darkreading

For the first time, SANS Institute's five top attack techniques all have one thing in common — AI.

Organizations disclose attack details, though information may be limited. What if they did the same with close calls?

Attacks by artificial intelligence agents are a reality. Experts at Nvidia's GTC conference say defenders need to use the same tools to fight them off.

Four former NSA chiefs representing a near-complete history of US Cyber Command debate the role of offensive cyber in the government at RSAC.

Iran-aligned groups are trying to make their mark in the Gulf, but the results have fallen short of remarkable.

The Cloud Security Alliance creates a dedicated nonprofit to govern autonomous AI agent ecosystems through risk intelligence and certification.

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx's KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.

Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have brought the walls down.

An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.

JPMorganChase uses digital fingerprints and digital twins to spot online attackers and malicious behaviors while also reducing pesky false alerts.

Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.

Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here's what they learned.

A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.

Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data.

The idea of a "human in the loop" in AI deployment was challenged during a security executive panel at the RSAC 2026 Conference this week.

A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed.