Name That Toon: Mark of (Cybersecurity) Progress

As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades.

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.

'The Com' Cyberattacks Support Violence & Sexploitation

Your organization's security failures have consequences for everyone else too, since this neo-Nazi-infested criminal gang uses its cyber winnings to support more violent and widespread crimes.

Dutch Raid Fails to Dent Russian Bulletproof Host

Dutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the hosting provider's core IP address space intact.

BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model

An advanced remote access Trojan is propagating online. Notably, it's delivered via an operator licensing model and features a no-code malware-development interface.

Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security

In this latest installment of the Reporters' Notebook video series, we discuss how cyber insurance is forcing organizations to quantify risk, what's covered (and what's not), and why this could be the best thing to happen to cybersecurity.

Nordic CISOs Handle Rising Cyber Threats Remarkably Well

Artificial intelligence notwithstanding, the vast majority of CISOs in northern Europe say they're facing no more serious cyberattacks than they did two years ago.

Ransomware Actors Show Up In Person to Steal Law Firm Data

The FBI warned that the extortion gang Silent Ransom Group is targeting law firms and socially engineering its way into servers and databases.

State Cyber Leaders Beg Congress for More Funding, Support

A recent congressional hearing highlighted how states are reeling from federal cutbacks to important cyber grants and information sharing initiatives amid damaging attacks to critical infrastructure.

Microsoft Issues Out-of-Band SharePoint Patch

SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.

The Hackers Behind Shai-Hulud: Lucky or Skilled?

TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.

Remembering Tim Wilson, Whose Legacy Lives on at Dark Reading

The co-founder and former editor-in-chief passed away five years ago in November. As Dark Reading enters is third decade, we pause to celebrate and honor Wilson's instrumental role in building and elevating the media site.

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

Ransomware and vendor breaches persist, but the 2026 Data Breach Investigations Report (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.

China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.

How CISOs Should Prep for Agentic-Ready AI BOMs

Finding ways to document both component and execution attributes for AI bill of materials (AI BOM).

Google API Keys Remain Active After Deletion

A security researcher discovered the API keys can still be used for 23 minutes after deletion, even though the cloud provider claims deletion is immediate.

Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs.

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.

Processes and Culture Top Reasons Behind Data Breaches

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short.

Windows Zero-Day Barrage Continues After Patch Tuesday

YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.

CISA Exposes Secrets, Credentials in 'Private' Repo

The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.

'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments

The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.

Boulevard of Broken Dreams: 2 Decades of Cyber Fails

From the MGM and Caesars fiasco and MOVEit's patch nightmare to epic business blunders and the jaded reality of living in a post-breach world, Dark Reading looks back at the mistakes, miscalculations, systemic failures, and cringeworthy moments that still have us shaking our heads.

Fuel Tank Breaches Expand Scope of Iran's Cyber Offensive

Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.

Can Laws Stop Deepfakes? South Korea Aims to Find Out

South Korea's local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes.

The Boring Stuff is Dangerous Now

AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly.

Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems

A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response.

SecurityScorecard Snags Driftnet to Level Up Threat Intelligence

The new acquisition looks to boost visibility into third-party ecosystems that are becoming a bigger concern as vectors for supply-chain attacks.

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.

Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak

An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.

Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape

Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.

China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm

The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors.

It's Patch Tuesday for Microsoft and Not a Zero-Day In Sight

It's the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.

Hugging Face Packages Weaponized With a Single File Tweak

A tokenizer library file present in Hugging Face AI models can be manipulated to hijack the model's outputs and exfiltrate data.

20 Leaders Who Built the CISO Era: 2 Decades of Change

As part of Dark Reading's 20th anniversary special coverage, we profile the CISOs, founders, researchers, criminals, and policymakers who rewrote the enterprise risk playbook.

Tech Can't Stop These Threats — Your People Can

Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.

'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.

Hackers Use AI for Exploit Development, Attack Automation

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.

ShinyHunters Claims Second Attack Against Instructure

The edtech company is struggling to wrest control from its hackers. PII belonging to hundreds of millions of people is on the line.

Shifting Budget Dynamics for Identity Security and AI Agents

AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics are very different than traditional IAM projects.

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments.

Has CISA Finally Found Its New Leader in Tom Parker?

Dark Reading investigates rumors that Tom Parker, a board room 'operator' and longtime cyber exec, could be next in line to take over CISA.

'TrustFall' Convention Exposes Claude Code Execution Risk

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs.

Instructure Breach Exposes Schools' Vendor Dependence

ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.

Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks.

Why Security Leadership Makes or Breaks a Pen Test

Well-run security drills go beyond checking audit boxes to identify and address trouble spots. Effective leaders can ensure proper scope, access, and follow-through, but it’s not easy.

Middle East Cyber Battle Field Broadens — Especially in UAE

As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure.

Trellix Source Code Breach Highlights Growing Supply Chain Threats

Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up.

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.

How the Story of a USB Penetration Test Went Viral

Two decades ago Dark Reading posted its first blockbuster — a column by a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making piece with its author Steve Stasiukonis, Dark Reading senior editor Becky Bracken, and Dark Reading's editor-in-chief Kelly Jackson Higgins.

RMM Tools Fuel Stealthy Phishing Campaign

Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there's been zero-day activity for at least a month.

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.

How Dark Reading Lifted Off the Launchpad in 2006

Twenty years ago, this media brand didn't have a print edition to attract eyeballs and sponsors. Top-notch content and editorial talent did the heavy lifting.

76% of All Crypto Stolen in 2026 Is Now in North Korea

North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them.

20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage

On this day in 2006, Dark Reading went live. We have a celebration planned that spans our two decades of covering the industry, and you, dear readers, are invited.