darkreading

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

While the need for cybersecurity talent still exists, the budget may not. Here's how to maximize security staff despite hiring freezes.

At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.

Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.

The scale of Beijing's systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood.

Building on its broad security portfolio, Microsoft's new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way.

In addition to XSS, MITRE and CISA's 2024 list of the 25 most dangerous security vulnerability types (CWEs) also flagged out-of-bounds write, SQL injection, CSRF, and path traversal.

The ONNX infrastructure has been servicing criminal actors as far back as 2017.

Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation.

Dazz's remediation engine will boost risk management in Wiz's cloud security portfolio.

In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.

Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.