darkreading

Microsoft uncovered AI recommendation poisoning in 31 companies across 14 industries, and turnkey tools make it trivially easy to pull off.

Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.

In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.

CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.

How a platform engineering team embeds supply chain security into infrastructure without slowing developers.

Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.

Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks.

Only Taiwan made the top 10 list of governments, effectively blocking the threat-ridden protocol, but overall, the region lagged in curbing Telnet traffic.

Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.

With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.

Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products.

Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever.

The acquisition allows the credit reporting agency to add SMS spam and scam prevention to its robocall blocking capabilities.

The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.

Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique.

Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.

The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption (E2E) by default across their services, as privacy concerns mount amid increased AI use.

Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.

Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant.