Security News

darkreading Feb 26, 2026 at 22:02

Marquis v. SonicWall Lawsuit Ups the Breach Blame Game

When a company gets breached through a third-party security vendor, who should bear responsibility? For one FinTech company, the answer is the firewall provider.

Read Article

darkreading Feb 26, 2026 at 21:45

Cisco SD-WAN Zero-Day Under Exploitation for 3 Years

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.

Related CVEs: CVE-2026-20127

Read Article

darkreading Feb 26, 2026 at 00:00

Chinese Police Use ChatGPT to Smear Japan PM Takaichi

A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account.

Read Article

darkreading Feb 25, 2026 at 22:02

Flaws in Claude Code Put Developers' Machines at Risk

The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains.

Read Article

darkreading Feb 25, 2026 at 21:14

RAMP Forum Seizure Fractures Ransomware Ecosystem

Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves.

Read Article

darkreading Feb 25, 2026 at 19:15

PCI Council Says Threats to Payments Systems Are Speeding Up

The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay ahead of attackers.

Read Article

darkreading Feb 25, 2026 at 16:42

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.

Read Article

darkreading Feb 25, 2026 at 14:00

Why 'Call This Number' TOAD Emails Beat Gateways

Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.

Read Article

darkreading Feb 25, 2026 at 12:00

'Richter Scale' Model Measures Magnitude of OT Cyber Incidents

ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.

Read Article

darkreading Feb 25, 2026 at 08:00

Operation Red Card 2.0 Leads to 651 Arrests in Africa

In the latest operation targeting cybercrime groups, African law enforcement agencies cooperated with Interpol and cybersecurity firms to recover more than USD 4.3 million.

Read Article

darkreading Feb 24, 2026 at 21:38

Attackers Now Need Just 29 Minutes to Own a Network

Credential misuse, AI tools, and security blind spots help attackers move through breached networks faster than ever, CrowdStrike finds.

Read Article

darkreading Feb 24, 2026 at 21:18

Lazarus Group Picks a New Poison: Medusa Ransomware

The North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks.

Read Article

darkreading Feb 24, 2026 at 13:04

As Cybersecurity Firms Chase AI, VC Market Skyrockets

Investments in cybersecurity startups took off in 2025, as venture capital firms focused not just on AI-native tech, but talent as well.

Read Article

darkreading Feb 23, 2026 at 22:20

Spitting Cash: ATM Jackpotting Attacks Surged in 2025

The attacks cost banks more than $20 million in losses last year, as criminals used many of the same tools and tactics they have wielded for more than a decade.

Read Article

darkreading Feb 23, 2026 at 22:18

More Than Dashboards: AI Decisions Must Be Provable

AI systems have to be able to show a record of what happened and how.

Read Article

darkreading Feb 23, 2026 at 20:35

Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount

The long-active Iranian threat group debuted various attack strains and payloads in attacks against organizations in the Middle East and Africa.

Read Article

darkreading Feb 23, 2026 at 20:11

Enigma Cipher Device Still Holds Secrets for Cyber Pros

The Nazi relic's history is riddled with resilience errors, and those lessons still apply to defending against modern cyber threats.

Read Article

darkreading Feb 23, 2026 at 19:37

600+ FortiGate Devices Hacked by AI-Armed Amateur

A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks.

Read Article

darkreading Feb 20, 2026 at 21:07

Attackers Use New Tool to Scan for React2Shell Exposure

Researchers say threat actors wielded the sophisticated — and unfortunately named — toolkit to target high-value networks for React2Shell exploitation.

Read Article

darkreading Feb 20, 2026 at 18:31

'God-Like' Attack Machines: AI Agents Ignore Security Policies

Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned tasks, even breaking through their carefully designed guardrails.

Read Article