In a major step toward bridging the gender gap in technology, UN Women and the Global Cybersecurity Forum (GCF) have signed a Memorandum of Understanding (MoU) to strengthen women’s participation and leadership in cybersecurity and the digital economy. The agreement was formalized during the GCF Annual Meeting in show more ...
A new polymorphic malware identified by a security researcher earlier this week remains undetected by most security tools. Xavier Mertens wrote about the malware in a SANS blog post on October 8. At the time, there were only two detections of the malware on VirusTotal. Two days later, there are still only two show more ...
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The threat actor, known as Storm-2657, is exploiting weak authentication as part of what experts are calling “payroll pirate” attacks, a scheme in which an attacker reroutes an show more ...
A newly released proof-of-concept (PoC) exploit has disclosed a severe code-execution vulnerability affecting the Nothing Phone (2a) and the CMF Phone 1, both of which are powered by MediaTek chipsets. The exploit, named “fenrir”, compromises the secure boot process, allowing attackers to execute arbitrary code at show more ...
The 11th edition of the European Cybersecurity Challenge (ECSC) was held from October 6 to 9, 2025, in Warsaw, Poland, with Italy proudly taking the top spot. This event, which brings together the most talented young cybersecurity professionals from across Europe, saw Italy coming in first place, followed by Denmark show more ...
The latest incarnation of the BreachForums cybercrime forum has been seized by U.S. and French law enforcement. The seizure of the BreachForums[.]hn data leak site by the FBI, Department of Justice and French counterparts came just ahead of an October 10 deadline set by the Scattered LAPSUS$ Hunters threat group for show more ...
In a renewed push to safeguard America’s digital infrastructure, U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced the Protecting America from Cyber Threats Act — a bipartisan bill aimed at restoring critical cybersecurity protections that expired on September 30. The bipartisan bill would show more ...
Although the benefits of AI assistants in the workplace remain debatable, where they’re being adopted most confidently of all is in software development. Here, LLMs play many roles — from refactoring and documentation, to building whole applications. However, traditional information security problems in show more ...
The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is show more ...
In a new wrinkle for adversary tactics, the Storm-2603 threat group is abusing the digital forensics and incident response (DFIR) tool to gain persistent access to victim networks.
Ransomware gangs continue to set their sights on the manufacturing industry, but companies are taking steps to protect themselves, starting with implementing timely patch management protocols.
_Mopic_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Microsoft previewed the Sentinel security graph and MCP server at its annual Microsoft Secure virtual event earlier this month.
RondoDox takes a hit-and-run, shotgun approach to exploiting bugs in consumer edge devices around the world.
The vast majority of organizations are encountering AI-augmented threats, but remain confident in their defenses, despite inadequate detection investment and more than half falling to successful attacks.
Dark Reading is looking for leading industry experts with a point of view they want to share with the rest of the cybersecurity community for our new Commentary section.
The security company looks to tackle new authentication challenges that could lead to credential leakage, as enterprises increasingly leverage AI browser agents.
The group warned that law-enforcement crackdowns are imminent in the wake of the takedown, but its extortion threats against Salesforce victims remain active.
As part of its plan to extort high-profile customers of Salesforce, the Scattered Spider group had revived the BreachForums platform. The site now bears an FBI seizure notice.
Austria's data protection authority ruled that Microsoft illegally tracked students using its education software by failing to give them access to their data and using cookies without consent.
Three crew members of the Eagle S — which dragged its anchor through undersea cables in December 2024 — might escape prosecution in Finland after a court ruled they could not be charged there.
Cybersecurity company Forescout said a hacking group known as TwoNet fell for a honeypot that looked like the network for a Dutch water utility.
Officials in Sugar Land, Texas, said a cyberattack has impacted some online services.
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and
Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG) and Mandiant said in a new report released Thursday. "We're still assessing the scope of this incident, but we believe it affected dozens of organizations," John Hultquist, chief analyst of
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that's assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11 following a "potential vulnerability" reported by a customer, uncovering "potentially suspicious
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt. But not all AI SOC platforms are created equal. From prompt-dependent copilots to autonomous, multi-agent systems, the current market offers
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign. The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and energy
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It's assessed that the malware is being propagated through
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain access to third-party human resources (HR) software as a service (SaaS) platforms like Workday," the
Read more in my article on the Hot for Security blog.
