Skip to main content
← All Tags

Cybersecurity

638 articles in this category (Page 7 of 27)

AI NewsCybersecurityPrivacy

Encrypt It Already Campaign Pushes for End-to-End Encryption

The Electronic Frontier Foundation's Encrypt It Already campaign urges big tech companies to implement end-to-end encryption by default, citing growing security and privacy concerns.

Read more
AI NewsCybersecurityArtificial Intelligence

OpenClaw's Security Risks Exposed

OpenClaw AI assistant's insecure design and extensible architecture pose significant risks to users, with 15% of skills containing malicious instructions.

Read more
AI NewsCybersecurityArtificial Intelligence

Agentic AI Security Risks Exposed in Moltbook

Moltbook, an AI-powered social media platform, exposed its entire database through a publicly accessible API, highlighting significant security risks in agentic AI systems.

Read more
AI NewsSoftware DevelopmentCybersecurity

Creating Digital Trust Through Secure Product Design

Digital products have become essential tools in nearly every aspect of modern life, with secure design playing a central role in establishing trust, as highlighted by Suzanne Alipourian-Frascogna.

Read more
AI NewsCybersecurityWorkflow Automation

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution

A critical n8n vulnerability, CVE-2026-25049, allows authenticated workflow abuse to execute system commands with a CVSS score of 9.4.

Read more
AI NewsCybersecurityVulnerability Management

New Data Tool Helps Orgs Prioritize Exploited Flaws Smarter

KEV Collider combines data from multiple open source vulnerability frameworks to help cybersecurity teams assess which issues need their attention first, with over 48,100 vulnerabilities reported in 2025.

Read more
AI NewsCybersecurityNGINX

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting 1,083 unique source IP addresses and affecting Asian TLDs, government domains, and Baota panels.

Read more
AI NewsCybersecurityThreat Intelligence

Infy Hackers Revive Operations with New C2 Servers and Tornado Malware

Infy hackers resume operations post-Iran internet blackout, deploying Tornado malware and Telegram C2, with over 118 exfiltrated files since February 2025.

Read more
AI NewsCybersecurityMiddle East Affairs

Iranian Threat Actors Steal Credentials Using Spear-Phishing

Iranian threat actors have stolen credentials from over 850 individuals across the Middle East, using spear-phishing and social engineering tactics.

Read more
AI NewsCybersecurityThreat Intelligence

Cyber Threats Evolve with Increased Operational Efficiency

Threat actors are leveraging automation, prebuilt frameworks, and reusable infrastructure to cut time between access and impact, with over 10,000 infected IP addresses globally tied to the SystemBC malware operation.

Read more
AI NewsCybersecurityMalware

Attackers Exploit Windows Screensavers to Drop Malware

Threat actors leverage .scr file type to bypass defender lines and compromise organizations, with over 70% of Windows users vulnerable to screensaver-based attacks.

Read more
AI NewsCybersecurityThreat Intelligence

China-Linked Amaranth-Dragon and Mustang Panda Exploit WinRAR Flaw in Espionage Campaigns

China-linked threat actors Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing lures, affecting at least 6 countries.

Read more
AI NewsCybersecurityVulnerability Management

CISA Flags Actively Exploited SolarWinds Web Help Desk RCE

CISA adds SolarWinds Web Help Desk RCE flaw to KEV catalog with a CVSS score of 9.8, ordering federal agencies to patch by February 2026.

Read more
AI NewsCybersecurityRansomware

CISA's Hidden Ransomware Updates to KEV Catalog

A third of the 'flipped' CVEs affect edge devices, leading to increased ransomware risk with 59 vulnerabilities updated in 2025.

Read more
AI NewsCybersecurityMalware Analysis

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files with a stealthy, fileless approach, evading traditional detection mechanisms.

Read more
AI NewsCybersecurityOpen Source

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk by up to 90%.

Read more
AI NewsCybersecurityLatin America

Announcing DR Global Latin America

Dark Reading launches a new content section for Latin American readers, featuring news, analysis, and multimedia on cybersecurity.

Read more
AI NewsDevOpsCybersecurity

Leveraging DevOps and Open Source Tools to Detect Phishing Patterns

Detecting phishing patterns with a 95% success rate using DevOps and open source tools.

Read more
AI NewsArtificial IntelligenceCybersecurity

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft develops a scanner that detects backdoors in open-weight LLMs with a low false positive rate, improving AI model security.

Read more
AI NewsCybersecurityMalware

Microsoft Warns of Python Infostealers Targeting macOS

Python infostealers are spreading to macOS via fake ads and installers, stealing credentials and financial data at scale.

Read more
AI NewsIncident ResponseCybersecurity

The First 90 Seconds of Incident Response

Early incident response decisions determine investigation success, with evidence preservation and logging visibility being key to resolving incidents efficiently.

Read more
AI NewsCybersecurityDocker

Docker Patches Critical Ask Gordon AI Flaw Enabling Code Execution

Docker fixes a critical Ask Gordon AI flaw allowing code execution and data theft via malicious image metadata in version 4.50.0, impacting Docker Desktop and CLI.

Read more
AI NewsCybersecuritySoftware Development

GlassWorm Malware Returns to Shatter Developer Ecosystems

The self-replicating GlassWorm malware has poisoned a fresh set of Open VSX software components, accumulating over 22,000 downloads prior to removal.

Read more
AI NewsCybersecurityReact Native

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) with a CVSS score of 9.8, allowing remote unauthenticated attackers to execute arbitrary operating system commands.

Read more