Cybersecurity

624 articles in this category (Page 7 of 26)

AI NewsCybersecurityMalware Analysis

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files with a stealthy, fileless approach, evading traditional detection mechanisms.

Feb 4, 2026

AI NewsCybersecurityOpen Source

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk by up to 90%.

Feb 4, 2026

AI NewsCybersecurityLatin America

Announcing DR Global Latin America

Dark Reading launches a new content section for Latin American readers, featuring news, analysis, and multimedia on cybersecurity.

Feb 4, 2026

AI NewsDevOpsCybersecurity

Leveraging DevOps and Open Source Tools to Detect Phishing Patterns

Detecting phishing patterns with a 95% success rate using DevOps and open source tools.

Feb 4, 2026

AI NewsArtificial IntelligenceCybersecurity

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft develops a scanner that detects backdoors in open-weight LLMs with a low false positive rate, improving AI model security.

Feb 4, 2026

AI NewsCybersecurityMalware

Microsoft Warns of Python Infostealers Targeting macOS

Python infostealers are spreading to macOS via fake ads and installers, stealing credentials and financial data at scale.

Feb 4, 2026

AI NewsIncident ResponseCybersecurity

The First 90 Seconds of Incident Response

Early incident response decisions determine investigation success, with evidence preservation and logging visibility being key to resolving incidents efficiently.

Feb 4, 2026

AI NewsCybersecurityDocker

Docker Patches Critical Ask Gordon AI Flaw Enabling Code Execution

Docker fixes a critical Ask Gordon AI flaw allowing code execution and data theft via malicious image metadata in version 4.50.0, impacting Docker Desktop and CLI.

Feb 3, 2026

AI NewsCybersecuritySoftware Development

GlassWorm Malware Returns to Shatter Developer Ecosystems

The self-replicating GlassWorm malware has poisoned a fresh set of Open VSX software components, accumulating over 22,000 downloads prior to removal.

Feb 3, 2026

AI NewsCybersecurityReact Native

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) with a CVSS score of 9.8, allowing remote unauthenticated attackers to execute arbitrary operating system commands.

Feb 3, 2026

AI NewsCybersecurityDevOps

Leveraging Docker for Real-Time Phishing Pattern Detection

Docker provides a 99.9% uptime solution for real-time phishing pattern detection during high traffic events.

Feb 3, 2026

AI NewsCybersecuritySoftware Security

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom

Notepad++ hosting breach attributed to China-linked Lotus Blossom hacking group, delivering Chrysalis backdoor via hijacked updates.

Feb 3, 2026

AI NewsCloud ComputingCybersecurity

Cloud Outages and Identity Systems: Critical Failure Points

Cloud outages expose identity systems as critical failure points, with 75% of organizations experiencing identity-related downtime in the last year.

Feb 3, 2026

AI NewsCybersecurityPenetration Testing

County Pays $600K to Wrongfully Jailed Pen Testers

Iowa county pays $600,000 settlement to two penetration testers wrongfully jailed in 2019 for performing a security evaluation.

Feb 2, 2026

AI NewsCybersecurityMalware

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

Attackers breached eScan antivirus update infrastructure to push malicious updates, deploying persistent malware on enterprise and consumer systems, affecting hundreds of machines globally.

Feb 2, 2026

AI NewsCybersecurityMalware

Notepad++ Update Mechanism Hijacked to Deliver Malware

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Feb 2, 2026

AI NewsCybersecurityOpen-Source Software

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking, with a CVSS score of 8.8.

Feb 2, 2026

AI NewsCybersecurityMalware

Researchers Uncover 341 Malicious ClawHub Skills Targeting OpenClaw Users

A security audit reveals 341 malicious skills on ClawHub, exposing OpenClaw users to data theft and malware attacks.

Feb 2, 2026

AI NewsCybersecurityThreat Lifecycle Management

Securing Mid-Market Organizations Across the Complete Threat Lifecycle

Mid-market organizations can reduce cyber risk by 30% by combining prevention, detection, response, and MDR into a unified security platform.

Feb 2, 2026

AI NewsCybersecuritySaaS

ShinyHunters Expands SaaS Extortion Attacks to Microsoft 365, Slack

ShinyHunters has expanded its extortion attacks to various SaaS environments, including Microsoft 365 and Slack, using voice phishing and credential harvesting to compromise targeted organizations.

Feb 2, 2026

AI NewsCybersecurityProxy Networks

Google Disrupts IPIDEA Residential Proxy Network, Reduces Available Pool by Millions

Google cripples IPIDEA, a massive residential proxy network, by seizing domains used as command-and-control for devices, reducing its available pool of devices by millions.

Feb 2, 2026

AI NewsCybersecurityEnergy Sector

Poland Attributes December Cyber Attacks to Static Tundra

Poland linked December 2025 cyber attacks on energy and manufacturing sites to Static Tundra, involving DynoWiper and FortiGate exploits, affecting over 30 wind and solar farms.

Jan 31, 2026

AI NewsCybersecurityIranian Hacking Groups

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

Iran-linked RedKitten uses malicious Excel files, AI-generated macros, and cloud services to spy on human rights NGOs and activists, with over 50 individuals impacted.

Jan 31, 2026

AI NewsCybersecuritySaaS Security

Mandiant Exposes ShinyHunters-Style Vishing Attacks Breaching SaaS Platforms

Mandiant reports a surge in vishing attacks linked to ShinyHunters, exploiting MFA and SSO to breach SaaS apps, with over 100 organizations targeted.

Jan 31, 2026