darkreading

DOGE is making wild moves at CISA, including bringing back fired probationary employees only to put them on paid leave, and reportedly gutting the agency's red teams.

The attackers are taking an indirect approach to targeting SEO professionals and their Google credentials, using a fake digital marketing website.

Law enforcement entities in democratic states have been deploying top-of-the-line messaging app spyware against journalists and aid workers.

The time to secure foundations, empower teams, and make cyber resilience the standard is now — because the cost of waiting is far greater than the investment in proactive security.

A massive cybercrime network known as "VexTrio" is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.

The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.

Cybersecurity vendors say threat actors' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.

The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.

Answer: Nope. But let's look at the trends — because they matter for security.

HP's 8000 Series enterprise and commercial printers, which include Color LaserJet Enterprise MFP 8801, Mono MFP 8601, and LaserJet Pro Mono SFP 8501, will feature new quantum ASICs and endpoint controllers to protect them from future quantum attacks.

Both Android devices and iPhones are 3.5 times more likely to be infected with malware once "broken" and 250 times more likely to be totally compromised, recent research shows.

Global politics and a growing economy draw the wrong kind of attention to India, with denial-of-service and application attacks both on the rise.

CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.

Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.

Several major companies in the finance sector were impacted by the third-party breach, prompting them to notify thousands of customers of their compromised data.

Research finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.

A Europol report says nation-state actors are increasingly working with organized crime networks to achieve geopolitical goals, including the destabilization of the EU.