Cybersecurity News Feed

Startup Spotlight: Twine Security Tackles the Execution Gap

The company, one of four finalists in this year's Black Hat USA Startup Spotlight competition, uses multi-agent system to build AI Digital Employees.

Anthropic AI Used to Automate Data Extortion Campaign

The company said the threat actor abused its Claude Code service to "an unprecedented degree," automating reconnaissance, intrusions, and cr...

'ZipLine' Phishers Flip Script as Victims Email First

"ZipLine" appears to be a sophisticated and carefully planned campaign that has already affected dozens of small, medium, and large organiza...

Nevada's State Agencies Shutter in Wake of Cyberattack

In response to a cyberattack that was first detected on Sunday, the governor shut down in-person services for state offices while restoration efforts ...

China Hijacks Captive Portals to Spy on Asian Diplomats

The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites.

Google: Salesforce Attacks Stemmed From Third-Party App

A group tracked as UNC6395 engaged in "widespread data theft" via compromised OAuth tokens from a third-party app called Salesloft Drift.

Storm-0501 Hits Enterprise With 'Cloud-Based Ransomware' Att...

The financially motivated threat group used cloud resources to conduct a complex, ransomware-style attack against an enterprise victim.

AI-Powered Ransomware Has Arrived With 'PromptLock'

Researchers raise the alarm that a new, rapidly evolving ransomware strain uses an OpenAI model to render and execute malicious code in real time, ush...

African Law Enforcement Agencies Nab Cybercrime Syndicates

African nations work with Interpol and private-sector partners to disrupt cybercriminal operations on the continent, but more work needs to be done.

Hackers Lay in Wait, Then Knocked Out Iran Ship Comms

Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list.

FTC Chair Tells Tech Giants to Hold the Line on Encryption

The chairman sent letters out to companies like Apple, Meta, and Microsoft, advising them not to adhere to the demands of foreign governments to weake...

ClickFix Attack Tricks AI Summaries Into Pushing Malware

Because instructions appear to come from AI-generated content summaries and not an external source, the victim is more likely to follow them without s...

Fast-Spreading, Complex Phishing Campaign Installs RATs

Attackers not only steal credentials but also can maintain long-term, persistent access to corporate networks through the global campaign.

Securing the Cloud in an Age of Escalating Cyber Threats

As threats intensify and cloud adoption expands, organizations must leave outdated security models behind.

Silk Typhoon Attacks North American Orgs in the Cloud

A Chinese APT is going where most APTs don't: deep into the cloud, compromising supply chains and deploying uncommon malware.

ReVault Flaw Exposed Millions of Dell Laptops to Malicious D...

A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware ru...

Apple Intelligence Is Picking Up More User Data Than Expecte...

Music tastes, location information, even encrypted messages — Apple's servers are gathering a "surprising" amount of personal data through A...

Interpol Arrests Over 1K Cybercriminals in 'Operation Sereng...

The operation disrupted countless scams, and authorities seized a significant amount of evidence and recovered nearly $100 million in lost funds.

Apple Patches Zero-Day Flaw Used in 'Sophisticated' Attack

CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," which could signify spyware or nation-state h...

The Growing Challenge of AI Agent and NHI Management

The growing ecosystem of agents, chatbots, and machine credentials that outnumber human users by an order of magnitude is creating a poorly understood...

Insurers May Limit Payments in Cases of Unpatched CVEs

Some insurers look to limit payouts to companies that don't remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don't...

Do Claude Code Security Reviews Pass the Vibe Check?

AI-assisted security reviews from Anthropic and others could help level up enterprise application security in the era of vibe coding.

Personal Liability, Security Becomes Bigger Issues for CISOs

While the furor from CISO prosecutions has died down, worries continue over a lack of liability protections and potential targeting by cybercriminals ...

System Shocks? EV Smart Charging Tech Poses Cyber-Risks

Trend Micro's Salvatore Gariuolo talks with the Black Hat USA 2025 News Desk about how the new ISO 15118 standard for electric vehicle smart charging ...

Scattered Spider Member Sentenced to a Decade in Prison

Noah Michael Urban, 20, was one of several members of the Scattered Spider collective who were arrested and charged in 2024 in connection with high-pr...

Easy ChatGPT Downgrade Attack Undermines GPT-5 Security

By using brief, plain clues in their prompts that are likely to influence the app to query older models, a user can downgrade ChatGPT for malicious en...

Why Video Game Anti-Cheat Systems Are a Cybersecurity Goldmi...

Sam Collins and Marius Muench of the University of Birmingham, UK, join the Black Hat USA 2025 News Desk to explain how anti-cheat systems in video ga...

How Architectural Controls Help Can Fill the AI Security Gap

NCC Group's David Brauchler III shared how foundational controls and threat modeling strategies can help secure agentic AI tools in ways traditional g...

Hackers Abuse VPS Infrastructure for Stealth, Speed

New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and f...

K-12 School Incident Response Plans Fall Short

Quick recovery relies on three security measures.

Tree of AST: A Bug-Hunting Framework Powered by LLMs

Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitatio...

Prepping the Front Line for MFA Social Engineering Attacks

Attackers will continue to evolve, and the help desk will always be a target. But with the right mix of training, support, and trust, frontline agents...

Tailing Hackers, Columbia University Uses Logging to Improve...

Logging netflows provided valuable insight about attacker tactics during a breach by state-sponsored hackers targeting Columbia's research labs.

DARPA: Closing the Open Source Security Gap With AI

DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at s...

Hacktivist Tied to Multiple Cyber Groups Sentenced to Jail

At one point, Al-Tahery Al-Mashriky was hacking thousands of websites within the span of three months while stealing personal data and sensitive infor...

DPRK, China Suspected in South Korean Embassy Attacks

Detailed spear-phishing emails sent to European government entities in Seoul are being tied to North Korea, China, or both.

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Researchers highlight how Warlock, a new ransomware heavyweight, uses its sophisticated capabilities to target on-premises SharePoint instances.

Cybercriminals Abuse Vibe Coding Service to Create Malicious...

Some LLM-created scripts and emails can lower the barrier of entry for low-skill attackers, who can use services like Lovable to create convincing, ef...

FBI, Cisco Warn of Russian Attacks on 7-Year-Old Flaw

In the past year, "Static Tundra," aka "Energetic Bear," has breached thousands of end-of-life Cisco devices unpatched against a 2...

Side of Fries With That Bug? Hacker Finds Flaws in McDonald'...

Exposure of APIs, sensitive data, and corporate documents are just some of the security issues that the purveyor of Big Macs was cooking up.

How Outer Space Became the Next Big Attack Surface

VisionSpace Technologies' Andrzej Olchawa and Milenko Starcik discussed a set of vulnerabilities capable of ending space missions at the Black Hat USA...

Incode Acquires AuthenticID to Enhance AI-Driven Identity Ve...

The combination of Incode's AI models and AuthenticID's experience running identity programs at scale in regulated environments will provide customers...

Europe's Ransomware Surge Is a Warning Shot for US Defenders

We can strip attackers of their power by implementing layered defenses, ruthless patch management, and incident response that assumes failure and prio...

Asian Orgs Shift Cybersecurity Requirements to Suppliers

The uptick in breaches in Asia has prompted a Japanese chipmaker and the Singaporean government to require vendors to pass cybersecurity checks to do ...

Russian Hacktivists Take Aim at Polish Power Plant, Again

This attack was seemingly more successful than the first iteration, causing disruptions at the plant.

Agentic AI, Apple Intelligence, EV Chargers: Everyday Cybers...

Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of th...

How to Vibe Code With Security in Mind

As more organizations integrate vibe coding and AI-assisted coding into their application development processes, it's important to remember to put sec...

'RingReaper' Sneaks Right Past Linux EDRs

The highly sophisticated post-compromise tool abuses the Linux kernel's io_uring interface to remain hidden from endpoint detection and response syste...

AI Agents Access Everything, Fall to Zero-Click Exploit

Zenity CTO Michael Bargury joins the Black Hat USA 2025 News Desk to discuss research on a dangerous exploit, how generative AI technology has "g...

Millions Allegedly Affected in Allianz Insurance Breach

Have I Been Pwned claims that the compromised data includes physical addresses, dates of birth, phone numbers, and more, for life insurance customers.

PipeMagic Backdoor Resurfaces as Part of Play Ransomware Att...

Attackers are wielding the sophisticated modular malware while exploiting CVE-2025-29824, a previously zero-day flaw in Windows Common Log File System...

10 Major GitHub Risk Vectors Hidden in Plain Sight

By addressing these overlooked risk vectors, organizations can continue leveraging GitHub's innovation while protecting against sophisticated supply c...

'DripDropper' Hackers Patch Their Own Exploit

An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the f...

Noodlophile Stealer Hides Behind Bogus Copyright Complaints

Noodlophile is targeting enterprises in spear-phishing attacks using copyright claims as phishing lures.

Workday Breach Likely Linked to ShinyHunters Salesforce Atta...

The HR giant said hackers mounted a socially engineered cyberattack on its third-party CRM system but did not gain access to customer information; onl...

How Evolving RATs Are Redefining Enterprise Security Threats

A more unified and behavior-aware approach to detection can significantly improve security outcomes.

Internet-wide Vulnerability Enables Giant DDoS Attacks

A good chunk of all websites today have been affected by the biggest DDoS risk on the Web since 2023.

Defending Against Cloud Threats Across Multicloud Environmen...

The vast majority of companies are using more than one cloud platform, yet struggle to establish and monitor security across different environments gi...

RealDefense Opens $10M Fund to Help OEMs Monetize Installs W...

New Crypto24 Ransomware Attacks Bypass EDR

While several cybercrime groups have embraced "EDR killers," researchers say the deep knowledge and technical skills demonstrated by Crypto2...

Colt Telecommunications Struggles in Wake of Cyber Incident

The UK telco said it temporarily took some systems offline as a "protective" measure in its investigation.

Using Security Expertise to Bridge the Communication Gap

Cybersecurity-focused leadership delivers better products and business outcomes.

Water Systems Under Attack: Norway, Poland Blame Russia Acto...

Water and wastewater systems have become a favored target of nation-state actors, drawing increasing scrutiny following attacks on systems in multiple...

Downgrade Attack Allows Phishing Kits to Bypass FIDO

You probably can't break FIDO authentication. Still, researchers have shown that there are ways to get around it.

State and Local Leaders Lobby Congress for Cybersecurity Res...

Federal funding cuts to the Multi-State Information Sharing and Analysis Center (MS-ISAC) are about to leave more than 18,000 state and local organiza...

Police & Government Email Access for Sale on Dark Web

Cybercriminals are auctioning off live email credentials, giving other criminals access to sensitive systems, confidential intelligence, and, potentia...

CISA Warns N-able Bugs Under Attack, Patch Now

Two critical N-able vulnerabilities enable local code execution and command injection; they require authentication to exploit, suggesting they wouldn'...

Cybersecurity Spending Slows & Security Teams Shrink

Security budgets are lowest in healthcare, professional and business services, retail, and hospitality, but budget growth remained above 5% in financi...

Navigating the Cybersecurity Budget Tug-of-War

Companies ready to move beyond reactive defense and toward full-spectrum protection need to invest in strategies that rally around resiliency, unified...

North Korea Attacks South Koreans With Ransomware

DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once.

Fortinet Products Are in the Crosshairs Again

The company disclosed a critical FortiSIEM flaw with a PoC exploit for it the same week researchers warned of an ominous surge in malicious traffic ta...

Whispers of XZ Utils Backdoor Live on in Old Docker Images

Developers maintaining the images made the "intentional choice" to leave the artifacts available as "a historical curiosity," give...

Popular AI Systems Still a Work-in-Progress for Security

According to a recent Forescout analysis, open source models were significantly less successful in vulnerability research than commercial and undergro...

Patch Now: Attackers Target OT Networks via Critical RCE Fla...

Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastruct...

What the LockBit 4.0 Leak Reveals About RaaS Groups

The leak serves as a wake-up call: Being prepared is the cornerstone of a successful defense, and those who don't prepare are going to face uncertaint...

How an AI-Based 'Pen Tester' Became a Top Bug Hunter on Hack...

AI researcher explains how an automated penetration-testing tool became the first non-human member on HackerOne to reach the top of the platform's US ...

China Questions Security of AI Chips From NVIDIA, AMD

The US banned the sale of AI chips to China and then backed off. Now, Chinese sources are calling on NVIDIA to prove its AI chips have no backdoors.

Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tues...

The company's August security update consisted of patches for 111 unique Common Vulnerabilities and Exposures (CVEs).

Charon Ransomware Emerges With APT-Style Tactics

The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China...

How to Stay a Step Ahead of a Non-Obvious Threat

Securing business logic isn't just a technical requirement — it's a business imperative.

ShinyHunters Tactics Now Mirror Scattered Spider

There's growing evidence that two of arguably the most dangerous cybercrime groups out there are tag-teaming big targets.

BlackSuit Ransomware Takes an Infrastructure Hit From Law En...

A swarm of US agencies joined with international partners to take down servers and domains and seize more than $1 million associated with BlackSuit (R...

REvil Actor Accuses Russia of Planning 2021 Kaseya Attack

REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian gover...

Echo Chamber, Prompts Used to Jailbreak GPT-5 in 24 Hours

Researchers paired the jailbreaking technique with storytelling in an attack flow that used no inappropriate language to guide the LLM into producing ...

Utilities, Factories at Risk From Encryption Holes in Indust...

The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be ...

Will Secure AI Be the Hottest Career Path in Cybersecurity?

Securing AI systems represents cybersecurity's next frontier, creating specialized career paths as organizations grapple with novel vulnerabilities, r...

60 RubyGems Packages Steal Data From Annoying Spammers

A Dark Web antihero has been stealing and then reselling credentials from unsavory online characters. Their motives are questionable, but the schadenf...

BigID Launches Shadow AI Discovery to Uncover Rogue Models a...

PwC Announces Addition of Morgan Adamski to Leadership of Cy...

Ransomware Attacks Fall by Almost Half in Q2

Cybersecurity Incident at Allianz Life Exposes Personal Info...

860K Compromised in Columbia University Data Breach

While no data has yet to be misused, the university doesn't rule out the possibility of that occurring in the future, prompting it to warn affected in...

Redefining the Role: What Makes a CISO Great

Security is everyone's responsibility, but as a CISO, it starts with you.

Data Dump From APT Actor Yields Clues to Attacker Capabiliti...

The tranche of information includes data on recent campaigns, attack tools, compromised credentials, and command files used by a threat actor believed...

Attackers Target the Foundations of Crypto: Smart Contracts

A whole criminal ecosystem revolves around scamming users out of their cryptocurrency assets, but malicious — or vulnerable — smart contracts could be...

Silver Fox APT Blurs the Line Between Espionage & Cyberc...

Silver Fox is the Hannah Montana of Chinese threat actors, effortlessly swapping between petty criminal and nation-state-type attacks.

Air France, KLM Alert Authorities of Data Breach

While no sensitive financial data like credit card information was compromised, the threat actors were able to get away with names, email addresses, p...

Privilege Escalation Issue in Amazon ECS Leads to IAM Hijack...

A software developer discovered a way to abuse an undocumented protocol in Amazon's Elastic Container Service to escalate privileges, cross boundaries...

'Samourai' Cryptomixer Founders Plead Guilty to Money Launde...

As part of their plea deal, the cybercriminal founders will also have to forfeit more than $200 million.

Citizen Lab Founder Flags Rise of US Authoritarianism

Citizen Lab director and founder Ron Deibert explained how civil society is locked in "vicious cycle," and human rights are being abused as ...

Payback: 'ShinyHunters' Clocks Google via Salesforce

In 2024, it was Snowflake. In 2025, it's Salesforce. ShinyHunters is back, with low-tech hacks that nonetheless manage to bring down international meg...

The Critical Flaw in CVE Scoring

With informed decision-making, organizations can strengthen their overall resilience and maintain the agility needed to adapt to emerging threats, wit...

Chanel Alerts Clients of Third-Party Breach

The fashion house is added to a list of other companies that have been impacted by similar breaches, including Tiffany & Co. and Louis Vuitton.

Researcher Deploys Fuzzer to Test Autonomous Vehicle Safety

As autonomous vehicles continue to evolve, new research highlights the importance of rigorous security testing to protect against both intentional att...

Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Passwo...

Secrets managers hold all the keys to an enterprise's kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities.

'ReVault' Security Flaws Impact Millions of Dell Laptops

The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.

VexTrio Cybercrime Outfit Run by Legit Ad Tech Firms

New research reveals that a malicious traffic distribution system (TDS) is run not by "hackers in hoodies," but by a series of corporations ...

Google Gemini AI Bot Hijacks Smart Homes, Turns Off the Ligh...

Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected ...

Attackers Exploit Critical Trend Micro Apex One Zero-Day Fla...

Two critical vulnerabilities affect the security vendor's management console, one of which is under active exploitation. The company has updated cloud...

What CMMC 3.0 Really Means for Government Contractors

The ultimate goal of CMMC 3.0 is not just compliance — it's resilience.

Phishers Abuse Microsoft 365 to Spoof Internal Users

The "Direct Send" feature simplifies internal message delivery for trusted systems, and the campaign successfully duped both Microsoft Defen...

With Eyes on AI, African Orgs Push Security Awareness

Against the backdrop of the artificial intelligence surge, most African organizations have some form of cybersecurity awareness training but fail to t...

To Raise or Not to Raise: Bootstrapped Founders Share Their ...

A trio of startup founders — GreyNoise's Andrew Morris, Thinkst Canary's Haroon Meer, and runZero's HD Moore — agree that raising venture capital fund...

Pandora Confirms Third-Party Data Breach, Warns of Phishing ...

The jewelry retailer is warning customers that their data can and might be used maliciously.

RCE Flaw in AI-Assisted Coding Tool Poses Software Supply Ch...

A critical vulnerability in the trust model of Cursor, a fast-growing tool for LLM-assisted development, allows for silent and persistent remote code ...

Cisco User Data Stolen in Vishing Attack

The networking giant said this week that an employee suffered a voice phishing attack that resulted in the compromise of select user data, including e...

Why the Old Ways Are Still the Best for Most Cybercriminals

While the cybercrime underground has professionalized and become more organized in recent years, threat actors are, to a great extent, still using the...

Google Chrome Enterprise: More Than an Access Point to the W...

In a conversation with Dark Reading's Terry Sweeney, Lauren Miskelly from Google explains that Chrome Enterprise is the same Chrome browser that consu...

Nvidia Patches Critical RCE Vulnerability Chain

The flaws in the company's Triton Inference Server enables model theft, data leaks, and response manipulation.

CISA & FEMA Announce $100M+ in Community Cybersecurity G...

The grants are intended to help states, tribes, and localities enhance their cybersecurity resilience by providing them with monetary resources to red...

Threat Actors Increasingly Leaning on GenAI Tools

From "eCrime" actors to fake IT tech workers, CrowdStrike researchers found that adversaries are using AI to enhance their offensive cyber o...

Darktrace Acquires Mira Security

42% of Developers Using AI Say Their Codebase is Now Mostly ...

Akira Ramps Up Assault on SonicWall Firewalls, Suggesting Ze...

An uptick of ransomware activity by the group in late July that uses the vendor's SSL VPN devices for initial intrusion shows evidence of an as-yet-un...

Turning Human Vulnerability Into Organizational Strength

Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and th...

GITEX GLOBAL 2025

Dark Reading News Desk Turns 10, Back at Black Hat USA for 2...

Dark Reading's 2025 News Desk marks a decade of Black Hat USA memories. We're making our return with a slate of interviews that help you stay up on th...

LLMs' AI-Generated Code Remains Wildly Insecure

Security debt ahoy: Only about half of the code that the latest large language models (LLMs) create is cybersecure, and more and more of it is being c...

Building the Perfect Post-Security Incident Review Playbook

By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizat...

Male-Dominated Cyber Industry Still Holds Space for Women Wi...

When trying to crack your way into a cyber career, true passion and a bold love of the industry is a must, if you want to set yourself apart from hund...

New 'Shade BIOS' Technique Beats Every Kind of Security

What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it?

ISC2 Launches New Security Certificate for AI Expertise

The six-course program cover topics such as AI fundamentals, ethics, and risks.

SIEMs: Dying a Slow Death or Poised for AI Rebirth?

The SIEM market is at a pivotal point as XDR platforms and generative AI shake up the security analytics space.

Gen Z Falls for Scams 2x More Than Older Generations

Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel th...

DragonForce Ransom Cartel Profits Off Rivals' Demise

The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs.

SafePay Claims Ingram Micro Breach, Sets Ransom Deadline

The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach.

3 Things CFOs Need to Know About Mitigating Threats

To reposition cybersecurity as a strategic, business-critical investment, CFOs and CISOs play a critical role in articulating the significant ROI that...

Russia's Secret Blizzard APT Gains Embassy Access via ISPs

An ongoing AitM campaign by the infamous Moscow-sponsored cyber-threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoo...

Getting a Cybersecurity Vibe Check on Vibe Coding

Following a number of high-profile security and development issues surrounding the use of LLMs and GenAI to code and create applications, it's worth t...

What the Coinbase Breach Says About Insider Risk

The lesson from the breach is not just about what went wrong — but what could have gone right.

Dark Reading Confidential: Funding the CVE Program of the Fu...

Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn't doing e...

Low-Code Tools in Microsoft Azure Allowed Unprivileged Acces...

Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.

Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps

A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions.

Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed ...

An unsealed indictment associated with the Chinese threat group shows its members worked for companies closely aligned with the PRC as part of a large...

The CrowdStrike Outage Was Bad, but It Could Have Been Worse

A year after the largest outage in IT history, organizations need to make an active effort to diversify their technology and software vendors and crea...

ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Att...

A brand-new cyberattack vector allows threat actors to use a poisoned browser extension to inject malicious prompts into all of the top generative AI ...

African Orgs Fall to Mass Microsoft SharePoint Exploits

The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-...

Nimble 'Gunra' Ransomware Evolves With Linux Variant

The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread ...

Critical Flaw in Vibe-Coding Platform Base44 Exposes Apps

A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44.

The Hidden Threat of Rogue Access

With the right IGA tools, governance policies, and risk thresholds, enterprises can continuously detect and act on rogue access before attackers do.

Supply Chain Attacks Spotted in GitHub Actions, Gravity Form...

Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chain...

Insurance Giant Allianz Life Grapples With Breach Affecting ...

The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around A...

Chaos Ransomware Rises as BlackSuit Gang Falls

Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international l...

Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrat...

A new infostealing malware making the rounds can exfiltrate credentials and other system data even from browsing software considered more privacy-focu...

How to Spot Malicious AI Agents Before They Strike

The rise of agentic AI means the battle of the machines is just beginning. To win, we'll need our own agents — human and machine — working together.

Cyber Career Opportunities: Weighing Certifications vs. Degr...

Longtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.

'Fire Ant' Cyber Spies Compromise Siloed VMware Systems

Suspected China-nexus threat actors targeted virtual environments and used several tools and techniques to bypass security barriers and reach isolated...

AI-Generated Linux Miner 'Koske' Beats Human Malware

AI malware is becoming less of a gimmick, with features that meet or exceed what traditional human-developed malware typically can do.

North Korea's IT Worker Rampage Continues Amid DoJ Action

Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can't afford to assume their appli...

Why Security Nudges Took Off

Nudges can be powerful — but they are not immune to overuse or misapplication.

The Young and the Restless: Young Cybercriminals Raise Conce...

National governments warn that many hacker groups attract young people through a sense of community, fame, or the promise of money and the perception ...

Law Enforcement Cracks Down on XSS — but Will It Last?

The arrest of a suspected administrator for the popular cybercrime forum was one of several enforcement actions in the past week targeting malicious a...

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

Storm-2603, a China-based threat actor, is targeting SharePoint customers in an ongoing ransomware campaign.

Translating Cyber-Risk for the Boardroom

When security leaders embrace this truth and learn to speak in the language of leadership, they don't just protect the enterprise, they help lead it f...

Banking Trojan Coyote Abuses Windows UI Automation

It's the first known instance of malware that abuses the UIA framework and has enabled dozens of attacks against banks and crypto exchanges in Brazil.

Dark Web Hackers Moonlight as Travel Agents

Hackers are using stolen goods such as credit cards and loyalty points to book travel for sometimes unsuspecting clients, and remote workers, SMBs, tr...

Department of Education Site Mimicked in Phishing Scheme

An ongoing phishing campaign is using fake versions of the department's G5 grant portal, taking advantage of political turmoil associated with the DoE...

Stop AI Bot Traffic: Protecting Your Organization's Website

As crawlers and bots bog down websites in the era of AI, some researchers say that the solution for the Internet's most vulnerable websites is already...

US Nuclear Agency Hacked in Microsoft SharePoint Frenzy

Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyber-espionage groups.

Lumma Stealer Is Back & Stealthier Than Ever

The operators of the popular and prolific malware wasted no time in regrouping after an FBI takedown in May, and they're back to their old tricks.

Why ISO 42001 Matters for AI Governance at Scale

How a new international standard is shaping the future of responsible AI development and deployment.

China Introduces National Cyber ID Amid Privacy Concerns

China officially rolled out a voluntary Internet identity system to protect citizens' online identities and personal information, but critics worry ab...

3 China Nation-State Actors Target SharePoint Bugs

Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft's recent disclosure of new vulnerabilities in on-premises editions...

Dell Breached by Extortion Group, Says Data Stolen Was 'Fake...

The World Leaks group accessed and released data from the company's Customer Solution Center, which is separated from customer and partner systems and...

Darktrace Acquires Mira Security for Network Visibility

The acquisition gives the British cybersecurity solutions provider more insights into encrypted network traffic and additional decryption capabilities...

Critical Infrastructure Security Is a Critical Concern

To be truly resilient in the ever-growing threat landscape, organizations need to balance protection with preparation.

Coast Guard Issues Cybersecurity Rule for Maritime Transport...

The cybersecurity requirements follow an extended timeline over the next two years, and are meant to secure US shipping ports from disruption by malic...

China-Backed APT41 Cyberattack Surfaces in Africa

Up to now, the prolific China-sponsored cyber-espionage group has been mostly absent from the region, but a sophisticated and highly targeted attack o...

Malicious Implants Are Coming to AI Components, Applications

A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered...

Europol Sting Leaves Russian Cybercrime's 'NoName057(16)' Gr...

National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers...

Microsoft Rushes Emergency Patch for Actively Exploited Shar...

Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other...

Containment as a Core Security Strategy

We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can af...

'PoisonSeed' Attacker Skates Around FIDO Keys

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get ...

Nearly 2,000 MCP Servers Possess No Security Whatsoever

Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full c...

3 Ways Security Teams Can Minimize Agentic AI Chaos

Security often lags behind innovation. The path forward requires striking a balance.

Firmware Vulnerabilities Continue to Plague Supply Chain

Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed an...

4 Chinese APTs Attack Taiwan's Semiconductor Industry

Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan's most important industrial sector.

Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now

Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month.

Printer Security Gaps: A Broad, Leafy Avenue to Compromise

Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — d...

Armenian Extradited to US Over Ryuk Ransomware

The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.

Why Cybersecurity Still Matters for America's Schools

Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — a...

China-Backed Salt Typhoon Hacks US National Guard for Nearly...

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

ISC2 Finds Orgs Are Increasingly Leaning on AI

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about p...

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infecti...

An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS...

Oracle Fixes Critical Bug in Cloud Code Editor

The bug allowed an attacker an easy way to compromise full suite of developer tools in Oracle Cloud Infrastructure.

Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecuri...

A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empow...

Cognida.ai Launches Codien: An AI Agent to Modernize Legacy ...

Fully Patched SonicWall Gear Under Likely Zero-Day Attack

A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" bac...

Securing the Budget: Demonstrating Cybersecurity's Return

By tying security investments to measurable outcomes — like reduced breach likelihood and financial impact — CISOs can align internal stakeholders and...

Altered Telegram App Steals Chinese Users' Android Data

Using more than 600 domains, attackers entice Chinese-speaking victims to download a vulnerable Telegram app that is nearly undetectable on older vers...

Lessons Learned From McDonald's Big AI Flub

McDonald's hiring platform was using its original default credentials and inadvertently exposed information belonging to approximately 64 million job ...

AI Is Reshaping How Attorneys Practice Law

Experts recommend enhanced AI literacy, training around the ethics of using AI, and verification protocols to maintain credibility in an increasingly ...

AsyncRAT Spawns Concerning Labyrinth of Forks

Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprin...

Attackers Abuse AWS Cloud to Target Southeast Asian Governme...

The intelligence-gathering cyber campaign introduces the novel HazyBeacon backdoor and uses legitimate cloud communication channels for command-and-co...

How Criminal Networks Exploit Insider Vulnerabilities

Criminal networks are adapting quickly, and they're betting that companies won't keep pace. Let's prove them wrong.

MITRE Launches AADAPT Framework for Financial Systems

The new framework is modeled after and meant to complement the MITRE ATT&CK framework, and it is aimed at detecting and responding to cyberattacks...

Web-Inject Campaign Debuts Fresh Interlock RAT Variant

A cyber-threat campaign is using legitimate websites to inject victims with remote access Trojans belonging to the Interlock ransomware group, in orde...

Military Veterans May Be What Cybersecurity Is Looking For

As the field struggles with a shortage, programs that aim to provide veterans with the technical skills needed to succeed in cybersecurity may be the ...

Google Gemini AI Bug Allows Invisible, Malicious Prompts

A prompt-injection vulnerability in the AI assistant allows attackers to create messages that appear to be legitimate Google Security alerts but inste...

The Dark Side of Global Power Shifts & Demographic Decli...

As global power realigns and economies falter, the rise in cybercrime is no longer hypothetical — it's inevitable.

Pay2Key Ransomware Gang Resurfaces With Incentives to Attack...

The ransomware-as-a-service (RaaS) operation, which has been tied to an Iranian advanced persistent threat (APT) group, recently boosted its affiliate...

350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE

Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be vulnerable to an attack chain ca...

As Cyber-Insurance Premiums Drop, Coverage Is Key to Resilie...

Cyber-insurance premiums continue to decline from their explosive growth from 2020 to 2022, but coverage is more important than ever to manage risks, ...

Factoring Cybersecurity Into Finance's Digital Strategy

As financial institutions continue to embrace digital transformation, their success will depend on their ability to establish and maintain robust and ...

Customer, Employee Data Exposed in Nippon Steel Breach

Information from the company's NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn't rule out the possibility that the data...

Digital Fingerprints Test Privacy Concerns in 2025

Digital fingerprinting technology creates detailed user profiles by combining device data with location and demographics, which increases the risks of...

eSIM Bug in Millions of Phones Enables Spying, Takeover

eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that...

Ingram Micro Up and Running After Ransomware Attack

Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.

Agentic AI's Risky MCP Backbone Opens Brand-New Attack Vecto...

Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting ...

4 Arrested in UK Over M&S, Co-op, Harrods Hacks

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scatter...

SIM Swap Fraud Is Surging — and That's a Good Thing

Now it's time to build systems that attackers can't reroute with a phone call.

North American APT Uses Exchange Zero-Day to Attack China

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity a...

An NVIDIA Container Bug & Chance to Harden Kubernetes

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

New AI Malware PoC Reliably Evades Microsoft Defender

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tas...

Rubio Impersonator Signals Growing Security Threat From Deep...

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the increased sophisticat...

Know Your Enemy: Understanding Dark Market Dynamics

To help counter crime, today's organizations require a cyber-defense strategy that incorporates the mindset of the cybercriminal.

SatanLock Next in Line for Ransomware Group Shutdowns

Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.

South Korean Government Imposes Penalties on SK Telecom for ...

Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty ...

Microsoft Patches 137 CVEs in July, but No Zero-Days

Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.

Malicious Open Source Packages Spike 188% YoY

Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable inf...

Suspected Hacker Linked to Silk Typhoon Arrested in Milan

The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, aggravated identity theft, and unauthorized access to protect...

Hackers 'Shellter' Various Stealers in Red-Team Tool to Evad...

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion...

4 Critical Steps in Advance of 47-Day SSL/TLS Certificates

With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions.

TAG-140 Targets Indian Government Via 'ClickFix-Style' Lure

The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader.

Bert Blitzes Linux & Windows Systems

The new ransomware strain's aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments.

DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms

Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.

Ransomware Attack Triggers Widespread Outage at Ingram Micro

The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distribu...

'Hunters International' RaaS Group Closes Its Doors

The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data thef...

Chrome Store Features Extension Poisoned With Sophisticated ...

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects ...

New Cyber Blueprint Aims to Guide Organizations on AI Journe...

Deloitte's new blueprint looks to bridge the gap between the massive push for AI adoption and a lack of preparedness among leaders and employees.

Dark Web Vendors Shift to Third Parties, Supply Chains

As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and so...

Criminals Sending QR Codes in Phishing, Malware Campaigns

The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloadin...

IDE Extensions Pose Hidden Risks to Software Supply Chain

Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Se...

Attackers Impersonate Top Brands in Callback Phishing

Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call ad...

Qantas Airlines Breached, Impacting 6M Customers

Passengers' personal information was likely accessed via a third-party platform used at a call center, but didn't include passport or credit card info...

Initial Access Broker Self-Patches Zero Days as Turf Control

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the...

US Treasury Sanctions BPH Provider Aeza Group

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.

Russian APT 'Gamaredon' Hits Ukraine With Fierce Phishing

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.

ClickFix Spin-Off Attack Bypasses Key Browser Safeguards

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for...

1 Year Later: Lessons Learned From the CrowdStrike Outage

The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactivel...

FileFix Attack Chain Enables Malicious Script Execution

By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them...

Silver Fox Suspected in Taiwanese Campaign Using DeepSeek Lu...

The attack uses sideloading to deliver a variant of the popular Gh0stRAT malware and lures victims by posing — among other things — as a purported ins...

Like SEO, LLMs May Soon Fall Prey to Phishing Scams

Just as attackers have used SEO techniques to poison search engine results, they could rinse and repeat with artificial intelligence and the responses...

LevelBlue Acquires Trustwave, Forms World's Largest Independ...

As the largest managed security services provider, the combined entity will offer cyber consulting, managed detection and response, and incident respo...

Scope, Scale of Spurious North Korean IT Workers Emerges

Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.

Ransomware Reshaped How Cyber Insurers Perform Security Asse...

Cyber insurance companies were forced to adapt once ransomware skyrocketed and highlighted crucial security weaknesses among organizations in all sect...

We've All Been Wrong: Phishing Training Doesn't Work

Teaching employees to detect malicious emails isn't really having an impact. What other options do organizations have?

DoJ Disrupts North Korean IT Worker Scheme Across Multiple U...

The US also conducted searches of 29 "laptop farms" across 16 states and seized 29 financial accounts used to launder funds.

Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Brows...

Separate threats to popular browsers highlight the growing security risk for enterprises presented by the original gateway to the Web, which remains a...

How Businesses Can Align Cyber Defenses With Real Threats

Companies that understand the motivations of their attackers and position themselves ahead of the competition will be in the best place to protect the...

Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sou...

According to a government report, El Chapo's Sinaloa drug cartel used a hacker to spy on people connected to the FBI's 2018 investigation against the ...

Chinese Company Hikvision Banned By Canadian Government

Though the company's video surveillance products will be prohibited for government use, individuals and private businesses can still buy the vendor's ...

Airoha Chip Vulns Put Sony, Bose Earbuds & Headphones at...

The vulnerabilities, which have yet to be published, could allow a threat actor to hijack not only Bluetooth earbuds and headphones but also the devic...

AI-Themed SEO Poisoning Attacks Spread Info, Crypto Stealers

Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.

Why Cybersecurity Should Come Before AI in Schools

The sooner we integrate cybersecurity basics into school curriculum, the stronger and more resilient our children — and their futures — will be.

Top Apple, Google VPN Apps May Help China Spy on Users

Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers...

'CitrixBleed 2' Shows Signs of Active Exploitation

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while ...

Scattered Spider Taps CFO Credentials in 'Scorched Earth' At...

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and S...

Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket ste...

Vulnerability Debt: How Do You Put a Price on What to Fix?

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your over...

US Falling Behind China in Exploit Production

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — whi...

'Cyber Fattah' Hacktivist Group Leaks Saudi Games Data

As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktiv...

'IntelBroker' Suspect Arrested, Charged in High-Profile Brea...

A British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks.

How Geopolitical Tensions Are Shaping Cyber Warfare

In today's cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day.

Charming Kitten APT Tries Spying on Israeli Cybersecurity Ex...

Israel's cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks...

Cloud Repatriation Driven by AI, Cost, and Security

Organizations are moving away from the public cloud and embracing a more hybrid approach due to big changes over the past five years.

And Now Malware That Tells AI to Ignore It?

Though rudimentary and largely non-functional, the wryly named "Skynet" binary could be a harbinger of things to come on the malware front.

Taming Agentic AI Risks Requires Securing Non-Human Identiti...

As the definition of machine identities broadens, AI agents working on behalf of users and gaining access to various services blurs the lines of non-h...

Millions of Brother Printers Hit by Critical, Unpatchable Bu...

A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, ...

CISA Is Shrinking: What Does It Mean for Cyber?

Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecur...

Dire Wolf Ransomware Comes Out Snarling, Bites Technology, M...

The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, includi...

Hundreds of MCP Servers Expose AI Models to Abuse, RCE

The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.

Generative AI Exacerbates Software Supply Chain Risks

Malicious actors are exploiting AI-fabricated software components — presenting a major challenge for securing software supply chains.

XOR Marks the Flaw in SAP GUI

The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user's input history...

Africa Sees Surge in Cybercrime as Law Enforcement Struggles

Cybercrime accounts for more than 30% of all reported crime in East Africa and West Africa, with online scams, ransomware, business email compromise, ...

Threat Actor Trojanizes Copy of SonicWall NetExtender VPN Ap...

A threat actor hacked a version of SonicWall's NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the...

China-Nexus 'LapDogs' Network Thrives on Backdoored SOHO Dev...

The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage inf...

Steel Giant Nucor Confirms Data Stolen in Cyberattack

America's largest steel producer initially disclosed the breach in May and took potentially affected systems offline to investigation the intrusion an...

How the US Military Is Redefining Zero Trust

Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.

Oh! Canada Added to List of Nations Targeted in Salt Typhoon...

The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications compani...

SparkKitty Swipes Pics From iOS, Android Devices

Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device...

'Echo Chamber' Attack Blows Past AI Guardrails

An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate ...

IBM Pushes for More Collaboration Between Security, Governan...

IBM is integrating its governance and AI security tools to address the risks associated with the AI adoption boom.

Citrix Patches Critical Vulns in NetScaler ADC and Gateway

Citrix is recommending its customers upgrade their appliances to mitigate potential exploitation of the vulnerabilities.

DHS Warns of Rise in Cyberattacks in Light of US-Iran Confli...

After President's Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an upti...

Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto ...

The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurren...

A CISO's AI Playbook

In a market where security budgets flatten while threats accelerate, improving analyst throughput is fiscal stewardship.

AWS Enhances Cloud Security With Better Visibility Features

At this week's re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with bet...

Hackers Post Dozens of Malicious Copycat Repos to GitHub

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

Telecom Giant Viasat Is Latest Salt Typhoon Victim

The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly dis...

How Cyber Warfare Changes the Face of Geopolitical Conflict

As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showin...

How to Lock Down the No-Code Supply Chain Attack Surface

Securing the no-code supply chain isn't just about mitigating risks — it's about enabling the business to innovate with confidence.

Security Evolution: From Pothole Repair to Road Building

Instead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster...

Scammers Spread False Support Info Using Legitimate Websites

In a new wrinkle on the tech support scam front, these search parameter injection attacks dupe victims into believing they are receiving technical hel...

Paragon Commercial Spyware Infects Prominent Journalists

An unnamed customer of Paragon's Graphite product used the commercial spyware to target at least two prominent European journalists in recent months.

Iran-Israel War Triggers a Maelstrom in Cyberspace

As Iran closes its cyberspace to the outside world, hacktivists are picking sides, while attacks against Israel surge and spread across the region.

OpenAI Awarded $200M Contract to Work With DoD

OpenAI intends to help streamline the Defense Department's administrative processes using artificial intelligence.

The Triple Threat of Burnout: Overworked, Unsatisfied, Trapp...

Many cybersecurity professionals still don't feel comfortable admitting when they need a break. Yet their pressures continue to expand and involve, of...

GodFather Banking Trojan Debuts Virtualization Tactic

The Android malware is targeting Turkish financial institutions, completely taking over legitimate banking and crypto apps by creating an isolated vir...

New Tool Traps Jitters to Detect Beacons

Concerned by rapidly evolving evasion tactics, the new Jitter-Trap tool from Varonis aims to help organizations detect beacons that help attackers est...

Next-Gen Developers Are a Cybersecurity Powder Keg

AI coding tools promise productivity but deliver security problems, too. As developers embrace "vibe coding," enterprises face mounting risk...

China-Backed Hackers Target SentinelOne in 'PurpleHaze' Atta...

Known threat groups APT15 and UNC5174 unleashed attacks against SentinelOne and more than 70 other high-value targets, as part of ongoing cyber-espion...

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing For...

Several widespread ClickFix campaigns are underway, bent on delivering malware to business targets, and they represent a new level of phishing sophist...

F5 Acquires Agentic AI Security Startup Fletch

Agentic AI technology will be integrated into the recently launched F5 Application Delivery and Security Platform.

BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI War...

Though the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices.

Docuseries Explores Mental, Physical Hardships of CISOs

During "CISO: The Worst Job I Ever Wanted," several chief information security officers reveal how difficult it is to be in a role that, des...

Synthetic Data Is Here to Stay, but How Secure Is It?

Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identificat...

MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh?

Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been ...

Prep for Layoffs Before They Compromise Security

Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.

SecOps Teams Need to Tackle AI Hallucinations to Improve Acc...

The risks associated with AI embedded into threat detection and response tools can't be completely eradicated, but SecOps teams can take steps to at l...

Digital Forensics Firm Cellebrite to Acquire Corellium

Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.

'PathWiper' Attack Hits Critical Infrastructure In Ukraine

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as t...

Backdoored Malware Reels in Newbie Cybercriminals

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 20...

Questions Swirl Around ConnectWise Flaw Used in Attacks

ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company's disclosures don't explain what the vulnerability is and ...

Finding Balance in US AI Regulation

The US can't afford to wait for political consensus to catch up to technological change.

Iranian APT 'BladedFeline' Hides in Network for 8 Years

ESET published research on the Iranian APT "BladedFeline," which researchers believe is a subgroup of the cyber-espionage entity APT34.

Cybersecurity Training in Africa Aims to Bolster Professiona...

The United Nations, Carnegie Mellon University, and private organizations are all aiming to train the next generation of cybersecurity experts, boost ...

35K Solar Devices Vulnerable to Potential Hijacking

A little more than three-quarters of these exposed devices are located in Europe, followed by Asia, with 17%.

Vishing Crew Targets Salesforce Data

A group that Google is tracking as UNC6040 has been tricking users at many organizations into installing a malicious version of a Salesforce app to ga...

How Neuroscience Can Help Us Battle 'Alert Fatigue'

By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only the...

Researchers Bypass Deepfake Detection With Replay Attacks

An international group of researchers found that simply rerecording deepfake audio with natural acoustics in the background allows it to bypass detect...

Attackers Impersonate Ruby Packages to Steal Sensitive Teleg...

Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global s...

Beware of Device Code Phishing

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing ...

LayerX Launches ExtensionPedia

TXOne Networks Introduces Capability for Intelligent Vulnera...

'Crocodilus' Sharpens Its Teeth on Android Users

The data-stealing malware initially targeted users in Turkey but has since evolved into a global threat.

Victoria's Secret Delays Earnings Call Due to Cyber Incident

But that didn't stop the clothing retailer from issuing preliminary results for the first quarter of 2025.

Chrome Drops Trust for Chunghwa, Netlock Certificates

Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a ...

LummaC2 Fractures as Acreed Malware Becomes Top Dog

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

Is Your CISO Navigating Your Flight Path?

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed.

Open-Weight Chinese AI Models Drive Privacy Innovation in LL...

Edge computing and stricter regulations could usher in a new era of AI privacy.

EMR-ISAC Shuts Down: What Happens Now?

This information-sharing hub provided essential information to the emergency services sector on physical and cyber threats. Some say the timing is con...

Exploitation Risk Grows for Critical Cisco Bug

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops L...

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.

Australia Begins New Ransomware Payment Disclosure Rules

The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential c...

Critical Bugs Could Spark Takeover of Widely Used Fire Safet...

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fi...

Beyond the Broken Wall: Why the Security Perimeter Is Not En...

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.

In the AI Race With China, Don't Forget About Security

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better.

'Earth Lamia' Exploits Known SQL, RCE Bugs Across Asia

A "highly active" Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from o...

FBI Warns of Filipino Tech Company Running Sprawling Crypto ...

The US Treasury said cryptocurrency investment schemes like the ones facilitated by Funnull Technology Inc. have cost Americans billions of dollars an...

Vibe Coding Changed the Development Process

AI tools shook up development. Now, product security must change too.

Tenable to Acquire AI Security Startup Apex

Apex will enhance Tenable's AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existi...

CISO Stature Rises, but Security Budgets Remain Tight

The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly ga...

ConnectWise Breached, ScreenConnect Customers Targeted

The software company, which specializes in remote IT management, said a "sophisticated nation state actor" was behind the attack but provide...

'Everest Group' Extorts Global Orgs via SAP's HR Tool

In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stol...

From Code Red to Rust: Microsoft's Security Journey

At this year's Build developer conference, Microsoft reflected on what the company learned about securing features and writing secure code in the earl...

NSA, CISA Urge Organizations to Secure Data Used in AI Model...

New guidance includes a list of 10 best practices to protect sensitive data throughout the AI life cycle, as well as tips to address supply chain and ...

Victoria's Secret Goes Offline After 'Incident' Claims

The lingerie retailer isn't revealing much about the security incident it's dealing with but has brought in third-party experts to address the issue.

New Botnet Plants Persistent Backdoors in ASUS Routers

Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, a...

SentinelOne Reports Services Are Back Online After Global Ou...

The outage reportedly hit 10 commercial customer consoles for SentinelOne's Singularity platform, including Singularity Endpoint, XDR, Cloud Security,...

Zscaler's Buyout of Red Canary Shows Telemetry's Value

Red Canary's MDR portfolio complements Zscaler's purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of...

APT41 Uses Google Calendar Events for C2

APT41, a Chinese state-sponsored threat actor also known as "Double Dragon," used Google Calendar as command-and-control infrastructure duri...

PumaBot Targets Linux Devices in Latest Botnet Campaign

While the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semi...

LexisNexis Informs 360K+ Customers of Third-Party Data Leak

While the leak affected customer data, LexisNexis said in a notification letter that its products and systems were not compromised.

A Defense-in-Depth Approach for the Modern Era

By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next g...

'Haozi' Gang Sells Turnkey Phishing Tools to Amateurs

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires ...

Certified Randomness Uses Quantum Cryptography to Make Stron...

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.

Hundreds of Web Apps Have Full Access to Microsoft OneDrive ...

Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.

CISA Issues SOAR, SIEM Implementation Guidance

Among the recommendations, organizations should conduct thorough testing and manage costs, which can be hefty, before implementing the platforms.

Implementing Secure by Design Principles for AI

Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A...

Cellcom Restores Regional Mobile Services After Cyberattack

Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is ...

Why Take9 Won't Improve Cybersecurity

The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and igno...

Have Your Say: Dark Reading Seeks Your Input

Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising Ap...

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 ...

Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz...

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attr...

DragonForce ransomware abuses SimpleHelp in MSP supply chain...

The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) p...

Adidas Falls Victim to Third-Party Data Breach

Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help ...

CISA Warns of Attacks Targeting Commvault SaaS Environment

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.

DragonForce Ransomware Strikes MSP in Supply Chain Attack

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent suppl...

Iranian pleads guilty to RobbinHood ransomware attacks, face...

An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and...

MathWorks, Creator of MATLAB, Confirms Ransomware Attack

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and wheth...

FBI: Silent Ransom Group Adopts Vishing Campaign Against Law...

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers fo...

New Self-Spreading Malware Infects Docker Containers to Mine...

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The atta...

How the New Hacker Millionaire Class Was Built

Once dismissed as Internet miscreants in hoodies, ethical hackers have hit the big time, earning millions from blue-chip firms. And they say it's thei...

Danabot Takedown Deals Blow to Russian Cybercrime

A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet's US-based infrastructure and indictments for its ...

Not Every CVE Deserves a Fire Drill: Focus on What’s Exploit...

Not every "critical" vulnerability is a critical risk. Picus Exposure Validation cuts through the noise by testing what's actually exploitable in your...

Cybercriminals Clone Antivirus Site to Spread Venom RAT and ...

Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe vic...

CVE Uncertainty Underlines Importance of Cyber Resilience

Organizations need to broaden their strategy to manage vulnerabilities more effectively and strengthen network cyber resilience.

MATLAB dev confirms ransomware attack behind service outage

MathWorks, a leading developer of mathematical computing and simulation software, has revealed that a recent ransomware attack is behind an ongoing se...

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via ...

Microsoft has shed light on a previously undocumented cluster of malicious activity originating from a Russia-affiliated threat actor dubbed Void Bliz...

Russian Laundry Bear cyberspies linked to Dutch Police hack

A previously unknown Russian-backed cyberespionage group now tracked as Laundry Bear has been linked to a September 2024 Dutch police security breach....

AI Agents and the Non‑Human Identity Crisis: How to Deploy A...

Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal k...

Employees Searching Payroll Portals on Google Tricked Into S...

Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices...

Windows Server emergency update fixes Hyper-V VM freezes, re...

Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restar...

Adidas warns of data breach after customer service provider ...

German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. [...]

Hackers Are Calling Your Office: FBI Alerts Law Firms to Lun...

The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targe...

Russia-Linked Hackers Target Tajikistan Government with Weap...

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word ...

Over 70 Malicious npm and VS Code Packages Found Stealing Da...

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS...

Google claims users find ads in AI search 'helpful'

Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful." [...]

OpenAI plans to ship an interesting ChatGPT product by 2026

OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren't looking at yet another model. [...]

CISO's Guide To Web Privacy Validation And Why It's Importan...

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web...

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, ...

Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the k...

Vibe coding company says Claude 4 reduced syntax errors by 2...

Lovable, which is a Vibe coding company, announced that Claude 4 has reduced its errors by 25% and made it faster by 40%. [...]

Leak suggests xAI is getting ready to ship Grok 3.5

xAI, founded by Elon Musk, is preparing to launch Grok 3.5, the company's next state-of-the-art AI model. [...]

ChatGPT Deep Research can now pull data from Dropbox and Box

You can now connect your Box and Dropbox accounts to Deep Research on ChatGPT and pull data, which will be used by the AI to conduct research. [...]

Hackers Use Fake VPN and Browser NSIS Installers to Deliver ...

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Brows...

Hackers Use TikTok Videos to Distribute Vidar and StealC Mal...

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vecto...

3 Critical Pillars of Cyber-Resilience

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.

How AI Is Transforming SASE, Zero Trust for Modern Enterpris...

By automating security policies and threat detection while coaching users on data protection, companies will be better able to take control of and pro...

Rethinking Data Privacy in the Age of Generative AI

The key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces...

3 Severe Bugs Patched in Versa's Concerto Orchestrator

Three zero-days could have allowed an attacker to completely compromise the Concerto application and the host system running it.

Companies Look to AI to Tame the Chaos of Event Security, Op...

As the summer event season kicks off, venue managers and security firms aim to make AI part of the solution for keeping control of crowds and protecti...

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,...

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 ...

300 Servers and €3.5M Seized as Europol Strikes Ransomware N...

As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized ...

SafeLine WAF: Open Source Web Application Firewall with Zero...

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has ne...

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M ...

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and uns...

CISA Warns of Suspected Broader SaaS Attacks Exploiting App ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting app...

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Resp...

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have all...

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-...

Picus Launches Exposure Validation to Safely Deprioritize CV...

Following Data Breach, Multiple Stalkerware Apps Go Offline

The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.

Russian Threat Actor TAG-110 Goes Phishing in Tajikistan

While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" ...

3AM Ransomware Adopts Email Bombing, Vishing Combo Attack

The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access ...

UK Retail Cyberattacks May Drive Up US Insurance Premiums

Insurance experts weigh in on how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as ho...

CISA: Russia's Fancy Bear Targeting Logistics, IT Firms

The mission is to gather information that could help Russia in its war against Ukraine.

Blurring Lines Between Scattered Spider & Russian Cyberc...

The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime...

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate...

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimbl...

Security Threats of Open Source AI Exposed by DeepSeek

DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in a manner that is safe...

Keeping LLMs on the Rails Poses Design, Engineering Challeng...

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide...

Critical Windows Server 2025 dMSA Vulnerability Enables Acti...

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directo...

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterpris...

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to...

Webinar: Learn How to Build a Reasonable and Legally Defensi...

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across ...

Identity Security Has an Automation Problem—And It's Bigger ...

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights...

Critical Versa Concerto Flaws Let Attackers Escape Docker an...

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestra...

GitLab's AI Assistant Opened Devs to Code Theft

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty lin...

FBI and Europol Disrupt Lumma Stealer Malware Network Linked...

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure a...

SideWinder APT Caught Spying on India's Neighbor Gov'ts

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

Experts Chart Path to Creating Safer Online Spaces for Women

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

Lumma Stealer Takedown Reveals Sprawling Operation

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for m...

Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

Marks & Spencer Projects Cyberattack Cost of $400M

The company expects it will continue to struggle with online disruptions until at least July, due to the attack.

Pandas Galore: Chinese Hackers Boost Attacks in Latin Americ...

Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizatio...

Unimicron, Presto Attacks Mark Industrial Ransomware Surge

A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and m...

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy...

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 202...

Coinbase Breach Compromises Nearly 70K Customers' Informatio...

Coinbase asserts that this number is only a small fraction of the number of its verified users, though it's still offering a $20 million reward to cat...

Unpatched Windows Server Flaw Threatens Active Directory Use...

Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present ...

NIST's 'LEV' Equation to Determine Likelihood a Bug Was Expl...

The new 'Likely Exploited Vulnerabilities' metric could be a game-changer for SecOps teams and vulnerability patch prioritization.

The Hidden Cybersecurity Risks of M&A

Merger and acquisition due diligence typically focuses on financials, legal risks, and operational efficiencies. Cybersecurity is often an afterthough...

Dark Reading Confidential: The Day I Found an APT Group in t...

Dark Reading Confidential Episode 6: Threat hunters Ismael Valenzuela and Vitor Ventura share stories about the tricks they used to track down advance...

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Tar...

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky....

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Mi...

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI...

Securing CI/CD workflows with Wazuh

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different en...

How to Detect Phishing Attacks Faster: Tycoon2FA Example

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the acce...

Researchers Expose PWA JavaScript Attack That Redirects User...

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a...

Google Chrome's Built-in Manager Lets Users Update Breached ...

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detect...

Asia Produces More APT Actors, as Focus Expands Globally

China- and North Korea-aligned groups account for more than half of global attacks, and an increasing number of countries look to cyber to balance pow...

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per s...

Fake Kling AI Malvertisements Lure Victims With False Promis...

Researchers noted that they found several similar websites, two of which are still operating and require the same kind of behavior on behalf of the vi...

Virgin Media 02 Vuln Exposes Call Recipient Location

A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 squa...

Tenable Adds Third-Party Connectors to Exposure Management P...

Tenable One now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of an organization's attack surface.

Regeneron Pledges Privacy Protection in $256M Bid for 23andM...

Regeneron's planned acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations gov...

Bumblebee Malware Takes Flight via Trojanized VMware Utility

An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply c...

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Doma...

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and...

Large Retailers Land in Scattered Spider's Ransomware Web

The threat group games IT help desks to gain entry into retailer networks, and signs show it has shifted its attention from the UK to US targets.

100+ Fake Chrome Extensions Found Hijacking Sessions, Steali...

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly b...

'Hazy Hawk' Cybercrime Gang Swoops In for Cloud Resources

Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other re...

Why Rigid Security Programs Keep Failing

Organizations that stay ahead of attacks won't be the most compliant ones — they'll be the ones most honest about what actually works.

Novel Phishing Attack Combines AES With Poisoned npm Package...

Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and comb...

AWS Default IAM Roles Found to Enable Lateral Movement and C...

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the d...

The Crowded Battle: Key Insights from the 2025 State of Pent...

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the ...

South Asian Ministries Hit by SideWinder APT Using Old Offic...

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor ...

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Atta...

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization i...

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redi...

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The maliciou...

Malicious PyPI Packages Exploit Instagram and TikTok APIs to...

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to valida...

'Operation RoundPress' Targets Ukraine in XSS Webmail Attack...

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabi...

S. Dakota CIO Gottumukkala Signs on as CISA Deputy Director

The addition is an important hire for the No. 2 position at the cyber agency. The main director role remains unfilled post-Easterly, with Bridget Bean...

Legal Aid Agency Warns Lawyers, Defendants on Data Breach

The online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal...

RVTools Official Site Hacked to Deliver Bumblebee Malware vi...

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and ...

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft...

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote c...

CVE Disruption Threatens Foundations of Defensive Security

If the Common Vulnerabilities and Exposures system continues to face uncertainty, the repercussions will build slowly, and eventually the cracks will ...

Why CTEM is the Winning Bet for CISOs in 2025

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a...

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with...

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sens...

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targ...

Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s re...

[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to ...

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan co...

Coinbase Extorted, Offers $20M for Info on Its Hackers

Coinbase is going Liam Neeson on its attackers, potentially setting a new precedent for incident response in the wake of crypto- and blockchain-target...

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on G...

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry,...

Top 10 Best Practices for Effective Data Protection

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy ...

Researchers Expose New Intel CPU Flaws Enabling Memory Leaks...

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data...

Fileless Remcos RAT Delivered via LNK Files and MSHTA in Pow...

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access tr...

Breachforums Boss to Pay $700k in Healthcare Breach

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $...

Patch Tuesday, May 2025 Edition

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that ...

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in ...

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

A employee at Elon Musk's artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to...

Alleged ‘Scattered Spider’ Member Extradited to U.S.

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United ...

DOGE Worker’s Code Supports NLRB Whistleblower

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE)...

Whistleblower: DOGE Siphoned NLRB Case Data

A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk's Department of Government Efficiency (DOGE)...

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware...