darkreading

A threat actor hacked a version of SonicWall's NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the product.

The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure.

America's largest steel producer initially disclosed the breach in May and took potentially affected systems offline to investigation the intrusion and contain any malicious activity.

Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.

The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications companies in February via a Cisco flaw, as part of global attack wave.

Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device photo galleries.

An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content.

IBM is integrating its governance and AI security tools to address the risks associated with the AI adoption boom.

Citrix is recommending its customers upgrade their appliances to mitigate potential exploitation of the vulnerabilities.

After President's Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an uptick in Iranian hacktivists and state-sponsored actors targeting US systems.

The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.

In a market where security budgets flatten while threats accelerate, improving analyst throughput is fiscal stewardship.

At this week's re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact on customers.

As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.

Securing the no-code supply chain isn't just about mitigating risks — it's about enabling the business to innovate with confidence.

Instead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster while reducing risk.

In a new wrinkle on the tech support scam front, these search parameter injection attacks dupe victims into believing they are receiving technical help when they are actually speaking to fraudsters.

An unnamed customer of Paragon's Graphite product used the commercial spyware to target at least two prominent European journalists in recent months.