darkreading

Information from the company's NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn't rule out the possibility that the data may have been stolen.

Digital fingerprinting technology creates detailed user profiles by combining device data with location and demographics, which increases the risks of surveillance.

eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.

Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.

Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources.

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.

Now it's time to build systems that attackers can't reroute with a phone call.

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

For browsers, exploitation is out — and getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they've accepted the challenge.

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.

The security startup provides managed detection and response services for small to midsize businesses to detect and address modern threats, such as ransomware, phishing attacks, and malicious insiders.

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the increased sophistication of and national security threat posed by the AI technology.

To help counter crime, today's organizations require a cyber-defense strategy that incorporates the mindset of the cybercriminal.

Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.

Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.

From data fog to threat clarity: Automating security analytics helps security teams stop fighting phantoms and respond to what matters.

Startup Tumeryk's AI Trust scorecard finds Google Gemini Pro 2.5 as the most trustworthy, with OpenAI's GPT-4o mini a close second and DeepSeek and Alibaba Qwen scoring lowest.

Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.

Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens.