darkreading

The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.

British Transport Police and Network Rail are investigating the incident, in which bad actors posted Islamophobic messages on the transport system's network.

Beware that friendly text from the IT department giving you an "update" about restoring your broadband connectivity.

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

An environment that values creativity, continuous learning, and calculated risk-taking can prevent boredom while building a resilient, adaptable team ready to tackle whatever challenges come their way.

Researchers have uncovered one of the first examples of threat actors using artificial intelligence chatbots for malware creation, in a phishing attack spreading the open source remote access Trojan.

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.

The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues.

There will be four major categories in the 2025 retread of the hacking competition, with prizes ranging for each challenge, from $20,000 to half a million.

The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals.

Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating.

While these threats remain a valid concern, US government agencies have doubled down on their assurances to the American public that election infrastructure is secure.

The advanced Python-based PysSilon malware can steal data, record keystrokes, and execute remote commands. The attackers behind it are promising to leak details of deleted X posts related to accused rapper and music producer Sean Combs.

To maintain AI leadership, Congress and regulatory agencies must recognize that our foreign competitors are working to surpass us.

Crafty bad actors can infect all of an organization's virtual machines at once, rendering tier-one applications useless.

Leaders in professional athletics lament the realities and risks of growth in connected stadium environments, social networks, and legalized gambling.

The RISC-V chip architecture is gaining popularity worldwide, but the fact that it is easy to modify the processor design means it is also easy to introduce hard-to-patch vulnerabilities.