News

News

• July 17, 2025 17 Jul'25

  New AI malware PoC reliably evades Microsoft Defender

  Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.

• July 17, 2025 17 Jul'25

  Microsoft deputy CISO recounts responding to the CrowdStrike outage

  The industry’s collective response to the massive outage underscored for Ann Johnson its ability to come together and put competitive interests aside.

• July 17, 2025 17 Jul'25

  CISA director: Cybersecurity is ‘not an impossible problem’

  In Jen Easterly’s view, the solution to the industry’s pains lies in secure by design. “We got ourselves into this, we have to get ourselves out,” she said during a media briefing at Black Hat.

• July 17, 2025 17 Jul'25

  Black Hat USA 2024 Highlights

  Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas.

• July 17, 2025 17 Jul'25

  An Nvidia container bug and chance to harden Kubernetes

  A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

• Sponsored News

  • Riding the Wave to Enterprise AI at Scale: The Transformation of Client Solutions

    Sponsored by Dell Technologies - While it’s true that AI is moving rapidly toward universal adoption, it is in the enterprise where AI is having its greatest impact. Enterprise AI certainly is an area of massive resource investment: Research pegs the size of the 2025 global enterprise AI market at $97 billion, growing to an astonishing $229 billion by 2030. All forms of AI—agentic AI, generative AI, machine learning, and predictive AI, to name a few—are transforming how, when, where, and why work is done. See More

  • The “Personal Touch” of AI is Undeniable, Thanks for Impressive Advances in Client Solutions

    Sponsored by Dell Technologies - The trend toward personal—and personalized—artificial intelligence (AI) has swiftly moved from interesting idea to undeniable market transformational catalyst. Research points out that 61% of U.S. adults have used AI in the past six months, with a growing number of those using it daily. This not only is an expected byproduct of widespread AI use in businesses and other enterprises, but the rapidly accelerating number of consumer-oriented use cases. See More

  • The Deepening Impact of “AI Everywhere” is Revolutionizing Client Solutions

    Sponsored by Dell Technologies - Artificial intelligence (AI) has rapidly become the technical development with the most profound impact on how we work, play, live, and interact. Although AI has been around for decades, earlier generations of expert systems, knowledge systems, and decision-support systems pale in comparison to the capabilities of the AI of today…and tomorrow. See More

  View All Sponsored News
• July 17, 2025 17 Jul'25

  Women who 'hacked the status quo' aim to inspire cybersecurity careers

  A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.

• July 11, 2025 11 Jul'25

  News brief: Hafnium, Scattered Spider hackers arrested

  Check out the latest security news from the Informa TechTarget team.

• June 30, 2025 30 Jun'25

  News brief: AI security threats surge as governance lags

  Check out the latest security news from the Informa TechTarget team.

• June 20, 2025 20 Jun'25

  News brief: LOTL attacks, spoofed sites, malicious repositories

  Check out the latest security news from the Informa TechTarget team.

• June 13, 2025 13 Jun'25

  News brief: Gartner Security and Risk Management Summit recap

  Check out the latest security news from the Informa TechTarget team.

• June 06, 2025 06 Jun'25

  News brief: CISA and partners face budget overhauls, cuts

  Check out the latest security news from the Informa TechTarget team.

• May 30, 2025 30 May'25

  News brief: Week's top breaches stem from third-party attacks

  Check out the latest security news from the Informa TechTarget team.

• May 16, 2025 16 May'25

  News brief: Patch critical SAP, Samsung and chat app flaws now

  Check out the latest security news from the Informa TechTarget team.

• May 16, 2025 16 May'25

  RSAC 2025: AI everywhere, trust nowhere

  We're at an inflection point. AI is changing the game, but the rules haven't caught up.

• May 13, 2025 13 May'25

  Building effective security programs requires strategy, patience and clear vision

  Capital One executives share insights on how organizations should design their security programs, implement passwordless technologies, and reduce their attack surface.

• May 13, 2025 13 May'25

  Vulnerability detection tops agentic AI at RSAC's startup competition

  Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well.

• May 13, 2025 13 May'25

  Cyber then & now: Inside a 2-decade industry evolution

  On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering ...

• May 09, 2025 09 May'25

  News brief: AI security risks highlighted at RSAC 2025

  Check out the latest security news from the Informa TechTarget team.

• May 07, 2025 07 May'25

  RSAC 2025: Cyware operationalizes threat intelligence with AI, automation

  Keeping up with threat intelligence, given its exponential growth, is tough. What businesses need is automatic triaging of alerts and guidance for any necessary follow-up, says Cyware's Sachin Jade.

• May 06, 2025 06 May'25

  Ongoing passkey usability challenges require 'problem-solving'

  While passkeys offer enhanced security against phishing and credential theft, implementation hurdles, cross-platform inconsistencies and user experience challenges pose significant barriers to widespread adoption.

• May 06, 2025 06 May'25

  The dark side of digital: Breaking the silence on youth mental health

  Industry experts at RSAC 2025 called for urgent accountability in addressing technology's negative impact on youth, highlighting concerns about internet anonymity, mental health and the growing disconnect between generations.

• May 06, 2025 06 May'25

  AI domination: RSAC 2025 social media roundup

  Documented in a series of social media posts, cybersecurity experts shared with Dark Reading their insights on RSAC 2025 throughout the week.

• May 05, 2025 05 May'25

  RSAC 2025: AI to advance identity, passwordless progress, Dashlane says

  Dashlane CEO John Bennett tells Dark Reading’s Terry Sweeney that the advent of shadow AI use means that some AI agents and models operate without any credentials, increasing the organization’s risk.

• May 05, 2025 05 May'25

  RSAC 2025 highlights gap between threat intel, response

  Staying ahead means cyber defenders can’t operate in silos.

• May 02, 2025 02 May'25

  IBM uses agentic AI for autonomous security operations: RSAC 2025

  The launch of IBM’s Autonomous Threat Operations Machine and X-Force Predictive Threat Intelligence agent were announced at the event.

• May 02, 2025 02 May'25

  SANS top 5: Cyber has busted out of the SOC

  This year's top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging and regulatory constraints keeping defenders from fully utilizing AI's capabilities.

• May 02, 2025 02 May'25

  A cybersecurity paradox: Even resilient organizations are blind to AI threats

  A LevelBlue report looks at what goes into the security postures of a cyber-resilient organization, and found that AI is still a blind spot.

• May 02, 2025 02 May'25

  Salt Typhoon telecom hacks one of the most consequential campaigns against US ever, expert says

  A prominent former member of a recently shuttered cyber-incident review panel said the board should be reconstituted with independent authority.

• May 02, 2025 02 May'25

  Enterprises need to beware of these 5 threats

  A panel of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider.

• May 01, 2025 01 May'25

  RSAC Conference: New Huntress, Qualys offers, Malwarebytes channel initiatives

  Salt Security, Diligent, Vodafone Business and Fortinet also made channel-relevant announcements during the conference.

• May 01, 2025 01 May'25

  RSAC: Check Point warns of 'rocket and missile' game with AI

  Also, Rubrik and Rackspace unveiled a new strategic partnership.

• May 01, 2025 01 May'25

  Debunking security 'myths' to address common gaps

  Dan Gorecki and Scott Brammer's interactive session during RSAC Conference 2025 encourages security professionals to rethink their security postures and address evolving and emerging risks.

• May 01, 2025 01 May'25

  Former CISA head slams Trump admin over 'loyalty mandate'

  Jen Easterly, former director of CISA, discussed the first 100 days of the second Trump administration and criticized the president's 'mandate for loyalty' during a panel at RSAC 2025.

• May 01, 2025 01 May'25

  Adversaries are toying with U.S. networks and D.C. is short on answers

  While nation-state actors are demonstrating how easily they can infiltrate U.S. networks, government officials don't seem to have a clear vision for what comes next.

• April 30, 2025 30 Apr'25

  TheWizards APT casts a spell on Asian gamblers with novel attack

  A SLAAC-spoofing, adversary-in-the-middle campaign is hiding the WizardNet backdoor malware inside updates for legitimate software and popular applications.

• April 30, 2025 30 Apr'25

  AI-fueled cybercrime at risk of outpacing traditional defenses, Check Point warns

  The security firm said in a new report that defenders should begin using AI to counter cybercriminals' adoption of the technology.

• April 30, 2025 30 Apr'25

  Nvidia's new AI security offering protects against software landmines

  Nvidia's DOCA Argus prevents attacks before they compromise AI architectures.

• April 30, 2025 30 Apr'25

  DHS boss Noem vows to get CISA back 'on mission'

  Secretary Noem asks the cybersecurity community to get in touch with CISA to help reshape the agency to focus on finding efficiencies.

• April 30, 2025 30 Apr'25

  DARPA highlights critical infrastructure security challenges

  Leaders at federal research organizations DARPA, ARPA-I and ARPA-H discussed the myriad obstacles in addressing critical infrastructure security at RSAC Conference 2025.

• April 30, 2025 30 Apr'25

  RSAC Conference 2025 video reports

  We chatted on camera with attendees and presenters at RSAC 2025. Check out this video collection to get highlights from one of the world's major cybersecurity conferences.

• April 29, 2025 29 Apr'25

  RSAC 2025: Cisco debuts latest AI cybersecurity innovations

  In terms of innovation, Cisco says it's 'just getting warmed up.'

• April 29, 2025 29 Apr'25

  RSAC: Fortinet's latest threat report, Google Cloud-Mandiant, more

  Many vendors are showcasing their latest AI-powered cybersecurity capabilities.

• April 29, 2025 29 Apr'25

  From mission-centric to people-centric: Competitive leadership in cyber

  Making a case for empathy in cyber-leadership roles as a strategic business advantage.

• April 29, 2025 29 Apr'25

  Hacking in space: Not as tough as you might think

  Barbara Grofe, space asset security architect at Spartan Corp, discussed the realities of hacking in space, and the outlook is not pie-in-the-sky.

• April 29, 2025 29 Apr'25

  U.S. critical infrastructure still struggles with OT security

  How does a company defend itself from cyberattacks by a foreign adversary? A collection of experts gathered at this year's RSAC Conference to explain how the U.S. can help.

• April 15, 2025 15 Apr'25

  Organizations lack incident response plans, but answers are on the way

  Developing strong incident response plans remains an area that requires significant improvement. Here are some shortcomings and how to address them.

• April 15, 2025 15 Apr'25

  7 RSAC 2025 cloud security sessions you don't want to miss

  Some of the brightest minds in the industry will discuss how to strengthen cloud security.

• April 07, 2025 07 Apr'25

  RSAC unveils keynote speaker slate for RSAC 2025 Conference

  RSAC, the company behind the world's largest and most influential cybersecurity conference, today announced its current lineup of keynote speakers for its upcoming RSAC 2025 Conference, taking place at the Moscone Center in San Francisco from April ...

• April 04, 2025 04 Apr'25

  Trends at the 2024 RSAC startup competition

  Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI and accomplishing novel security solutions with new models.

• April 04, 2025 04 Apr'25

  RSAC Conference 2025 Innovation Sandbox contest celebrates 20th anniversary

  Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation.

• March 28, 2025 28 Mar'25

  News brief: China-linked APTs and Russian access broker

  Check out the latest security news from the Informa TechTarget team.

• March 20, 2025 20 Mar'25

  Cloudflare unveils tools for safeguarding AI deployment

  The cybersecurity vendor's new suite helps businesses, developers and content creators deploy AI technology at scale safely and securely.

• February 28, 2025 28 Feb'25

  Microsoft targets AI deepfake cybercrime network in lawsuit

  Microsoft alleges that defendants used stolen Azure OpenAI API keys and special software to bypass content guardrails and generate illicit AI deepfakes for payment.

• February 27, 2025 27 Feb'25

  FBI: Lazarus Group behind $1.5 billion Bybit heist

  Researchers say the heist, in which North Korean state-sponsored hackers stole funds from a cold wallet, is the biggest theft in the history of the cryptocurrency industry.

• February 27, 2025 27 Feb'25

  CrowdStrike: China hacking has reached 'inflection point'

  In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments.

• February 26, 2025 26 Feb'25

  NCC Group tracks alarming ransomware surge in January

  NCC Group found ransomware activity in January surpassed previous monthly highs with 590 attacks, as one notorious gang experienced a notable resurgence.

• February 25, 2025 25 Feb'25

  Black Basta ransomware leak sheds light on targets, tactics

  VulnCheck found the ransomware gang targeted CVEs in popular enterprise products from Microsoft, Citrix, Cisco, Fortinet, Palo Alto Networks, Confluence Atlassian and more.

• February 25, 2025 25 Feb'25

  Dragos: Ransomware attacks against industrial orgs up 87%

  Ransomware attacks continue to be a major pain point for industrial organizations, as the sector has historically struggled with vulnerability management.

• February 24, 2025 24 Feb'25

  Apple pulls Advanced Data Protection in UK, sparking concerns

  Privacy and security concerns mount, as Apple pulls the end-to-end encryption feature for users located in the U.K. following pressures from the government.

• February 21, 2025 21 Feb'25

  Palo Alto Networks vulnerabilities exploited in chained attack

  The cybersecurity vendor urges customers to take immediate action to mitigate recently disclosed vulnerabilities that are being actively exploited in the wild.

• February 20, 2025 20 Feb'25

  Risk & Repeat: Salt Typhoon hasn't stopped hacking

  Although the Salt Typhoon telecom breaches from last year appear to have been remediated, the Chinese state-sponsored threat group continues to target critical organizations.

• February 20, 2025 20 Feb'25

  CISA, FBI warn of Ghost/Cring ransomware attacks

  Ghost is a China-based financially motivated ransomware group that has launched attacks against organizations in more than 70 countries -- including its own.

• February 18, 2025 18 Feb'25

  Palo Alto Networks PAN-OS vulnerability exploited in the wild

  Palo Alto Networks says threat actors used a publicly available PoC exploit in attack attempts against firewall customers with PAN-OS management interfaces exposed to the internet.

• February 13, 2025 13 Feb'25

  Salt Typhoon compromises telecom providers' Cisco devices

  Salt Typhoon's latest campaign exploits older vulnerabilities in Cisco edge devices to gain access to the networks of several telecom companies, including two based in the U.S.

• February 12, 2025 12 Feb'25

  Fortinet discloses second authentication bypass vulnerability

  Fortinet disclosed CVE-2025-24472 in an updated advisory that confused some in the infosec community because it stated that 'reports show this is being exploited in the wild.'

• February 11, 2025 11 Feb'25

  Apple zero day used in 'extremely sophisticated attack'

  CVE-2025-24200 is a zero-day vulnerability that bypasses Apple's USB Restricted Mode in iPhones and iPads and was exploited in the wild against 'specific targeted individuals.'

• February 10, 2025 10 Feb'25

  Trimble Cityworks zero-day flaw under attack, patch now

  CVE-2025-0994 is a high-severity deserialization vulnerability that enables remote code execution in unpatched versions of Cityworks enterprise asset management software.

• February 07, 2025 07 Feb'25

  Ransomware hits healthcare, critical services in January

  Ransomware attacks against healthcare organizations in January reflect an increasing need for threat actors to adapt and get aggressive as defenders improve.

• February 06, 2025 06 Feb'25

  Unpatched.ai: Who runs the vulnerability discovery platform?

  There is limited information on the AI-powered vulnerability discovery platform that emerged in December after it reported Microsoft vulnerabilities

• February 05, 2025 05 Feb'25

  Zyxel won't patch end-of-life routers against zero-day attacks

  Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely.

• February 05, 2025 05 Feb'25

  Chainalysis records 35% decrease in ransom payments in 2024

  While the first half of 2024 was on pace to surpass 2023's record-setting numbers, Chainalysis found that the volume of ransom payments dropped in the second half of the year.

• February 04, 2025 04 Feb'25

  AMD, Google disclose Zen processor microcode vulnerability

  AMD said CVE-2024-56161, which first leaked last month, requires an attacker to have local administrator privileges as well as developed and executed malicious microcode.

• February 04, 2025 04 Feb'25

  WatchTowr warns abandoned S3 buckets pose supply chain risk

  WatchTowr researchers found that they could reregister abandoned Amazon S3 buckets and detail alarming ways that threat actors could exploit the attack surface.

• February 03, 2025 03 Feb'25

  NSFocus: DeepSeek AI hit with 'well planned' DDoS attacks

  Cybersecurity vendor NSFocus said AI startup DeepSeek endured multiple waves of DDoS attacks from attackers since its reasoning model was released Jan. 20.

• January 30, 2025 30 Jan'25

  Risk & Repeat: DeepSeek security issues emerge

  The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup.

• January 30, 2025 30 Jan'25

  Wiz reveals DeepSeek database exposed API keys, chat history

  Wiz expressed concern about security shortcomings with AI tools and services amid the rapid adoption and rising popularity of offerings like DeepSeek-R1.

• January 30, 2025 30 Jan'25

  German police disrupt Cracked, Nulled cybercrime forums

  Cracked and Nulled had a combined community of approximately 10 million users who used the sites to discuss cybercrime and sell malware and hacking tools.

• January 29, 2025 29 Jan'25

  Google details adversarial AI activity on Gemini

  Google identified APTs from more than 20 nations misusing its Gemini AI chatbot but noted that threat actors were unsuccessful in finding novel techniques or vulnerabilities.

• January 28, 2025 28 Jan'25

  DeepSeek claims 'malicious attacks' disrupting AI service

  DeepSeek, which gained popularity recently for its AI platform, did not specify the cause of 'large-scale malicious attacks,' which continue to disrupt new account registrations.

• January 28, 2025 28 Jan'25

  Apple zero-day vulnerability under attack on iOS devices

  Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its CoreMedia framework and 'may have been actively exploited against versions of iOS before iOS 17.2.'

• January 27, 2025 27 Jan'25

  Former CSRB members largely silent on dismissal

  The Cyber Safety Review Board was investigating recent attacks by Chinese state-sponsored threat actor Salt Typhoon when DHS terminated all advisory board memberships.

• January 24, 2025 24 Jan'25

  DOJ indicts 5 individuals in North Korea IT worker scam

  An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains.

• January 24, 2025 24 Jan'25

  AMD processor vulnerability inadvertently leaked early

  The flaw was revealed when hardware manufacturer Asus published a patch for an 'AMD Microcode Signature Verification Vulnerability' to a gaming motherboard update page.

• January 23, 2025 23 Jan'25

  Zero-day vulnerability in SonicWall SMA series under attack

  SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation.

• January 23, 2025 23 Jan'25

  Eclypsium finds security issues in Palo Alto Networks NGFWs

  Eclypsium researchers stressed how essential supply chain security is as threat actors increasingly target and exploit vulnerabilities in firewalls, VPNs and other edge devices.

• January 22, 2025 22 Jan'25

  Cyber Safety Review Board axed in DHS cost-cutting move

  Benjamine C. Huffman, acting secretary of the Department of Homeland Security under Trump, terminates the memberships for all DHS advisory committees, including the CSRB.

• January 21, 2025 21 Jan'25

  Risk & Repeat: What is the future of CISA?

  South Dakota Gov. Kristi Noem, who is President Donald Trump's nominee for DHS secretary, said during a recent confirmation hearing that CISA should be 'smaller.'

• January 21, 2025 21 Jan'25

  Threat actors abusing Microsoft Teams in ransomware attacks

  Sophos researchers observed two separate threat campaigns in which attackers used Microsoft Teams to pose as IT support personnel and gain access to victims' systems.

• January 17, 2025 17 Jan'25

  Treasury Department sanctions company tied to Salt Typhoon

  The sanctions were in response to significant cyberattacks by Chinese nation-state threat groups against the U.S. government and critical infrastructure in recent months.

• January 16, 2025 16 Jan'25

  Tech industry experts digest cybersecurity executive order

  IT pros assess a last-minute cybersecurity executive order with new directives on a broad swath of topics, from cybercriminal sanctions to AI and identity management.

• January 16, 2025 16 Jan'25

  Threat actor publishes data of 15K hacked FortiGate firewalls

  Although the threat actor published the alleged stolen Fortinet FortiGate firewall data this week, the data is apparently tied to older zero-day exploitation from 2022.

• January 16, 2025 16 Jan'25

  The mystery of the $75M ransom payment to Dark Angels

  The Dark Angels gang stole 100 TB of data from a Fortune 50 company last year for a record-setting ransom payment. But the victim organization still hasn't disclosed those details.

• January 16, 2025 16 Jan'25

  ESET details UEFI Secure Boot bypass vulnerability

  ESET researchers last year discovered an unsigned binary in a third-party UEFI application that could have been abused to bypass the Secure Boot process.

• January 15, 2025 15 Jan'25

  FBI removes Chinese PlugX malware from 4,258 U.S. computers

  The FBI did not inform individuals that it deleted PlugX malware from users' computers beforehand, citing the possibility of Chinese state-sponsored hackers making adjustments.

• January 14, 2025 14 Jan'25

  Attackers exploiting critical Fortinet zero-day vulnerability

  Fortinet disclosed another zero-day vulnerability in its FortiOS and FortiProxy products days after Arctic Wolf detailed a threat campaign targeting the vendor's devices.

• January 14, 2025 14 Jan'25

  CISA: BeyondTrust flaw CVE-2024-12686 exploited in the wild

  BeyondTrust discovered the flaw last month while investigating breaches of a 'limited number' of SaaS customers at the hands of Chinese state-sponsored threat actors.

• January 14, 2025 14 Jan'25

  Ivanti zero-day patching increases amid ongoing attacks

  Recent scans conducted by the Shadowserver Foundation show many organizations have patched Ivanti instances vulnerable to CVE-2025-0282 over the last week.

• January 09, 2025 09 Jan'25

  Experts optimistic on FCC's Cyber Trust Mark for IoT devices

  The launch of the FCC's U.S. Cyber Trust Mark label for IoT devices will include internet-connected home security cameras, smart home appliances, baby monitors and more.

• January 09, 2025 09 Jan'25

  Mandiant links Ivanti zero-day exploitation to Chinese hackers

  Mandiant warned users to be prepared for widespread exploitation of CVE-2025-0282 as Ivanti products have become a popular target for attackers in recent years.

• January 09, 2025 09 Jan'25

  December ransomware attacks slam healthcare, public services

  In December, one victim organization paid a $1.5 million ransom to restore services, while another continued to experience disruptions for more than one month following an attack.