Security Bulletin

Dark Reading Confidential Episode 12: Experts help cyber job seekers get noticed, make an argument for a need to return to the hacker ethos of a bygone era, and have a stark conversation about keeping AI from breaking the sector's talent pipeline for...

A unique take on the software update gambit has allowed "PlushDaemon" to evade attention as it mostly targets Chinese organizations.

Editors from Dark Reading, Cybersecurity Dive, and TechTarget Search Security break down the depressing state of cybersecurity awareness campaigns and how organizations can overcome basic struggles with password hygiene and phishing attacks.

Have you ever given two seconds of thought to a browser notification? No? That's what hackers bent on phishing are counting on.

The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.

A second zero-day vulnerability in its web application firewall (WAF) line has come under attack, raising more questions about the vendor's disclosure practices.

When international corporations have to balance competing cyber laws from different countries, the result is fragmented, potentially vulnerable systems.

Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent's goals and how agent interaction can be altered to compromise whole networks.

Initially though to be a DDoS attack, the incident was actually due to a routine change in permissions that caused widespread software failure.

It only takes recycled cans, copper, and cheap gadgets off the Web to trick a train conductor into doing something dangerous.

The collaborative effort combines multiple federal departments, along with private companies to reduce, if not eliminate, billions lost annually to fraud.

IoT devices can be compromised, thanks to gaps in cloud management interfaces for firewalls and routers, even if they're protected by security software or not online.