Windows Zero-Day Barrage Continues After Patch Tuesday

YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.

CISA Exposes Secrets, Credentials in 'Private' Repo

The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.

'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments

The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.

Boulevard of Broken Dreams: 2 Decades of Cyber Fails

From the MGM and Caesars fiasco and MOVEit's patch nightmare to epic business blunders and the jaded reality of living in a post-breach world, Dark Reading looks back at the mistakes, miscalculations, systemic failures, and cringeworthy moments that still have us shaking our heads.

Fuel Tank Breaches Expand Scope of Iran's Cyber Offensive

Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.

Can Laws Stop Deepfakes? South Korea Aims to Find Out

South Korea's local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes.