darkreading

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows and Linux, likely for spying.

Cylake's platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty.

DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.

The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry.

Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one and the same.

Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens' data.

Pakistan's APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses.

The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multifactor authentication defenses.

Edge bugs are so fetch, and Cisco just patched 50 new ones, including some heavy hitters with 10 out of 10 scores on the CVSS scale.

Fig Security's platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses.

Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error.

Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage.

Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud environments.

Events and concepts from the Stranger Things television series illustrate how enterprises can defend their networks and stay "right side up."

Dark Reading Confidential Episode 15: Interpol relied on Will Thomas and team to help break up a sprawling cybercrime ring, leading to the arrest of 574 suspects, the recovery of more than $3 million, and the decryption of six malware variants. Here's his story.

The emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyber espionage activities.

India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control.

Like many other features and systems in modern cars, tire pressure sensors leak sensitive data that can be abused by threat actors.

The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups.

Lessons from history highlight why AI-enabled browsers require controlled enablement.