to unveil replacement council for critical infrastructure cybersecurity How ransomware syndicates weaponize corporate-style organization Warner bill would create federally vetted list for secure, trustworthy AI agents Supreme Court approves mail-in ballots that arrive after Election Day Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling What the post-quantum executive order really demands of CISOs ATF cancels controversial commercial geolocation contract FCC passes new cybersecurity rules for emergency systems, undersea cables Federal court rules Trump election-focused executive order illegal Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack Why patch directives only go so far Malicious hackers exploit Cisco zero-day for highest access level at communications service provider In a first, a court takedown goes after two cybercrime tools at once Open-source security is posing challenges governments can't easily solve Justice Department seizes infrastructure used by cyber scam and criminal marketplace Algerian man charged with running two cybercrime marketplaces Court rules SAVE database illegal, orders it dismantled Trump executive orders speed up post-quantum migration, boost industry Intel agencies: Frontier AI models will reshape cybersecurity faster than expected Authorities disrupt Evil Corp’s SocGholish botnet Congress tees up No FAKES Act, aiming at AI-generated deepfakes How software development's speed obsession enabled TeamPCP’s chaos crusade Accenture shells out $4.18B on three companies in big industrial cybersecurity push Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April Lawmakers leary about Trump administration’s Anthropic order AI’s constant patching treadmill can be a security problem A case for how to shape ‘ingredient lists’ for AI models Google exposes China espionage group that’s been lurking in networks undetected since 2023 Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat Anthropic disables new models after government calls them a national security concern FBI takes down massive China-based cybercrime network that caused $1.9B in losses US, France, and Italian authorities shut down massive deepfake porn site Conti ransomware group member pleads guilty, faces up to 20 years in prison ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw CyberCorps is adapting to AI. The budget isn’t keeping up. Russian national charged in connection with Void Blizzard espionage campaign OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers CISA directive orders agencies to prioritize vulnerability patching in a new way Microsoft breaks Patch Tuesday record with 206 vulnerabilities Anthropic’s new model is Mythos on a leash CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector Cisco customers encounter another SD-WAN zero-day under attack Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint The AI security race needs accountability, not overregulation Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away Hill Dems hammer GOP for $250M CISA budget cut Your AI agent could become your biggest insider threat Inside the race to adapt to an AI-powered security world European authorities crack down on illegal streaming networks DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels DOD wants to integrate cyber in all operations, and integrate security into AI Trump administration releases scaled-back AI executive order Anthropic expanding access to Project Glasswing Attackers are exploiting Palo Alto Networks defect that initially flew under the radar Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 Federal audit reveals NIST’s NVD is plagued by poor planning and duplication House panel poised to hold hearing centered on AI impact on cyber Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket Zapier fixes bug chain that researchers say risked widespread account takeover OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain Apple open-sources quantum-resistant encryption code White House charts new course for federal agencies and cybersecurity logging Anthropic: Mythos finds more than 10,000 software flaws in first month
Election threats are focused on campaign systems, not voting machines
Greg Otto · 2026-06-01 · via CyberScoop

Cybersecurity threats to the 2026 midterm elections are targeting the accounts and platforms that campaigns, donors and voters use to communicate, according to a security report released Monday by Check Point Software Technologies.

So far in this election cycle, threats are not aimed at voting machines or ballot-counting systems. Instead, threat actors are going after the email accounts, websites and fundraising platforms that election organizations depend on.

Jeremy Fuchs, a campaign manager for Check Point, told CyberScoop that the report’s core findings reflect a broader trend in cybersecurity: Bad actors are using AI to make their attacks larger and more effective.

“The barrier to entry is lower and the quality is so much higher than it was three years ago, 10 years ago, that everything is going to look more realistic and it’s going to be more effective at accomplishing whatever goals [attackers] have,” he said.

Email remains the easiest way for hackers to perpetuate election-related schemes. Check Point found that 82% of malicious attacks arrive through email, where threat actors covertly trick users into handing over their passwords for major fundraising sites. Approximately 9,500 stolen passwords were tied to ActBlue, which collects donations for Democratic candidates. Approximately 6,500 were linked to WinRed, a Republican fundraising platform.

Fuchs noted that this information may not be directly used for election-related schemes, yet could be leveraged for opportunistic follow-on attempts at accessing other accounts.

“Whenever an exposure like this happens, whether it’s with a political site or not, oftentimes it’s saved for later,” he said. “If I have your email and password, if I have your phone number, I can just start an attack, a simple phishing attack that has nothing to do with the election right now.”

Threat actors are also registering many new websites with election-related names. In January, about 1,300 new websites included the word “election” and about 4,010 included the word “vote.” These websites can be used for phishing scams, where hackers trick people into giving up their passwords by pretending to be legitimate election organizations.

Fuchs noted that not every website may turn out to be malicious, but the speed with which these sites have been established — especially when legitimate campaign sites have been running years before an election — has led researchers to believe that the majority will be used for nefarious purposes. 

“If you’re spinning up these websites very quickly and at scale, there’s a reason for it,” he said. 

Misinformation and manipulated content present another layer of concern, especially as AI-generated political content has become increasingly visible in the 2026 cycle. Earlier this month, OpenAI rolled out a suite of tools and safeguards that’s meant to provide a layer of security for this particular election cycle.

Fuchs said this AI-powered manipulation is only going to grow as we get closer to Election Day, and as the models get better, so too will actors’ ability to deceive people with fake content. 

“It’s really hard to make sense of these things when the AI, and the attacks, have just become so good,” he said. “It was hard when they weren’t good. So now imagine how much harder it’s going to be when it is good, and it’s continuing to get better and better.” 

Fuchs warned that the speed at which AI-powered election threats are evolving presents a challenge that extends beyond technical defenses, saying that the true challenge lies in a threat landscape that’s changing faster than public understanding can keep pace.

“There’s so much more that we as a society can truly fathom,” he told CyberScoop. Generative AI “is moving so fast. It’s getting so good. And if we’re not having those conversations about, ‘hey, this is how things might change,’ all this stuff is just going to continue to get more difficult and more difficult. And it’s going to flare at these inflection points, whether an election is kind of the perfect place for it, because there’s just so much at stake for so many people.”

You read the full report on Check Point’s website

Update, 6/2/2026, 4:30 p.m.: This story has been amended to further clarify how threat actors are obtaining passwords for campaign donation sites.