darkreading
Chinese LLMs Broaden the Gap Between Attackers & Defenders
2 days 22 hours ago
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
Robert Lemos
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
3 days 12 hours ago
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian businesses.
Nate Nelson
Apple Reverses Age-Old Patch Policy to Keep Up With AI
3 days 15 hours ago
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.
Nate Nelson
FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs
3 days 16 hours ago
After gaining a foothold in thousands of Fortinet firewalls, the attackers are starting to monetize that access, and are also piling on a Nextcloud zero-day bug.
Rob Wright
Ransomware Thugs Masquerade as Interpol to Entice Small Biz
3 days 17 hours ago
The ransomware campaign relies on basic social engineering and stretches across multiple regions, including the US, Europe, Middle East, and elsewhere.
Jai Vijayan
Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
3 days 22 hours ago
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open-source software supply chain.
Jeffrey Schwartz
Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
4 days 14 hours ago
Attackers fingerprint victims through user-agent data to deliver OS-specific payloads, increasing compromise rates and campaign profitability.
Alexander Culafi
And the Winner in Dominant Malware Delivery? ClickFix
4 days 15 hours ago
Researchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.
Rob Wright
When Too Much Security Data Becomes the Risk
4 days 19 hours ago
Rapid growth turned routine firewall logs into a security and budget liability. One CISO used artificial intelligence to filter what data truly belongs in the SIEM.
Joan Goodchild
'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat
4 days 20 hours ago
LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.
Elizabeth Montalbano
Safe Events Start With Threat Intel & Digital Security
4 days 22 hours ago
Planning ahead to defend against cyber threats is the work that keeps events uneventful.
Olga Polishchuk
China-Linked Group Targets Southeast Asia Critical Systems
5 days 10 hours ago
The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
Robert Lemos
Fake Bug Report Hijacks AI Coding Agents at Scale
5 days 13 hours ago
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
Jai Vijayan
Attackers Seize Exposed AI Endpoints to Power Offensive Ops
5 days 14 hours ago
Threat actors don't need any special authentication to reach a target endpoint — they just need to know where it is.
Alexander Culafi
Why Identity Security Is Your Cyber Career Entry Point
5 days 16 hours ago
In this "Heard it From a CISO" video, Silverfort CISO John Paul Cunningham explains that AI in cybersecurity workflows is creating opportunities rather than eliminating jobs — and there are more ways than ever to break into this essential field.
Kristina Beek
Phishers Gain Persistence at EU, Asia Hospitality Orgs
5 days 16 hours ago
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Elizabeth Montalbano
AI-Generated Workflows Are a Silent Security Disaster
5 days 22 hours ago
Teams are dealing with a truly dangerous problem — automation that works, but that no one understands.
Yelena Mujibur Sheikh
NIST Enrichment Reductions Impact CVE Coverage, Accuracy
6 days 12 hours ago
The National Institute of Standards and Technology (NIST) scaled back the number of CVEs it selects for in-depth analysis, but the move has produced mixed results, according to researchers.
Rob Wright
'Djinn' Stealer Targets Cloud, AI Credentials
6 days 13 hours ago
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.
Jai Vijayan
Checked
9 hours 13 minutes ago
Public RSS feed
darkreading feed