Scattered Spider Hacking Spree Continues With Airline Sector Attacks

Microsoft has called the hacker collective one of the most dangerous current cyberthreats.

Chinese Company Hikvision Banned By Canadian Government

Though the company's video surveillance products will be prohibited for government use, individuals and private businesses can still buy the vendor's products.

Airoha Chip Vulns Put Sony, Bose Earbuds & Headphones at Risk

The vulnerabilities, which have yet to be published, could allow a threat actor to hijack not only Bluetooth earbuds and headphones but also the devices connected to them.

AI-Themed SEO Poisoning Attacks Spread Info, Crypto Stealers

Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.

Why Cybersecurity Should Come Before AI in Schools

The sooner we integrate cybersecurity basics into school curriculum, the stronger and more resilient our children — and their futures — will be.

Top Apple, Google VPN Apps May Help China Spy on Users

Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers allege.

'CitrixBleed 2' Shows Signs of Active Exploitation

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.

Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back against incident response teams.

Vulnerability Debt: How Do You Put a Price on What to Fix?

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.

US Falling Behind China in Exploit Production

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead.

'Cyber Fattah' Hacktivist Group Leaks Saudi Games Data

As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape.

'IntelBroker' Suspect Arrested, Charged in High-Profile Breaches

A British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks.

Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts

Israel's cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks.

And Now Malware That Tells AI to Ignore It?

Though rudimentary and largely non-functional, the wryly named "Skynet" binary could be a harbinger of things to come on the malware front.

Millions of Brother Printers Hit by Critical, Unpatchable Bug

A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother.

CISA is Shrinking: What Does it Mean for Cyber?

Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency.

Africa Sees Surge in Cybercrime as Law Enforcement Struggles

Cybercrime accounts for more than 30% of all reported crime in East Africa and West Africa, with online scams, ransomware, business email compromise, and digital sextortion taking off.

Threat Actor Trojanizes Copy of SonicWall NetExtender VPN App

A threat actor hacked a version of SonicWall's NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the product.

China-Nexus 'LapDogs' Network Thrives on Backdoored SOHO Devices

The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure.

Steel Giant Nucor Confirms Data Stolen in Cyberattack

America's largest steel producer initially disclosed the breach in May and took potentially affected systems offline to investigation the intrusion and contain any malicious activity.

Citrix Patches Critical Vulns in NetScaler ADC and Gateway

Citrix is recommending its customers upgrade their appliances to mitigate potential exploitation of the vulnerabilities.

'Echo Chamber' Attack Blows Past AI Guardrails

An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content.

DHS Warns of Rise in Cyberattacks in Light of US-Iran Conflict

After President's Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an uptick in Iranian hacktivists and state-sponsored actors targeting US systems.

Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto Heist

The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.

A CISO's AI Playbook

In a market where security budgets flatten while threats accelerate, improving analyst throughput is fiscal stewardship.

AWS Enhances Cloud Security With Better Visibility Features

At this week's re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

Hackers Post Dozens of Malicious Copycat Repos to GitHub

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

How Cyberwarfare Changes the Face of Geopolitical Conflict

As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.

Telecom Giant Viasat Is Latest Salt Typhoon Victim

The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact to customers.

How to Lock Down the No-Code Supply Chain Attack Surface

Securing the no-code supply chain isn't just about mitigating risks — it's about enabling the business to innovate with confidence.

OpenAI Awarded $200M Contract to Work With DoD

OpenAI intends to help streamline the Defense Department's administrative processes using artificial intelligence.

New Tool Traps Jitters to Detect Beacons

Concerned by rapidly evolving evasion tactics, the new Jitter-Trap tool from Varonis aims to help organizations detect beacons that help attackers establish communication inside a victim network.

The Triple Threat of Burnout: Overworked, Unsatisfied, Trapped

Many cybersecurity professionals still don't feel comfortable admitting when they need a break. And the impact goes beyond being overworked.

GodFather Banking Trojan Debuts Virtualization Tactic

The Android malware is targeting Turkish financial institutions, completely taking over legitimate banking and crypto apps by creating an isolated virtualized environment on a device.

Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks

An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.

Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach

The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.

'HoldingHands' Acts Like a Pickpocket With Taiwan Orgs

Since at least January, the threat actor has been employing multiple malware tools to steal information for potential future attacks against Taiwanese businesses and government agencies.

Malicious Chimera Turns Larcenous on Python Package Index

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.

Anubis Ransomware-as-a-Service Kit Adds Data Wiper

The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.

Washington Post Staffer Emails Targeted in Cyber Breach

Journalists' Microsoft accounts were breached, which would have given attackers access to emails of staff reporters covering national security, economic policy, and China.

'Water Curse' Targets Infosec Pros Via Poisoned GitHub Repositories

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

Security Is Only as Strong as the Weakest Third-Party Link

Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience.

NIST Outlines Real-World Zero-Trust Examples

SP 1800-35 offers 19 examples of how to implement zero-trust architecture (ZTA) using off-the-shelf commercial technologies.

CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM

A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.

Cyberattacks on Humanitarian Orgs Jump Worldwide

These groups suffered three times the cyberattacks as the year previous, with DDoS attacks dominating and vulnerability scans and SQL injection also more common.

New COPPA Rules to Take Effect Over Child Data Privacy Concerns

New regulations and compliance standards for the Children's Online Privacy Protection Act reflect how much technology has grown since the Federal Trade Commission last updated it in 2013.

Researchers Detail Zero-Click Copilot Exploit 'EchoLeak'

Researchers at Aim Security disclosed a Microsoft Copilot vulnerability of critical severity this week that could have enabled sensitive data exfiltration via prompt injection attacks.

Hacking the Hackers: When Bad Guys Let Their Guard Down

A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders.

ConnectWise to Rotate Code-Signing Certificates

The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.

Agentic AI Takes Over Gartner's SRM Summit

Agentic AI was everywhere at Gartner's Security & Risk Management Summit in Washington, DC, this year, as the AI security product engine chugs ahead at full speed.

Google Bug Allowed Brute-Forcing of Any User Phone Number

The weakness in Google's password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.

PoC Code Escalates Roundcube Vuln Threat

The flaw allows an authenticated attacker to gain complete control over a Roundcube webmail server.

GitHub: How Code Provenance Can Prevent Supply Chain Attacks

Through artifact attestation and the SLSA framework, GitHub's Jennifer Schelkopf argues that at least some supply chain attacks can be stopped in their tracks.

United Natural Food's Operations Limp Through Cybersecurity Incident

It's unclear what kind of cyberattack occurred, but UNFI proactively took certain systems offline, which has disrupted the company's operations.

Gartner: How Security Teams Can Turn Hype Into Opportunity

During the opening keynote at Gartner Security & Risk Management Summit 2025, analysts weighed in on how CISOs and security teams can use security fervor around AI and other tech to the betterment of their security posture.

SIEMs Missing the Mark on MITRE ATT&CK Techniques

CardinalOps' report shows that organizations are struggling to keep up with the evolution of the latest threats while a significant number of detection rules remain non-functional.

China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree

Known threat groups APT15 and UNC5174 unleashed attacks against SentinelOne and more than 70 other high-value targets, as part of ongoing cyber-espionage and other malicious activity involving ShadowPad malware.

Docuseries Explores Mental, Physical Hardships of CISOs

During "CISO: The Worst Job I Ever Wanted," several chief information security officers reveal how difficult it is to be in a role that, despite being around for decades, remains undefined.

BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns

Though the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices.

'PathWiper' Attack Hits Critical Infrastructure In Ukraine

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.

Backdoored Malware Reels in Newbie Cybercriminals

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.

35K Solar Devices Vulnerable to Potential Hijacking

A little more than three-quarters of these exposed devices are located in Europe, followed by Asia, with 17%.

Vishing Crew Targets Salesforce Data

A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform.

How Neuroscience Can Help Us Battle 'Alert Fatigue'

By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only their digital assets but also the well-being of those who defend them.

Researchers Bypass Deepfake Detection With Replay Attacks

An international group of researchers found that simply rerecording deepfake audio with natural acoustics in the background allows it to bypass detection models at a higher-than-expected rate.

Chrome Drops Trust for Chunghwa, Netlock Certificates

Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the respective companies.

LummaC2 Fractures as Acreed Malware Becomes Top Dog

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

LummaC2 Fractures as Acreed Malware Becomes Top Dog

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

Beyond the Broken Wall: Why the Security Perimeter Is Not Enough

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.

EMR-ISAC Shuts Down: What Happens Now?

The Emergency Management and Response - Information Sharing and Analysis Center provided essential information to the emergency services sector on physical and cyber threats and its closure leaves an information vacuum for these organizations.

Exploitation Risk Grows for Critical Cisco Bug

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops Leak

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.

Critical Bugs Could Spark Takeover of Widely Used Fire Safety OT/ICS Platform

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.

In the AI Race With China, Don't Forget About Security

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better.