darkreading

Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.

In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools.

Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.

Researchers have identified dozens of malicious GlassWorm extensions that come with new evasion techniques.

Discover how Franz Regul, former CISO for the Paris 2024 Olympics, tackled unique cybersecurity challenges to protect the Games from evolving threats.

A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.

The excitement around Cisco's latest SD-WAN bugs has inspired some light fraud, misunderstandings, and overlooked potential hazards.

Threat actors target nonprofits due to security gaps and highly coveted information, but a lack of sufficient data makes it difficult to grasp the entire picture.

Sightline Security's founder and advisory board discuss how cybersecurity poses significant problems for nonprofits and suggest ways the industry can help.

Sophisticated phishing attacks are bypassing on-device protections with troubling frequency, making it more critical than ever for users to protect themselves from potential threats, new research from Omdia shows.

Forget stolen credentials and misconfigurations. Thanks to AI, the new top cause of compromises in the cloud is vulnerability exploits that beat patching cycles.

The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.

Organizations have to prepare to ensure they have cryptography in place in the post-quantum world.

Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.

Rescinded sanctions and reactivated contracts have created confusion about the Trump administration's spyware policy and where it draws the line.