darkreading

AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to significant technical debt.

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

While US government sits out this year, EU officials are on the ground in San Francisco leading the conversations on today's top cybersecurity challenges.

Publicly accusing an entity of a cyberattack could have negative consequences that organizations should consider before taking the plunge.

A series of campaigns that began in August aim to defraud job candidates, using psychological tactics and data scraped from LinkedIn profiles.

Ten finalists had three minutes to make their case for being the most innovative, promising young security company of the year. Geordie AI wins the 2026 contest.

For the first time, SANS Institute's five top attack techniques all have one thing in common — AI.

Organizations disclose attack details, though information may be limited. What if they did the same with close calls?

Attacks by artificial intelligence agents are a reality. Experts at Nvidia's GTC conference say defenders need to use the same tools to fight them off.

Four former NSA chiefs representing a near-complete history of US Cyber Command debate the role of offensive cyber in the government at RSAC.

Iran-aligned groups are trying to make their mark in the Gulf, but the results have fallen short of remarkable.

The Cloud Security Alliance creates a dedicated nonprofit to govern autonomous AI agent ecosystems through risk intelligence and certification.

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx's KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.

Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have brought the walls down.

An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.

JPMorganChase uses digital fingerprints and digital twins to spot online attackers and malicious behaviors while also reducing pesky false alerts.

Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.

Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here's what they learned.

A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.

Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data.