darkreading

The acquisition will enhance Orca's CNAPP offering with autonomous vulnerability remediation and prevention technologies from Opus.

While hacktivists claimed more than 100 successful attacks against Indian government, education, and military targets, the attacks were overblown in most cases and often did not even happen.

Capital One executives share insights on how organizations should design their security programs, implement passwordless technologies, and reduce their attack surface.

Microsoft's May 2025 Patch Tuesday update also contains four other actively exploited zero-day security vulnerabilities, two publicly known bugs, and 12 critical patches.

Tidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of their supply chains.

The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around how bugs are tracked.

Though the app claims to use end-to-end encryption, hackers have reportedly accessed archived data on the app's servers via a new vulnerability.

Why securing the inference chain is now the top priority for AI applications and infrastructure.

The threat group's goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.

Fortra strengthens its endpoint-to-cloud security platform with the acquisition of Lookout's cloud application security broker, zero-trust network access, and secure Web gateway technologies.

The $168 million judgment against NSO Group underscores how citizens put little store in the spyware industry's justifications for circumventing security — but will it matter?

Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim's computer.

For years, Google has faced several legal battles over privacy and lost, though this one takes the cake for biggest ever settlement against a Big Tech firm.

The cybercriminals infected older wireless Internet routers with Anyproxy and 5socks malware in order to reconfigure them — all without the users' knowledge.

New research shows China is quickly catching up with the US in AI innovation. Experts weigh in on what it means for cyber defenders.

Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well.

Cybercriminals are flocking to take part in the newly inflamed fight between India and Pakistan.

The voluntary Software Security Code of Practice is the latest initiative to come out of the United Kingdom to boost best practices in application security and software development.

Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.