darkreading

A seemingly benign privilege-escalation process in VMware and other software has likely benefited attackers and other malware strains for years, researchers noted.

Agentic AI has introduced abundant shadow artificial intelligence (AI) risks. Cybersecurity startup Entro Security extends its platform to help enterprises combat the growing issue.

Flaws in individual models of Google's AI suite created significant security and privacy risks for users, demonstrating the need for heightened defenses.

A researcher-developed framework could enable attackers to conduct real-time conversations using simulated audio to compromise organizations and extract sensitive information.

The Internet of Things (IoT) has made everything more interconnected, but an important US government security initiative is stuck in limbo while threat actors step up attacks on everything from medical gear to printers.

The first known malicious MCP server is an AI integration tool that automatically sends email such as those related to password resets, account confirmations, security alerts, invoices, and receipts to threat actors.

Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year.

Attackers impersonate the National Police of Ukraine to deploy Amatera Stealer and PureMiner, using malicious Scalable Vector Graphics to trick victims.

Three international vehicle manufacturers have fallen to supply chain cyberattacks in the past month alone.

Security researchers say multiple threat groups, including Iran's Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company.

The world's most-popular sports contest starts in June 2026 across 16 venues in three countries: Securing the event infrastructure from cyber threats will require massive collaboration.

Patch now: Cisco recently disclosed four actively exploited zero-days affecting millions of devices, including three targeted by a nation-state actor previously discovered to be behind the "ArcaneDoor" campaign.

The China-linked cyber-espionage group UNC5221 is compromising network appliances that cannot run traditional EDR agents to deploy new versions of the "Brickstorm" backdoor.

Yet again researchers have uncovered an opportunity (dubbed "ForcedLeak" for indirect prompt injection against autonomous agents lacking sufficient security controls — but this time the risk involves PII, corporate secrets, physical location data, and so much more.

Outages affecting DevOps tools threaten to leave developers coding like it's 1999. How serious is the threat — and what can companies do?

Threat actors exploited CVE-2024-36401 less than two weeks after it was initially disclosed and used it to gain access to a large federal civilian executive branch (FCEB) agency that uses the geospatial mapping data.

The cybercrime group continues to gain attention despite its apparent shutdown last week.

Researchers have tracked a Russian disinformation campaign against upcoming Moldovan elections, linking it to a previous campaign that began in 2022.

Hackers tracked as UNC6148 are attacking SonicWall security devices by installing hidden software, allowing them to control systems, steal passwords, and hide their activities.

The poisoned package, purporting to be a JavaScript utility, threatens the software supply chain with a highly obsfuscated credential stealer.