darkreading

Workloads keep getting more complicated and organizations are struggling to keep up. So what's the play?

Iran and its supporters have taken to cyberspace to retaliate for US-Israeli military action, with an aim to cause economic and physical disruption.

The now-patched flaw is the latest in a growing string of security issues associated with the viral AI tool, which has seen rapid adoption among developers.

Speed and security are historically clashing priorities, but with AI and automation, it's increasingly important that application developers and security teams get on the same page.

The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective.

Forward Edge-AI's new Isidore Quantum is a compact, low-power hardware device designed to defend sensitive operational technology endpoints against future quantum attacks.

Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access sensitive resources.

HBO's "The Pitt" is showing audiences what a real Mississippi healthcare system is going through this week, thanks to a ransomware attack.

Major events like the FIFA World Cup need to look beyond traditional physical and cyber security to active and passive wireless threats, say experts.

Using AI to find security vulnerabilities holds significant promise, but the initial products fall short of the needs of enterprises and software developers, say experts.

It's become a standard practice for organizations to disclose the bare minimum about a data breach, or worse — not disclose the incident at all.

Claude Code's introduction rippled across the stock market, but researchers and analysts say its impact was overstated, as they peel back the layers.

When a company gets breached through a third-party security vendor, who should bear responsibility? For one FinTech company, the answer is the firewall provider.

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.

A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account.

The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains.

Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves.

The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay ahead of attackers.

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.

Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.