darkreading

A little more than three-quarters of these exposed devices are located in Europe, followed by Asia, with 17%.

A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform.

A group that Google is tracking as UNC6040 has been tricking users at many organizations into installing a malicious version of a Salesforce app to gain access and steal data from the platform.

By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only their digital assets but also the well-being of those who defend them.

An international group of researchers found that simply rerecording deepfake audio with natural acoustics in the background allows it to bypass detection models at a higher-than-expected rate.

Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach.

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.

The data-stealing malware initially targeted users in Turkey but has since evolved into a global threat.

But that didn't stop the clothing retailer from issuing preliminary results for the first quarter of 2025.

Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the respective companies.

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed.

Edge computing and stricter regulations could usher in a new era of AI privacy.

This information-sharing hub provided essential information to the emergency services sector on physical and cyber threats. Some say the timing is concerning.

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.

The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential civil penalties.