SpaceX’s Starlink internet service suffered a major international outage, disconnecting tens of thousands of users for over two hours. The Starlink outage began around 3 p.m. Eastern Time (19:00 GMT), according to reports on Downdetector, with over 61,000 users submitting complaints in a matter of minutes. The issue show more ...
Attackers are using expired and deleted Discord invite links to distribute two strains of malware: AsyncRAT for taking remote control of infected computers, and Skuld Stealer for stealing crypto wallet data. They do this by exploiting a vulnerability in Discords invite link system to stealthily redirect users from show more ...
National governments warn that many hacker groups attract young people through a sense of community, fame, or the promise of money and the perception of a lack of risk of prosecution.
Suspected China-nexus threat actors targeted virtual environments and used several tools and techniques to bypass security barriers and reach isolated portions of victims' networks.
Longtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.
AI malware is becoming less of a gimmick, with features that meet or exceed what traditional human-developed malware typically can do.
Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can't afford to assume their applicant-screening processes are up to the task of weeding the imposters out.
_Nikolay_Stoimenov_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Nudges can be powerful — but they are not immune to overuse or misapplication.
Kim Se Un, Jo Kyong Hun and Myong Chol Min are accused of helping North Korea evade U.S. and United Nations sanctions through an IT worker plot that involved tricking companies into hiring North Koreans using stolen identities.
The BlackSuit gang, which is believed to have been operational since April/May 2023, was a private ransomware group that did not license its tooling to other criminals like ransomware-as-a-service (RaaS) schemes.
Some crisis pregnancy centers (CPCs) still tell visitors that their data is protected under the HIPAA privacy law — despite guidance to the contrary from the government and CPCs' own umbrella organizations. Data privacy and abortion-rights groups want states to do more to end those claims.
Prosecutors said Chapman helped the North Korean IT workers obtain jobs at 309 companies, including a major television network, a car maker, a media company, a Silicon Valley technology company and more.
NASCAR warned that a cyberattack that began in March exposed Social Security numbers.
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively. Soco404 "targets both Linux and Windows systems, deploying platform-specific malware," Wiz
A recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of instances in which sensitive data was uploaded to platforms hosted in China, raising concerns over compliance, data
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se Un, Jo
The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems," Arctic Wolf Labs said
Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unknown Group 901). "The campaign is aimed at targeting employees of Voronezh Aircraft Production Association (VASO), one
The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks
Source: securityaffairs.com – Author: Pierluigi Paganini New Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances. Experts warn customers show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini The DSPM market hit around $1.2 billion in 2024 and should grow to $4.5 billion by 2033 (≈16.5% CAGR). The AI sector is projected to swell from $189 billion in 2023 to $4.8 trillion by 2033. The tech realm is continually evolving. New show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini A new stealth backdoor has been discovered in the WordPress mu-plugins folder, granting attackers persistent access and control over compromised sites. Sucuri researchers found a stealthy backdoor hidden in WordPress’s “mu-plugins” folder. These show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft SharePoint flaws to its show more ...
Source: thehackernews.com – Author: . Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections. “An authentication bypass vulnerability has been identified in the Provisioning Manager component of Mitel show more ...
Source: thehackernews.com – Author: . Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed Now to infiltrate organizations’ VMware ESXi and vCenter show more ...
Source: thehackernews.com – Author: . Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs). The activity employs Cloudflare-themed ClickFix phishing attacks show more ...
Source: thehackernews.com – Author: . Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution. The two vulnerabilities impacting Sophos Firewall are listed below – show more ...
Source: www.securityweek.com – Author: Ionut Arghire An Arizona woman was sentenced to prison for her role in a North Korean fake IT worker scheme that hit more than 300 companies and generated over $17 million in illicit revenue. The woman, Christina Marie Chapman, 50, of Litchfield Park, was charged in May show more ...
Source: krebsonsecurity.com – Author: BrianKrebs KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running show more ...
Source: news.sophos.com – Author: Editor PRODUCTS & SERVICES Sophos has been recognized for defending customers of all sizes against today’s complex cyberattacks, achieving four prestigious awards at the SE Labs Awards 2025. We’re thrilled to announce that Sophos won four awards in this year’s SE show more ...
Source: www.schneier.com – Author: Bruce Schneier The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These show more ...
Source: securityboulevard.com – Author: Jeffrey Burt Clorox is suing Cognizant for $380 million, saying the IT services provider’s service desk put in place to protect the multinational company from cyber risks in 2023 gave hackers password resets and other credentials when asked without verifying the show more ...
Source: securityboulevard.com – Author: Alan Shimel Vibe coding is here. And it’s not just a fad — it’s reshaping how we build, deploy and even conceive of software. But unless we hit the brakes and bake in security now, we’re setting ourselves up for another generation of vulnerabilities, exploits and show more ...
Source: go.theregister.com – Author: Jessica Lyons An Arizona woman who ran a laptop farm from her home – helping North Korean IT operatives pose as US-based remote workers – has been sentenced to eight and a half years behind bars for her role in a $17 million fraud that hit more than 300 American show more ...
Source: go.theregister.com – Author: Iain Thomson The AMEOS Group, which runs over 100 hospitals across Europe, has shut down its entire network after crims busted in. The organization, which is Swiss-owned but runs medical treatment facilities across the continent, said that unknown miscreants have penetrated show more ...
Source: go.theregister.com – Author: Carly Page Threat actors have actively exploited a newly patched vulnerability in Cisco’s Identity Services Engine (ISE) software since early July, weeks before the networking giant got around to issuing a fix. That’s according to the Shadowserver Foundation, a show more ...
Source: go.theregister.com – Author: Thomas Claburn Computer scientists with the University of Waterloo in Ontario, Canada, say they’ve developed a way to remove watermarks embedded in AI-generated images. To support that claim, they’ve released a software tool called UnMarker. It can run offline, show more ...
Source: thehackernews.com – Author: . Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz show more ...
Source: thehackernews.com – Author: . A recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds show more ...
Source: www.csoonline.com – Author: Cybersecurity leaders reveal the books that have influenced how they lead, think, and manage security in the enterprise — and their own lives. From strategy and psychology to history and decision-making, these are the books CISOs recommend to sharpen your thinking, show more ...
Source: www.csoonline.com – Author: News Jul 24, 20255 mins MalwareOpen SourceSupply Chain Phishing attacks on package maintainer accounts led to infected JavaScript type testing utilities. In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing show more ...
Source: www.csoonline.com – Author: A July 8 fix for a critical SharePoint zero-day failed to stop active exploitation, enabling state-backed attackers to breach nearly 100 organizations worldwide. A July 8 patch for the SharePoint Server zero-day flaw, which resulted in a global attack on nearly 100 show more ...
Source: www.csoonline.com – Author: The incident highlights rising AI risks as malicious actors exploit powerful tools amid weak safeguards and oversight. A hacker managed to insert destructive system commands into Amazon’s Visual Studio Code extension used for accessing its AI-powered coding assistant, Q, show more ...
Source: www.darkreading.com – Author: Tara Seals Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. show more ...
Source: www.darkreading.com – Author: Swati Babbar Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. show more ...
Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered show more ...
Source: www.darkreading.com – Author: Rob Wright Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. show more ...
Source: socprime.com – Author: Daryna Olyniychuk Following closely after the Interlock ransomware attacks that used a new custom RAT delivered through a modified ClickFix variant called FileFix, a new malicious campaign has emerged, also leveraging a ClickFix-themed malware delivery website. Defenders have show more ...
Source: www.infosecurity-magazine.com – Author: BlackSuit’s dark web data leak site and private negotiation panels have been taken offline in what appears to be a large-scale law enforcement operation. On July 24, the ransomware group’s leading site, usually accessible via The Onion Router (TOR), displayed show more ...
Source: www.infosecurity-magazine.com – Author: A prolonged Chinese cyber espionage campaign is targeting VMware appliances to gain access to target networks, according to Sygnia researchers. The campaign has been tracked since early 2025. The attackers, dubbed Fire Ant, have been observed using combinations of show more ...
