Security News

darkreading Feb 02, 2026 at 21:57

County Pays $600K to Wrongfully Jailed Pen Testers

Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.

Read Article

darkreading Feb 02, 2026 at 19:57

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious downloads.

Read Article

darkreading Feb 02, 2026 at 16:07

ShinyHunters Expands Scope of SaaS Extortion Attacks

Following its attacks on Salesforce instances last year, members of the cybercrime group have broadened their targeting and gotten more aggressive with extortion tactics.

Read Article

darkreading Jan 30, 2026 at 22:14

Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation

Investors poured $140 million into Torq's Series D Round, bringing the startup's valuation to $1.2 billion, to bring AI-based "hyper automation" to SOCs.

Read Article

darkreading Jan 30, 2026 at 21:16

2026: The Year Agentic AI Becomes the Attack-Surface Poster Child

Dark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a trending reality for 2026.

Read Article

darkreading Jan 30, 2026 at 21:14

Out-of-the-Box Expectations for 2026 Reveal a Grab-Bag of Risk

Security teams need to be thinking about this list of emerging cybersecurity realities, to avoid rolling the dice on enterprise security risks (and opportunities).

Read Article

darkreading Jan 30, 2026 at 20:23

Tenable Tackles AI Governance, Shadow AI Risks, Data Exposure

The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools.

Read Article

darkreading Jan 30, 2026 at 16:40

OpenClaw AI Runs Wild in Business Environments

The popular open source AI assistant (aka ClawdBot, MoltBot) has taken off, raising security concerns over its privileged, autonomous control within users' computers.

Read Article

darkreading Jan 30, 2026 at 02:00

Chinese APTs Hacking Asian Orgs With High-End Malware

Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region.

Read Article

darkreading Jan 29, 2026 at 22:25

Trump Administration Rescinds Biden-Era SBOM Guidance

Federal agencies will no longer be required to solicit software bills of material (SBOMs) from tech vendors, nor attestations that they comply with NIST's Secure Software Development Framework (SSDF). What that means long term is unclear.

Read Article

darkreading Jan 29, 2026 at 21:53

More Critical Flaws on n8n Could Compromise Customer Security

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal credentials.

Read Article

darkreading Jan 29, 2026 at 16:09

'Semantic Chaining' Jailbreak Dupes Gemini Nano Banana, Grok 4

If an attacker splits a malicious prompt into discrete chunks, some large language models (LLMs) will get lost in the details and miss the true intent.

Read Article

darkreading Jan 29, 2026 at 15:32

From Quantum to AI Risks: Preparing for Cybersecurity's Future

As 2026 begins, these journalists urge the cybersecurity industry to prioritize patching vulnerabilities, preparing for quantum threats, and refining AI applications, in the latest edition of Reporters' Notebook.

Read Article

darkreading Jan 28, 2026 at 22:51

How Can CISOs Respond to Ransomware Getting More Violent?

Ransomware defense requires focusing on business resilience. This means patching issues promptly, improving user education, and deploying multi-factor authentication.

Read Article

darkreading Jan 28, 2026 at 22:48

Months After Patch, WinRAR Bug Poised to Hit SMBs Hardest

Russian and Chinese nation-state attackers are exploiting a months-old WinRAR vulnerability, despite a patch that came out last July.

Read Article

darkreading Jan 28, 2026 at 21:14

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices.

Read Article

darkreading Jan 28, 2026 at 20:24

Consumers Reluctant to Shop at Stores That Don't Take Security Seriously

The retail sector must adapt as consumers become more cybersecurity-conscious. Increased attack transparency is a good place to start.

Read Article

darkreading Jan 28, 2026 at 16:19

China-Backed 'PeckBirdy' Takes Flight for Cross-Platform Attacks

In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government entities with new backdoors.

Read Article

darkreading Jan 28, 2026 at 14:00

Surging Cyberattacks Boost Latin America to Riskiest Region

The region is up against tactics like data-leak extortion, credential-stealing campaigns, edge-device exploitation, and attackers leveraging AI.

Read Article

darkreading Jan 27, 2026 at 22:31

AI & the Death of Accuracy: What It Means for Zero-Trust

AI "model collapse," where LLMs over time train on more and more AI-generated data and become degraded as a result, can introduce inaccuracies, promulgate malicious activity, and impact PII protections.

Read Article