darkreading

Against the backdrop of the artificial intelligence surge, most African organizations have some form of cybersecurity awareness training but fail to test frequently and don't trust the results.

A trio of startup founders — GreyNoise's Andrew Morris, Thinkst Canary's Haroon Meer, and runZero's HD Moore — agree that raising venture capital funding can be beneficial, but a company's success depends on how well the product fits customer needs.

The jewelry retailer is warning customers that their data can and might be used maliciously.

A critical vulnerability in the trust model of Cursor, a fast-growing tool for LLM-assisted development, allows for silent and persistent remote code execution.

The networking giant said this week that an employee suffered a voice phishing attack that resulted in the compromise of select user data, including email addresses and phone numbers.

While the cybercrime underground has professionalized and become more organized in recent years, threat actors are, to a great extent, still using the same attack methods today as they were in 2020.

In a conversation with Dark Reading's Terry Sweeney, Lauren Miskelly from Google explains that Chrome Enterprise is the same Chrome browser that consumers use, but with additional enterprise-grade controls, reporting capabilities, and administrative features.

Chainguard provides DevSecOps teams with a library of "secure-by-default" container images so that they don't have to worry about software supply chain vulnerabilities. The startup is expanding its focus to include Java and Linux, as well.

The flaws in the company's Triton Inference Server enables model theft, data leaks, and response manipulation.

The grants are intended to help states, tribes, and localities enhance their cybersecurity resilience by providing them with monetary resources to reduce risks and implement new procedures.

Not only are attacks against macOS users ramping up, but threat actors have proved to be advanced with deepfake technology. Security awareness training may be the best defense.

From "eCrime" actors to fake IT tech workers, CrowdStrike researchers found that adversaries are using AI to enhance their offensive cyber operations.

An uptick of ransomware activity by the group in late July that uses the vendor's SSL VPN devices for initial intrusion shows evidence of an as-yet-undisclosed flaw under exploitation.

Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and the deployment of layered technical controls.

Random numbers are the cornerstone of cryptographic security. As organizations adopt quantum-resistant algorithms, it's equally important to examine the randomness underpinning them.

Dark Reading's 2025 News Desk marks a decade of Black Hat USA memories. We're making our return with a slate of interviews that help you stay up on the latest research from Black Hat — no trip to Las Vegas required.

Security debt ahoy: Only about half of the code that the latest large language models (LLMs) create is cybersecure, and more and more of it is being created all the time.

By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience.