Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.

Since its launch in 2023, DragonForce has pushed a cartel model, emphasizing cooperation and coordination among ransomware ...

A third of the "flipped" CVEs affect edge devices, leading one researcher to conclude, "Ransomware operators are building ...

By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," ...

Dark Reading has something new hitting newsstands: a content section purpose-built for LatAm readers, featuring news, analysis, features, and multimedia.

Hacktivist group claims a 2.3-terabyte data breach exposes information of 36 million Mexicans, but no sensitive accounts are ...

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.

The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims ...

The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.

APT28's attacks use specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.

Crowdsourced bug bounties and pen-testing firms see AI agents stealing low-hanging vulns from their human counterparts, but oversight remains key.

A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to ...