darkreading

The networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.

Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.

Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.

Eight months after the breach occurred, Change Healthcare has finally sent out millions of notices of compromised data to affected individuals.

Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world.

Renewable energy firms deal with a large cyberattack surface area, given the distributed nature of power generation and more pervasive connectivity.

Vulnhuntr is a Python static code analyzer that uses Claude AI to find and explain complex, multistep vulnerabilities.

Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.

Even after the ransom is paid, such attacks lead to spikes in strokes and heart attacks and increased wait times for patients.

An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks.

A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers.

Unauthenticated threat actors can remotely cause a denial-of-service (DoS) cyberattack within the Remote Access VPN software in Cisco's ASA and Firepower software.

The latest GenAI jailbreak technique tricks chatbots into returning restricted content by blending different prompt topics together.

Until CEOs and boards prioritize learning more about mitigating threats, organizations are leaving themselves and their businesses open to the potential for disaster.

The Russian-language malware primarily enlists computers to mine Monero, but theoretically it can do worse.

The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.

The software development kit will simplify building and testing of CHERI-enabled RISC-V applications.