darkreading

In a seven-page strategy document, the Trump administration signaled a shift to preemption and deterrence to handling cyber threats.

A fresh cyberattack campaign blends malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces.

With the rapid innovations in AI, we are entering an exciting era of automated risk remediation. Learn about security team readiness to leverage agentic AI for threat and exposure management.

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying.

Cylake's platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty.

DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.

The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry.

Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one and the same.

Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens' data.

Pakistan's APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses.

The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses.

Edge bugs are so fetch, and Cisco just patched 50 new ones, including some heavy hitters with 10 out of 10 scores on the CVSS scale.

Fig Security's platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses.

Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error.

Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage.

Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud environments.

Events and concepts from the Stranger Things television series illustrate how enterprises can defend their networks and stay "right side up."